Malware

Best practices for implementing a proper backup strategy

Best practices for implementing a proper backup strategy 08/09/2023 at 07:01 By Help Net Security Implementing a robust backup strategy for safeguarding crucial business data is more essential than ever. Without such a plan, organizations risk paying ransoms and incurring expenses related to investigations and lost productivity. In this Help Net Security video, David Boland, […]

Best practices for implementing a proper backup strategy Read More »

MacOS malware has a new trick up its sleeve

MacOS malware has a new trick up its sleeve 07/09/2023 at 15:02 By Helga Labus A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system’s Gatekeeper, Malwarebytes researchers have discovered. Mac malware delivered through Google ads The malware, which was first advertised in April

MacOS malware has a new trick up its sleeve Read More »

Old vulnerabilities are still a big problem

Old vulnerabilities are still a big problem 06/09/2023 at 17:01 By Zeljka Zorz A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote code execution. “Despite fixes for CVE-2017-11882/CVE-2018-0802 being released by Microsoft in November, 2017 and January, 2018,

Old vulnerabilities are still a big problem Read More »

Connected cars and cybercrime: A primer

Connected cars and cybercrime: A primer 05/09/2023 at 08:02 By Help Net Security Original equipment suppliers (OEMs) and their suppliers who are weighing how to invest their budgets might be inclined to slow pedal investment in addressing cyberthreats. To date, the attacks that they have encountered have remained relatively unsophisticated and not especially harmful. Analysis

Connected cars and cybercrime: A primer Read More »

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer 01/09/2023 at 14:04 By Ionut Arghire Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub. The post Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer appeared first on SecurityWeek. This article is an excerpt from

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer Read More »

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices 31/08/2023 at 15:46 By Eduard Kovacs Five Eyes report details ‘Infamous Chisel’ malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices.  The post Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices appeared first on SecurityWeek. This article

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices Read More »

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store 31/08/2023 at 12:18 By Help Net Security ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store Read More »

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner 30/08/2023 at 14:17 By Eduard Kovacs The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. The post DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner appeared first on SecurityWeek. This article is an

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner Read More »

Qakbot botnet disrupted, malware removed from 700,000+ victim computers

Qakbot botnet disrupted, malware removed from 700,000+ victim computers 29/08/2023 at 21:19 By Zeljka Zorz The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet,

Qakbot botnet disrupted, malware removed from 700,000+ victim computers Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

WinRAR patches zero-day bug that targeted stock and crypto traders

WinRAR patches zero-day bug that targeted stock and crypto traders 25/08/2023 at 08:04 By Cointelegraph By Martin Young According to cybersecurity firm Group-IB, weaponized ZIP file archives were being shared on crypto trading forums, with each one containing a nasty surprise. This article is an excerpt from Cointelegraph.com News View Original Source

WinRAR patches zero-day bug that targeted stock and crypto traders Read More »

Ransomware dwell time hits new low

Ransomware dwell time hits new low 25/08/2023 at 06:34 By Help Net Security Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks during the first half of 2023, according to Sophos. In 2022, the median

Ransomware dwell time hits new low Read More »

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device 24/08/2023 at 18:31 By Eduard Kovacs Mysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. The post Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device appeared first on SecurityWeek. This article is

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device Read More »

Bogus OfficeNote app delivers XLoader macOS malware

Bogus OfficeNote app delivers XLoader macOS malware 23/08/2023 at 14:33 By Helga Labus A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers

Bogus OfficeNote app delivers XLoader macOS malware Read More »

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer 21/08/2023 at 17:18 By Ionut Arghire Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. The post Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer appeared first on SecurityWeek. This article is an excerpt from

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Read More »

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Thousands of Systems Turned Into Proxy Exit Nodes via Malware 17/08/2023 at 16:18 By Ionut Arghire Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. The post Thousands of Systems Turned Into Proxy Exit Nodes via Malware appeared first on SecurityWeek. This article is an

Thousands of Systems Turned Into Proxy Exit Nodes via Malware Read More »

Macs are getting compromised to act as proxy exit nodes

Macs are getting compromised to act as proxy exit nodes 14/08/2023 at 14:01 By Zeljka Zorz AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the owners – enlisted their systems into a residential proxy botnet. According to

Macs are getting compromised to act as proxy exit nodes Read More »

APTs use of lesser-known TTPs are no less of a headache

APTs use of lesser-known TTPs are no less of a headache 14/08/2023 at 08:32 By Help Net Security APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against small- and medium-sized businesses has increased significantly. Everyone is fair game, and

APTs use of lesser-known TTPs are no less of a headache Read More »

Scroll to Top