Malware

GodFather Malware Expands Its Reach, Targeting 500 Banking And Crypto Applications Worldwide

Malware /

GodFather Malware Expands Its Reach, Targeting 500 Banking And Crypto Applications Worldwide 2024-11-06 at 15:05 By daksh sharma Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) recently identified a phishing site, “mygov-au[.]app,” masquerading as the official MyGov website of the Australian Government. Upon further analysis, this site was found to be distributing a suspicious […]

React to this headline:

Loading spinner

GodFather Malware Expands Its Reach, Targeting 500 Banking And Crypto Applications Worldwide Read More »

Sophos mounted counter-offensive operation to foil Chinese attackers

cyber espionage, cybercrime, Malware, News, report, Sophos, survey /

Sophos mounted counter-offensive operation to foil Chinese attackers 2024-10-31 at 16:04 By Help Net Security Sophos conducted defensive and counter-offensive operation over the last five years with multiple interlinked nation-state adversaries based in China targeting perimeter devices, including Sophos Firewalls. Espionage campaigns tied to Chinese hacking groups The attackers used a series of campaigns with

React to this headline:

Loading spinner

Sophos mounted counter-offensive operation to foil Chinese attackers Read More »

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV

infostealer, Malware /

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV 2024-10-30 at 15:05 By rohansinhacyblecom Key Takeaways Executive Summary Strela Stealer, first identified by DCSO in late 2022, is a type of information-stealing malware primarily designed to exfiltrate email account credentials from widely used email clients, including Microsoft Outlook and Mozilla Thunderbird. This malware

React to this headline:

Loading spinner

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV Read More »

US charges suspected Redline infostealer developer, admin

Don't miss, ESET, Eurojust, Hot stuff, Justice Department, law enforcement, Malware, News /

US charges suspected Redline infostealer developer, admin 2024-10-29 at 18:22 By Zeljka Zorz The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure takedown As promised on Monday when they announced the disruption of the Redline and Meta infostealer operations, law enforcement Operation Magnus

React to this headline:

Loading spinner

US charges suspected Redline infostealer developer, admin Read More »

Police hacks, disrupts Redline, Meta infostealer operations

Don't miss, Hot stuff, law enforcement, Malware, News /

Police hacks, disrupts Redline, Meta infostealer operations 2024-10-28 at 16:25 By Zeljka Zorz The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware. Screenshot of the Redline License Server panel

React to this headline:

Loading spinner

Police hacks, disrupts Redline, Meta infostealer operations Read More »

Adversarial groups adapt to exploit systems in new ways

cybersecurity, Don't miss, Elastic, Hot stuff, Malware, Video /

Adversarial groups adapt to exploit systems in new ways 2024-10-28 at 06:36 By Help Net Security In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike

React to this headline:

Loading spinner

Adversarial groups adapt to exploit systems in new ways Read More »

HeptaX: Unauthorized RDP Connections for Cyberespionage Operations

Malware /

HeptaX: Unauthorized RDP Connections for Cyberespionage Operations 2024-10-25 at 18:08 By rohansinhacyblecom Key takeaways Overview CRIL has come across a multi-stage cyberattack campaign that begins with a ZIP file containing a malicious shortcut file (.lnk). While the source of this ZIP file remains unknown, it is suspected to be disseminated through phishing emails. Based on

React to this headline:

Loading spinner

HeptaX: Unauthorized RDP Connections for Cyberespionage Operations Read More »

Israeli orgs targeted with wiper malware via ESET-branded emails

ESET, Hot stuff, Israel, Malware, News, phishing /

Israeli orgs targeted with wiper malware via ESET-branded emails 2024-10-18 at 13:32 By Zeljka Zorz Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanced Threat Defense

React to this headline:

Loading spinner

Israeli orgs targeted with wiper malware via ESET-branded emails Read More »

Vietnamese Threat Actor’s Multi-Layered Strategy on Digital Marketing Professionals

cybercrime, Malware /

Vietnamese Threat Actor’s Multi-Layered Strategy on Digital Marketing Professionals 2024-10-18 at 12:48 By rohansinhacyblecom Key takeaways Overview Cyble Research and Intelligence Lab (CRIL) has uncovered an advanced attack campaign that likely originates from spam emails containing phishing attachments. These emails include an archive file with an LNK file disguised as a PDF file. The attack

React to this headline:

Loading spinner

Vietnamese Threat Actor’s Multi-Layered Strategy on Digital Marketing Professionals Read More »

Fake Google Meet pages deliver infostealers

Don't miss, Hot stuff, macOS, Malware, News, Proofpoint, Sekoia.io, social engineering, video conferencing, Windows /

Fake Google Meet pages deliver infostealers 2024-10-17 at 14:47 By Zeljka Zorz Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google Meet video conference page with malicious ClickFix pop-up (Source: Sekoia) “The ClickFix tactic deceives users into downloading

React to this headline:

Loading spinner

Fake Google Meet pages deliver infostealers Read More »

MisterioLNK: The Open-Source Builder Behind Malicious Loaders

Malware /

MisterioLNK: The Open-Source Builder Behind Malicious Loaders 2024-10-08 at 15:31 By rohansinhacyblecom Cyble Research and Intelligence Labs (CRIL) has uncovered a new, previously undetected loader builder known as “MisterioLNK.” This discovery follows our earlier analysis of Quantum Software, another LNK file-based builder that has been gaining traction in the cyber landscape. MisterioLNK, available on GitHub,

React to this headline:

Loading spinner

MisterioLNK: The Open-Source Builder Behind Malicious Loaders Read More »

Cyble Honeypot Sensors Detect D-Link, Cisco, QNAP and Linux Attacks

Cisco, Linux, Malware, vulnerability /

Cyble Honeypot Sensors Detect D-Link, Cisco, QNAP and Linux Attacks 2024-10-08 at 13:49 By dakshsharma16 Key Takeaways Overview Cyble’s Vulnerability Intelligence unit last week detected numerous exploit attempts, malware intrusions, phishing campaigns, and brute-force attacks via its network of Honeypot sensors. In the week of Sept. 25-Oct. 1, Cyble researchers identified several recent active exploits, including new attacks against a number of

React to this headline:

Loading spinner

Cyble Honeypot Sensors Detect D-Link, Cisco, QNAP and Linux Attacks Read More »

Linux systems targeted with stealthy “Perfctl” cryptomining malware

Aqua Security, cryptojacking, Don't miss, Hot stuff, Linux, Malware, misconfiguration, News, rootkits, vulnerability /

Linux systems targeted with stealthy “Perfctl” cryptomining malware 2024-10-07 at 15:46 By Zeljka Zorz Thousands of Linux systems are likely infected with the highly elusive and persistent “perfctl” (or “perfcc“) cryptomining malware and many others still could be at risk of getting compromised, Aqua Security researchers revealed last week. “In all the attacks observed, the

React to this headline:

Loading spinner

Linux systems targeted with stealthy “Perfctl” cryptomining malware Read More »

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors

Malware, Malware & Threats /

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors 2024-09-26 at 15:01 By Ionut Arghire A malicious campaign is targeting transportation and logistics organizations in North America with various malware families. The post US Transportation and Logistics Firms Targeted With Infostealers, Backdoors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors Read More »

AI-Generated Malware Found in the Wild

AI, Artificial Intelligence, Featured, Malware, Malware & Threats /

AI-Generated Malware Found in the Wild 2024-09-24 at 20:16 By Kevin Townsend HP has intercepted an email campaign comprising a standard malware payload delivered by an AI-generated dropper. The post AI-Generated Malware Found in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

AI-Generated Malware Found in the Wild Read More »

Transportation, logistics companies targeted with lures impersonating fleet management software

Don't miss, Hot stuff, Malware, News, Proofpoint, social engineering, supply chain, transportation, USA /

Transportation, logistics companies targeted with lures impersonating fleet management software 2024-09-24 at 17:46 By Zeljka Zorz Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever new trick. How the attack unfolds According to Proofpoint threat researchers, the attackers start by compromising

React to this headline:

Loading spinner

Transportation, logistics companies targeted with lures impersonating fleet management software Read More »

Cyble Sensor Intelligence: Attacks, Phishing Scams and Brute-Force Detections

Malware, phishing, vulnerability /

Cyble Sensor Intelligence: Attacks, Phishing Scams and Brute-Force Detections 2024-09-20 at 17:31 By dakshsharma16 Key Takeaways Overview The Cyble Global Sensor Intelligence Network, or CGSI, monitors and captures real-time attack data through Cyble’s network of Honeypot sensors. This week, Cyble’s Threat Hunting service discovered and investigated dozens of exploit attempts, malware intrusions, financial fraud, and brute-force attacks. 

React to this headline:

Loading spinner

Cyble Sensor Intelligence: Attacks, Phishing Scams and Brute-Force Detections Read More »

Windows users targeted with fake human verification pages delivering malware

CloudSEK, Don't miss, Hot stuff, Malware, News, Palo Alto Networks, Proofpoint, trojan, Windows /

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections

Malware /

Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections 2024-09-16 at 16:04 By Cyble Overview  The Cyble Global Sensor Intelligence Network, or CGSI, has been actively monitoring and capturing real-time attack data through various Honeypot sensors. Last week’s research reveals the top cyber threats of the week including multiple exploit

React to this headline:

Loading spinner

Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections Read More »

New ‘Hadooken’ Linux Malware Targets WebLogic Servers

Linux malware, Malware, Malware & Threats, WebLogic /

New ‘Hadooken’ Linux Malware Targets WebLogic Servers 2024-09-13 at 15:01 By Ionut Arghire The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families. The post New ‘Hadooken’ Linux Malware Targets WebLogic Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

New ‘Hadooken’ Linux Malware Targets WebLogic Servers Read More »

Scroll to Top