Malware

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams 2024-07-22 at 13:47 By Eduard Kovacs The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Loading spinner

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams Read More »

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver 2024-07-22 at 06:01 By Help Net Security ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET dubbed HotPage, comes self-contained in an executable file that installs its main driver and injects

React to this headline:

Loading spinner

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver Read More »

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation 2024-07-20 at 19:46 By dakshsharma16 On July 19th, 2024, CrowdStrike, a leading cybersecurity provider of advanced end-point security detection and protection solutions, released a sensor configuration update to Windows systems. This update contained a logic error that resulted in system crashes and Blue

React to this headline:

Loading spinner

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation Read More »

FIN7 sells improved EDR killer tool

FIN7 sells improved EDR killer tool 2024-07-18 at 15:46 By Zeljka Zorz The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, dubbed AvNeutralizer (i.e., AuKill) by researchers. By leveraging Windows’ built-in driver TTD Monitor Driver (ProcLaunchMon.sys), in conjunction

React to this headline:

Loading spinner

FIN7 sells improved EDR killer tool Read More »

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users 

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users  2024-07-17 at 18:46 By Neetha Key Takeaways  Summary  CRIL has discovered a multi-stage cyberattack campaign that starts with a Zip file containing a malicious shortcut file (.lnk). As of now, the source of this Zip file is unknown, but we suspect it to be

React to this headline:

Loading spinner

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users  Read More »

Investigating the New Jellyfish Loader 

Investigating the New Jellyfish Loader  2024-07-15 at 17:33 By Neetha Key Takeaways  Overview  CRIL researchers came across a ZIP file, initially uploaded from Poland. This file contains a Windows shortcut (.lnk). When executed, the .lnk file opens a clean PDF and subsequently downloads and executes a new .NET-based shellcode loader, JellyfishLoader.  The new Jellyfish Loader

React to this headline:

Loading spinner

Investigating the New Jellyfish Loader  Read More »

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations 2024-07-15 at 14:31 By Ionut Arghire Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations. The post Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations appeared

React to this headline:

Loading spinner

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations Read More »

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) 2024-07-15 at 14:20 By Zeljka Zorz The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. About CVE-2024-39929 The vulnerability stems from a bug in RFC 2231

React to this headline:

Loading spinner

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) Read More »

Infostealing malware masquerading as generative AI tools

Infostealing malware masquerading as generative AI tools 2024-07-05 at 08:01 By Help Net Security Over the past six months, there has been a notable surge in Android financial threats – malware targeting victims’ mobile banking funds, whether in the form of ‘traditional’ banking malware or, more recently, cryptostealers, according to ESET. Vidar infostealer targets Windows

React to this headline:

Loading spinner

Infostealing malware masquerading as generative AI tools Read More »

US offers $10 million for information on indicted WhisperGate malware suspect

US offers $10 million for information on indicted WhisperGate malware suspect 2024-06-27 at 10:36 By Help Net Security A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The

React to this headline:

Loading spinner

US offers $10 million for information on indicted WhisperGate malware suspect Read More »

New ransomware, infostealers pose growing risk in 2024

New ransomware, infostealers pose growing risk in 2024 2024-06-27 at 07:01 By Help Net Security BlackBerry detected and stopped 3.1 million cyberattacks (37,000 per day) in the first quarter of 2024. Between January and March 2024, BlackBerry detected 630,000 malicious hashes, representing a 40% increase from its previous reporting period. 60% of attacks targeting industry

React to this headline:

Loading spinner

New ransomware, infostealers pose growing risk in 2024 Read More »

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys 2024-06-26 at 15:46 By Zeljka Zorz A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s

React to this headline:

Loading spinner

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys Read More »

P2Pinfect Worm Now Dropping Ransomware on Redis Servers

P2Pinfect Worm Now Dropping Ransomware on Redis Servers 2024-06-26 at 15:16 By Ionut Arghire The P2Pinfect worm targeting Redis servers has been updated with ransomware and cryptocurrency mining payloads. The post P2Pinfect Worm Now Dropping Ransomware on Redis Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

P2Pinfect Worm Now Dropping Ransomware on Redis Servers Read More »

UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution 

UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution  2024-06-25 at 13:46 By Neetha Key Takeaways  Overview  CRIL recently observed a malware campaign targeting Ukraine using the Remote Access Trojan (RAT) known as XWorm. Upon investigation, it was found that this campaign is associated with the Threat Actor (TA) group UAC-0184. Previously, UAC-0184 has targeted

React to this headline:

Loading spinner

UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution  Read More »

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country 2024-06-20 at 19:01 By Ionut Arghire A years-long espionage campaign has targeted telecoms companies in Asia with tools associated with Chinese groups. The post Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country Read More »

Highly Evasive SquidLoader Malware Targets China

Highly Evasive SquidLoader Malware Targets China 2024-06-20 at 15:31 By Ionut Arghire A threat actor targeting Chinese-speaking victims has been using the SquidLoader malware loader in recent attacks. The post Highly Evasive SquidLoader Malware Targets China appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Highly Evasive SquidLoader Malware Targets China Read More »

Clever macOS malware delivery campaign targets cryptocurrency users

Clever macOS malware delivery campaign targets cryptocurrency users 2024-06-19 at 14:16 By Zeljka Zorz Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorder Future’s researchers are warning. The threat actor behind this complex scheme is going after both Windows and Mac users, and leverages social media and messaging

React to this headline:

Loading spinner

Clever macOS malware delivery campaign targets cryptocurrency users Read More »

New BadSpace Backdoor Deployed in Drive-By Attacks

New BadSpace Backdoor Deployed in Drive-By Attacks 2024-06-18 at 19:45 By Ionut Arghire The BadSpace backdoor is being distributed via drive-by attacks involving infected websites and JavaScript downloaders. The post New BadSpace Backdoor Deployed in Drive-By Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

New BadSpace Backdoor Deployed in Drive-By Attacks Read More »

Scroll to Top