Malware

Windows users targeted with fake human verification pages delivering malware

CloudSEK, Don't miss, Hot stuff, Malware, News, Palo Alto Networks, Proofpoint, trojan, Windows /

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification […]

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections

Malware /

Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections 2024-09-16 at 16:04 By Cyble Overview  The Cyble Global Sensor Intelligence Network, or CGSI, has been actively monitoring and capturing real-time attack data through various Honeypot sensors. Last week’s research reveals the top cyber threats of the week including multiple exploit

React to this headline:

Loading spinner

Top Cyber Threats of the Week: Brute Force Attacks, CVE Attempts and Malware Infections Read More »

New ‘Hadooken’ Linux Malware Targets WebLogic Servers

Linux malware, Malware, Malware & Threats, WebLogic /

New ‘Hadooken’ Linux Malware Targets WebLogic Servers 2024-09-13 at 15:01 By Ionut Arghire The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families. The post New ‘Hadooken’ Linux Malware Targets WebLogic Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

New ‘Hadooken’ Linux Malware Targets WebLogic Servers Read More »

1.3 Million Android TV Boxes Infected by Vo1d Malware

Android, Android trojan, IoT Security, Malware, TV /

1.3 Million Android TV Boxes Infected by Vo1d Malware 2024-09-13 at 13:17 By Ionut Arghire Doctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions. The post 1.3 Million Android TV Boxes Infected by Vo1d Malware appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

1.3 Million Android TV Boxes Infected by Vo1d Malware Read More »

Iranian Hackers Targeting Iraqi Government: Security Firm

cyberespionage, Featured, Iran, Iraq, Malware, Malware & Threats /

Iranian Hackers Targeting Iraqi Government: Security Firm 2024-09-12 at 13:46 By Eduard Kovacs Hackers believed to be operating on behalf of the Iranian government have deployed malware to Iraqi government networks.  The post Iranian Hackers Targeting Iraqi Government: Security Firm appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Iranian Hackers Targeting Iraqi Government: Security Firm Read More »

Reputation Hijacking with JamPlus: A Maneuver to Bypass Smart App Control (SAC)

Malware /

Reputation Hijacking with JamPlus: A Maneuver to Bypass Smart App Control (SAC) 2024-09-09 at 16:02 By rohansinhacyblecom Key takeaways Overview CapCut, a video editing tool developed by Bytedance, has become increasingly popular. This popularity has extended to CapCut-themed attacks, which are on the rise among TAs. These themes have been frequently used in phishing campaigns.

React to this headline:

Loading spinner

Reputation Hijacking with JamPlus: A Maneuver to Bypass Smart App Control (SAC) Read More »

ManticoraLoader: New Loader Announced from the Developers of AresLoader

Malware /

ManticoraLoader: New Loader Announced from the Developers of AresLoader 2024-08-30 at 15:01 By rohansinhacyblecom Cyble Research & Intelligence Labs (CRIL) has discovered the announcement of a new malware-as-a-service named ‘ManticoraLoader’ in the underground. The threat actors behind the group DeadXInject have been offering the service in underground forums and on their Telegram channel since August

React to this headline:

Loading spinner

ManticoraLoader: New Loader Announced from the Developers of AresLoader Read More »

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites

APT, Don't miss, exploit, Government, government-backed attacks, Hot stuff, Malware, News, Russian Federation /

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites 2024-08-29 at 16:16 By Zeljka Zorz Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and July 2024, threat actors have repeatedly

React to this headline:

Loading spinner

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites Read More »

Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE

Iran, Malware, Malware & Threats, Microsoft, Tickler /

Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE 2024-08-29 at 13:01 By Eduard Kovacs The Iran-linked state-sponsored hacker group tracked as Peach Sandstorm has started using a new backdoor in attacks aimed at the US and UAE. The post Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE

React to this headline:

Loading spinner

Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE Read More »

Malware Delivered via Malicious Pidgin Plugin, Signal Fork

Malware, Malware & Threats /

Malware Delivered via Malicious Pidgin Plugin, Signal Fork 2024-08-28 at 16:01 By Eduard Kovacs Threat actors delivered malware via instant messaging applications, including a malicious Pidgin plugin and an unofficial Signal fork. The post Malware Delivered via Malicious Pidgin Plugin, Signal Fork appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Malware Delivered via Malicious Pidgin Plugin, Signal Fork Read More »

US Offering $2.5 Million Reward for Belarusian Malware Distributor

Belarus, cybercrime, Malware, reward, Tracking & Law Enforcement /

US Offering $2.5 Million Reward for Belarusian Malware Distributor 2024-08-28 at 14:01 By Ionut Arghire The US government is offering a $2.5 million reward for information leading to the arrest of malware distributor Volodymyr Kadariya. The post US Offering $2.5 Million Reward for Belarusian Malware Distributor appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

US Offering $2.5 Million Reward for Belarusian Malware Distributor Read More »

BlackByte affiliates use new encryptor and new TTPs

Cisco, cybercrime, Don't miss, Hot stuff, Malware, manufacturing sector, News, Ransomware, threats, transportation /

BlackByte affiliates use new encryptor and new TTPs 2024-08-28 at 13:16 By Zeljka Zorz BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent BlackByte attacks. Most notably, encrypted files across all victims were rewritten with

React to this headline:

Loading spinner

BlackByte affiliates use new encryptor and new TTPs Read More »

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)

0-day, APT, Don't miss, Hot stuff, ISP, Lumen, Malware, misconfiguration, MSP, News, USA, Versa Networks, web shell /

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) 2024-08-27 at 19:01 By Zeljka Zorz Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentials enabling the attackers to access the providers’ downstream

React to this headline:

Loading spinner

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) Read More »

Android malware uses NFC to steal money at ATMs

Android, Banks, cybercrime, Don't miss, EU, Europe, Hot stuff, Malware, News, scams /

Android malware uses NFC to steal money at ATMs 2024-08-22 at 12:01 By Help Net Security ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted Android phone. Attack overview (Source: ESET) Unauthorized ATM withdrawals The campaign’s primary goal

React to this headline:

Loading spinner

Android malware uses NFC to steal money at ATMs Read More »

PostgreSQL databases under attack

Aqua Security, brute-force, Cloud, cryptojacking, Don't miss, Hot stuff, Linux, Malware, News, PostgreSQL, tips /

PostgreSQL databases under attack 2024-08-21 at 16:16 By Zeljka Zorz Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access credentials. Once access is achieved, the threat actor: Creates a new

React to this headline:

Loading spinner

PostgreSQL databases under attack Read More »

Chrome, Edge users beset by malicious extensions that can’t be easily removed

add-ons, adware, Chrome, cybercrime, Don't miss, extension, Hot stuff, Malware, Microsoft Edge, News, Reason Labs /

Chrome, Edge users beset by malicious extensions that can’t be easily removed 2024-08-12 at 16:31 By Zeljka Zorz A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches

React to this headline:

Loading spinner

Chrome, Edge users beset by malicious extensions that can’t be easily removed Read More »

Unmasking the Overlap Between Golddigger and Gigabud Android Malware

Android, Malware /

Unmasking the Overlap Between Golddigger and Gigabud Android Malware 2024-08-08 at 19:31 By Cyble Key Takeaways Overview  In January 2023, Cyble Intelligence and Research Labs (CRIL) discovered a Gigabud campaign that was impersonating government entities to target users in Thailand, the Philippines, and Peru. By June 2023, the Golddigger Android Banking Trojan emerged, targeting users

React to this headline:

Loading spinner

Unmasking the Overlap Between Golddigger and Gigabud Android Malware Read More »

Chinese hackers compromised an ISP to deliver malicious software updates

APT, cyber espionage, DNS, Don't miss, ESET, Hot stuff, ISP, Malware, News, supply chain compromise, Symantec, Volexity /

Chinese hackers compromised an ISP to deliver malicious software updates 2024-08-05 at 13:46 By Zeljka Zorz APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat

React to this headline:

Loading spinner

Chinese hackers compromised an ISP to deliver malicious software updates Read More »

Cloudflare Tunnels Abused for Malware Delivery

Malware, Malware & Threats /

Cloudflare Tunnels Abused for Malware Delivery 2024-08-02 at 13:46 By Ionut Arghire Threat actors are abusing Cloudflare’s TryCloudflare feature to create one-time tunnels for the distribution of remote access trojans. The post Cloudflare Tunnels Abused for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Cloudflare Tunnels Abused for Malware Delivery Read More »

BingoMod Android RAT Wipes Devices After Stealing Money

Android trojan, Malware, Malware & Threats, Mobile & Wireless, mobile malware, RAT /

BingoMod Android RAT Wipes Devices After Stealing Money 2024-08-01 at 15:16 By Ionut Arghire The BingoMod Android trojan steals user information and communication and allows attackers to steal money via account takeover. The post BingoMod Android RAT Wipes Devices After Stealing Money appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

BingoMod Android RAT Wipes Devices After Stealing Money Read More »

Scroll to Top