Malware

Threat Actors Exploit Sora AI-themed Branding to Spread Malware

Malware, phishing /

Threat Actors Exploit Sora AI-themed Branding to Spread Malware 2024-07-31 at 20:01 By Cyble Key Takeaways  Overview  After exfiltrating data, TAs deploy open-source mining software like XMRig and lolMiner, indicating a dual objective of both data theft and cryptocurrency mining to monetize their activities further.  In February, OpenAI introduced Sora, an advanced AI model set […]

React to this headline:

Loading spinner

Threat Actors Exploit Sora AI-themed Branding to Spread Malware Read More »

SMS Stealer malware targeting Android users: Over 105,000 samples identified

Android, cybercrime, cybersecurity, Don't miss, Malware, News, scams, Zimperium /

SMS Stealer malware targeting Android users: Over 105,000 samples identified 2024-07-31 at 17:49 By Help Net Security Zimperium’s zLabs team has uncovered a new and widespread threat dubbed SMS Stealer. Detected during routine malware analysis, this malicious software has been found in over 105,000 samples, affecting more than 600 global brands. SMS Stealer’s extensive reach

React to this headline:

Loading spinner

SMS Stealer malware targeting Android users: Over 105,000 samples identified Read More »

Some good may come out of the CrowdStrike outage

Bitdefender, CrowdStrike, Don't miss, Endpoint Security, Fortinet, fraud, Hot stuff, Malware, Microsoft, News, SecureWorks, Trellix, UpGuard, Windows /

Some good may come out of the CrowdStrike outage 2024-07-29 at 19:31 By Zeljka Zorz Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. Some silver linings As CrowdStrike was forced to explain,

React to this headline:

Loading spinner

Some good may come out of the CrowdStrike outage Read More »

Network of 3,000 GitHub Accounts Used for Malware Distribution

GitHub, Malware, Malware & Threats, Stargazer Goblin /

Network of 3,000 GitHub Accounts Used for Malware Distribution 2024-07-25 at 14:16 By Ionut Arghire Stargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories. The post Network of 3,000 GitHub Accounts Used for Malware Distribution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Network of 3,000 GitHub Accounts Used for Malware Distribution Read More »

Network of ghost GitHub accounts successfully distributes malware

automa, Check Point, Don't miss, GitHub, Hot stuff, Malware, News, phishing /

Network of ghost GitHub accounts successfully distributes malware 2024-07-24 at 17:31 By Zeljka Zorz Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and operated by a threat group the researchers dubbed as Stargazer Goblin, the “Stargazers Ghost Network” is estimated encompass

React to this headline:

Loading spinner

Network of ghost GitHub accounts successfully distributes malware Read More »

Telegram Zero-Day Enabled Malware Delivery

Malware, Malware & Threats, Telegram, Zero-Day /

Telegram Zero-Day Enabled Malware Delivery 2024-07-23 at 15:16 By Ionut Arghire The EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. The post Telegram Zero-Day Enabled Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Telegram Zero-Day Enabled Malware Delivery Read More »

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

CrowdStrike, Malware, Malware & Threats, phishing, scam /

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams 2024-07-22 at 13:47 By Eduard Kovacs The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams Read More »

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

browser, cybersecurity, drivers, ESET, Malware, News, report /

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver 2024-07-22 at 06:01 By Help Net Security ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET dubbed HotPage, comes self-contained in an executable file that installs its main driver and injects

React to this headline:

Loading spinner

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver Read More »

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation

CrowdStrike, Malware, Threat Actor, Windows /

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation 2024-07-20 at 19:46 By dakshsharma16 On July 19th, 2024, CrowdStrike, a leading cybersecurity provider of advanced end-point security detection and protection solutions, released a sensor configuration update to Windows systems. This update contained a logic error that resulted in system crashes and Blue

React to this headline:

Loading spinner

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation Read More »

FIN7 sells improved EDR killer tool

attack tools, backdoor, cybercrime, cybercriminals, Don't miss, Hot stuff, Malware, News, Ransomware, SentinelOne /

FIN7 sells improved EDR killer tool 2024-07-18 at 15:46 By Zeljka Zorz The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, dubbed AvNeutralizer (i.e., AuKill) by researchers. By leveraging Windows’ built-in driver TTD Monitor Driver (ProcLaunchMon.sys), in conjunction

React to this headline:

Loading spinner

FIN7 sells improved EDR killer tool Read More »

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users 

Malware /

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users  2024-07-17 at 18:46 By Neetha Key Takeaways  Summary  CRIL has discovered a multi-stage cyberattack campaign that starts with a Zip file containing a malicious shortcut file (.lnk). As of now, the source of this Zip file is unknown, but we suspect it to be

React to this headline:

Loading spinner

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users  Read More »

Investigating the New Jellyfish Loader 

All, Malware /

Investigating the New Jellyfish Loader  2024-07-15 at 17:33 By Neetha Key Takeaways  Overview  CRIL researchers came across a ZIP file, initially uploaded from Poland. This file contains a Windows shortcut (.lnk). When executed, the .lnk file opens a clean PDF and subsequently downloads and executes a new .NET-based shellcode loader, JellyfishLoader.  The new Jellyfish Loader

React to this headline:

Loading spinner

Investigating the New Jellyfish Loader  Read More »

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations

Malware, Malware & Threats, sentenced, Tracking & Law Enforcement, Zeus /

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations 2024-07-15 at 14:31 By Ionut Arghire Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations. The post Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations appeared

React to this headline:

Loading spinner

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations Read More »

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

Censys, CVE, Don't miss, email security, Exim, Hot stuff, Malware, News, vulnerability /

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) 2024-07-15 at 14:20 By Zeljka Zorz The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. About CVE-2024-39929 The vulnerability stems from a bug in RFC 2231

React to this headline:

Loading spinner

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) Read More »

Infostealing malware masquerading as generative AI tools

cybercrime, ESET, generative AI, Malware, News, report, survey /

Infostealing malware masquerading as generative AI tools 2024-07-05 at 08:01 By Help Net Security Over the past six months, there has been a notable surge in Android financial threats – malware targeting victims’ mobile banking funds, whether in the form of ‘traditional’ banking malware or, more recently, cryptostealers, according to ESET. Vidar infostealer targets Windows

React to this headline:

Loading spinner

Infostealing malware masquerading as generative AI tools Read More »

US offers $10 million for information on indicted WhisperGate malware suspect

Government, government-backed attacks, Justice Department, law enforcement, Malware, News, Russian Federation, Ukraine, USA /

US offers $10 million for information on indicted WhisperGate malware suspect 2024-06-27 at 10:36 By Help Net Security A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The

React to this headline:

Loading spinner

US offers $10 million for information on indicted WhisperGate malware suspect Read More »

New ransomware, infostealers pose growing risk in 2024

BlackBerry, cybercrime, cybersecurity, Malware, News, report, survey /

New ransomware, infostealers pose growing risk in 2024 2024-06-27 at 07:01 By Help Net Security BlackBerry detected and stopped 3.1 million cyberattacks (37,000 per day) in the first quarter of 2024. Between January and March 2024, BlackBerry detected 630,000 malicious hashes, representing a 40% increase from its previous reporting period. 60% of attacks targeting industry

React to this headline:

Loading spinner

New ransomware, infostealers pose growing risk in 2024 Read More »

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys

Don't miss, Hot stuff, Kroll, Malware, malware detection, News /

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys 2024-06-26 at 15:46 By Zeljka Zorz A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s

React to this headline:

Loading spinner

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys Read More »

P2Pinfect Worm Now Dropping Ransomware on Redis Servers

Malware, Malware & Threats, Redis /

P2Pinfect Worm Now Dropping Ransomware on Redis Servers 2024-06-26 at 15:16 By Ionut Arghire The P2Pinfect worm targeting Redis servers has been updated with ransomware and cryptocurrency mining payloads. The post P2Pinfect Worm Now Dropping Ransomware on Redis Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

P2Pinfect Worm Now Dropping Ransomware on Redis Servers Read More »

Scroll to Top