Malware

As-a-Service tools empower criminals with limited tech skills

As-a-Service tools empower criminals with limited tech skills 2024-02-08 at 06:01 By Help Net Security As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious tools in use by attackers, according to Darktrace. Cybercriminals exploit as-a-Service tools As-a-Service tools can provide attackers with everything […]

React to this headline:

Loading spinner

As-a-Service tools empower criminals with limited tech skills Read More »

Chinese hackers breached Dutch Ministry of Defense

Chinese hackers breached Dutch Ministry of Defense 2024-02-07 at 16:46 By Helga Labus Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. “The effects of the intrusion were limited because the victim network was segmented from the

React to this headline:

Loading spinner

Chinese hackers breached Dutch Ministry of Defense Read More »

Doppelganger Dilemma: New XPhase Clipper’s Proliferation via Deceptive Crypto Sites and Cloned YouTube Videos

Doppelganger Dilemma: New XPhase Clipper’s Proliferation via Deceptive Crypto Sites and Cloned YouTube Videos 2024-02-07 at 13:17 By neetha871ad236bd Key Takeaways  Overview  CRIL has identified a malware campaign aimed at cryptocurrency users. In this campaign, Threat Actors (TA) employed deceptive websites masquerading as legitimate cryptocurrency applications. Notably, we encountered several phishing sites targeting users of

React to this headline:

Loading spinner

Doppelganger Dilemma: New XPhase Clipper’s Proliferation via Deceptive Crypto Sites and Cloned YouTube Videos Read More »

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities 2024-02-01 at 17:31 By Helga Labus The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is

React to this headline:

Loading spinner

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities Read More »

Threat actor used Vimeo, Ars Technica to serve second-stage malware

Threat actor used Vimeo, Ars Technica to serve second-stage malware 2024-02-01 at 12:31 By Zeljka Zorz A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware. Another interesting detail about UNC4990 it’s

React to this headline:

Loading spinner

Threat actor used Vimeo, Ars Technica to serve second-stage malware Read More »

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication 2024-02-01 at 08:17 By neetha871ad236bd Cyble analyzes GreenBean, a new Android Banking Trojan leveraging Simple RealTime Server (SRS) for C&C Communication The post Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication appeared first on Cyble. The post

React to this headline:

Loading spinner

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication Read More »

Free ransomware recovery tool White Phoenix now has a web version

Free ransomware recovery tool White Phoenix now has a web version 2024-01-31 at 10:17 By Help Net Security White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested on BlackCat/ALPHV Ransomware, Play Ransomware, Qilin/Agenda Ransomware, BianLian Ransomware, and DarkBit. Intermittent encryption occurs when ransomware chooses

React to this headline:

Loading spinner

Free ransomware recovery tool White Phoenix now has a web version Read More »

Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware

Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware 2024-01-26 at 14:02 By Ionut Arghire The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan.  The post Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware Read More »

Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration

Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration 2024-01-25 at 15:01 By neetha871ad236bd CRIL analyzes an ongoing phishing campaign spreading an updated version of Atomic Stealer targeting Mac users. The post Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration appeared first on Cyble. The post Uncovering Atomic

React to this headline:

Loading spinner

Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration Read More »

Blackwood APT delivers malware by hijacking legitimate software update requests

Blackwood APT delivers malware by hijacking legitimate software update requests 2024-01-25 at 13:32 By Help Net Security ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. It leverages

React to this headline:

Loading spinner

Blackwood APT delivers malware by hijacking legitimate software update requests Read More »

Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend 

Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend  2024-01-25 at 13:16 By neetha871ad236bd There is no excerpt because this is a protected post. The post Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend  appeared first on Cyble. The post Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence

React to this headline:

Loading spinner

Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend  Read More »

AI expected to increase volume, impact of cyberattacks

AI expected to increase volume, impact of cyberattacks 2024-01-25 at 12:16 By Helga Labus All types of cyber threat actor are already using artificial intelligence (AI) to varying degrees, UK National Cyber Security Centre’s analysts say, and predict that AI “will almost certainly increase the volume and heighten the impact of cyberattacks over the next

React to this headline:

Loading spinner

AI expected to increase volume, impact of cyberattacks Read More »

Threat Actors Target US Asylum Seekers with MetaStealer Malware

Threat Actors Target US Asylum Seekers with MetaStealer Malware 2024-01-22 at 16:17 By cybleinc Threat Actors Target US Asylum Seekers with MetaStealer Malware Key Takeaways Cyble Research and Intelligence Labs (CRIL) came across a ZIP archive file that could be downloaded from a URL and possibly disseminated through spam emails. Within the ZIP file lies

React to this headline:

Loading spinner

Threat Actors Target US Asylum Seekers with MetaStealer Malware Read More »

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities 2024-01-19 at 16:18 By cybleinc Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities Introduction Cyble Global Sensor Intelligence (CGSI) has detected the continuous exploitation of recently revealed vulnerabilities in Ivanti Connect Secure (ICS), previously known as Pulse Connect Secure

React to this headline:

Loading spinner

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities Read More »

Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft

Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft 2024-01-17 at 12:01 By cybleinc Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft Key Takeaways Cyble Research and Intelligence Labs (CRIL) identified a Go Stealer variant potentially targeting the Indian Air Force. The

React to this headline:

Loading spinner

Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft Read More »

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025) 2024-01-15 at 15:31 By Zeljka Zorz A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written

React to this headline:

Loading spinner

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025) Read More »

Information Stealer Exploits Windows SmartScreen Bypass

Information Stealer Exploits Windows SmartScreen Bypass 2024-01-15 at 14:46 By Ionut Arghire Attackers exploit a recent Windows SmartScreen bypass vulnerability to deploy the Phemedrone information stealer. The post Information Stealer Exploits Windows SmartScreen Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Information Stealer Exploits Windows SmartScreen Bypass Read More »

Sneaky Azorult Back in Action and Goes Undetected

Sneaky Azorult Back in Action and Goes Undetected 2024-01-12 at 17:31 By dakshsharma16 Key Takeaways Overview First identified in 2016, Azorult malware operates as an information-stealing threat, collecting data such as browsing history, cookies, login credentials, and cryptocurrency details. Additionally, it can function as a downloader for other malware families. This malicious software was offered

React to this headline:

Loading spinner

Sneaky Azorult Back in Action and Goes Undetected Read More »

Festive Facade: Dissecting Multi-Stage Malware in New Year-themed Lure

Festive Facade: Dissecting Multi-Stage Malware in New Year-themed Lure 2024-01-05 at 11:26 By cybleinc CRIL analyzes New Year-themed malware utilizing JS Downloader and DLL Sideloading to infect potential victims. The post Festive Facade: Dissecting Multi-Stage Malware in New Year-themed Lure appeared first on Cyble. This article is an excerpt from Cyble View Original Source React

React to this headline:

Loading spinner

Festive Facade: Dissecting Multi-Stage Malware in New Year-themed Lure Read More »

Several Infostealers Using Persistent Cookies to Hijack Google Accounts

Several Infostealers Using Persistent Cookies to Hijack Google Accounts 2024-01-03 at 17:46 By Ionut Arghire A vulnerability in Google’s authentication process allows malware to restore cookies and hijack user sessions. The post Several Infostealers Using Persistent Cookies to Hijack Google Accounts appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Several Infostealers Using Persistent Cookies to Hijack Google Accounts Read More »

Scroll to Top