Tag: antivirus
-
The state of ransomware: Fragmented but still potent despite takedowns
by
in SecurityNews
Tags: ai, alphv, antivirus, attack, backup, cloud, control, cyber, cybercrime, cybersecurity, data, ddos, detection, endpoint, extortion, firewall, group, incident response, intelligence, law, leak, LLM, lockbit, malware, network, ransom, ransomware, service, software, tactics, threat, tool, usa, zero-trustRunners and riders on the rise: Smaller, more agile ransomware groups like Lynx (INC rebrand), RansomHub (a LockBit sub-group), and Akira filled the void after major takedowns, collectively accounting for 54% of observed attacks, according to a study by managed detection and response firm Huntress.RansomHub RaaS has quickly risen in prominence by absorbing displaced operators…
-
Fully Undetected Anubis Malware Enables Hackers to Execute Remote Commands
by
in SecurityNewsA recent alert has highlighted the emergence of the AnubisBackdoor, a Python-based backdoor attributed to the Savage Ladybug group, which is reportedly linked to the notorious FIN7 cybercrime gang. This malware is designed to provide remote access, execute commands, and facilitate data exfiltration, all while evading detection by most antivirus solutions. Technical Analysis The AnubisBackdoor…
-
Steganography Explained: How XWorm Hides Inside Images
by
in SecurityNewsInside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike.No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and take over your system without a trace.This is steganography, a cybercriminal’s…
-
Bypassing AV Detection Anti-Malware Scans with Red Team Tool SpecterInsight
In an era where antivirus (AV) solutions and anti-malware scan interfaces (AMSI) are becoming increasingly sophisticated, red team operators and penetration testers face mounting challenges in evading detection. SpecterInsight, a powerful offensive security tool, has emerged as a solution to bypass these defenses while maintaining stealth. The latest version, SpecterInsight 4.2.0, introduces advanced payload crafting…
-
Hackers Using PowerShell and Microsoft Legitimate Apps to Deploy Malware
by
in SecurityNews
Tags: antivirus, attack, cyber, cybersecurity, hacker, incident response, malware, microsoft, powershellCybersecurity experts are warning of an increasing trend in fileless attacks, where hackers leverage PowerShell and legitimate Microsoft applications to deploy malware without leaving significant traces on compromised systems. These sophisticated attacks, which have been around for over two decades, are proving particularly effective in bypassing traditional antivirus solutions and complicating incident response efforts. PowerShell…
-
FBI and CISA warn about continuing attacks by Chinese ransomware group Ghost
by
in SecurityNewsAttacks are more focused on encryption than exfiltration: The Ghost attackers have sometimes exfiltrated data back to their Cobalt Strike Team servers or to the Mega.nz file-sharing service, but this has been rare and the amount of information stolen has been limited.According to FBI investigations, the group doesn’t regularly exfiltrate intellectual property or personally identifiable…
-
What Is EDR? Endpoint Detection and Response
by
in SecurityNewsIn today’s interconnected world, cybersecurity threats are more sophisticated and pervasive than ever. Traditional security solutions, like antivirus software, often fall short against advanced persistent threats (APTs), zero-day exploits, and fileless malware. This is where Endpoint Detection and Response (EDR) comes in, offering a powerful and proactive approach to safeguarding your endpoints and, consequently, your…
-
Chinese Hackers Exploit Windows Tool to Install Backdoors
by
in SecurityNewsMustang Panda Uses MAVInject to Evade Antivirus Detection. A Chinese state-sponsored hacking group is abusing a legitimate Microsoft tool to evade security and install backdoors on government systems in the Asia-Pacific region. The threat actor uses MAVInject.exe to inject malware into waitfor.exe. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-exploit-windows-tool-to-install-backdoors-a-27555
-
Chinese hackers abuse Microsoft APP-v tool to evade antivirus
The Chinese APT hacking group “Mustang Panda” has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-abuse-microsoft-app-v-tool-to-evade-antivirus/
-
Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions
Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mustang-panda-microsoft-bypass/
-
Privacy Roundup: Week 7 of Year 2025
by
in SecurityNews
Tags: access, antivirus, api, apple, attack, breach, business, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, law, leak, malware, microsoft, military, network, password, phishing, privacy, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, windows, zero-dayThis is a news item roundup of privacy or privacy-related news items for 9 FEB 2025 – 15 FEB 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Getting the Most Value out of the OSCP: Pre-Course Prep
by
in SecurityNews
Tags: access, antivirus, attack, compliance, control, credentials, cyber, cybersecurity, detection, exploit, finance, framework, guide, hacker, hacking, infosec, infrastructure, jobs, kali, linux, mandiant, metric, microsoft, mitre, network, organized, password, penetration-testing, PurpleTeam, RedTeam, risk, service, skills, software, tactics, technology, tool, training, vulnerability, windowsThe first post in a five-part practical guide series on maximizing the professional, educational, and financial value of the OffSec certification pursuit for a successful career in offensive cybersecurity consulting Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements.…
-
Antivirus vs. Anti-Malware: Welches brauchen Sie?
by
in SecurityNewsHier ist ein kurzer Leitfaden, der Ihnen hilft, zu entscheiden, welches oder beide! am besten zu Ihren Bedürfnissen passt. Antivirus zielt auf Viren ab, während Anti-Malware vor allen Arten von Schadsoftware schützt, einschließlich Spyware und Ransomware. Haben Sie jemals auf einen verdächtigen Link geklickt und Pop-ups oder ein langsames Gerät bemerkt? Das… First seen on…
-
New trojan hijacks Linux and IoT devices
by
in SecurityNewsThere’s a new trojan on the block, one that specifically targets network appliances and internet of things (IoT) devices running the open-source Linux operating system.FortiGuard Labs has identified a new malware kit, dubbed “ELF/Sshdinjector.A!tr”, that has the ability to infect and remotely control systems, establish root privilege, maintain malware presence, exfiltrate data such as user…
-
New phishing campaign targets users in Poland and Germany
by
in SecurityNewsAn ongoing phishing campaign, presumably by an advanced persistent threat (APT) actor, is seen dropping a new backdoor on victim systems enabling stealthy C2 operations.The backdoor, which Cisco’s Talos Intelligence Unit is tracking as TorNet, was found connecting victim machines to the decentralized and anonymizing TOR network for C2 communications.”Cisco Talos discovered an ongoing malicious…
-
Microsoft tests ‘scareware blocker’ for Edge that uses computer vision to detect scams
Microsoft is rolling out a new tool dubbed >>scareware blocker,>Scareware
-
Cisco patches antivirus decommissioning bug as exploit code surfaces
by
in SecurityNewsCisco has patched a denial-of-service (DoS) vulnerability affecting its open-source antivirus software toolkit, ClamAV, which already has a proof-of-concept (PoC) exploit code available to the public.Identified as CVE-2025-20128, the vulnerability stems from a heap-based buffer overflow in the Object Linking and Embedding 2 (OLE2) decryption routine, enabling unauthenticated remote attackers to cause a DoS condition…
-
Open-Source ClamAV Releases Security Update for Buffer Overflow Vulnerability Patch Now
by
in SecurityNewsClamAV, a widely used open-source antivirus software, has released security patch updates to address a critical buffer overflow vulnerability (CVE-2025-20128). The vulnerability, identified in the OLE2 file parser, posed a potential risk of denial-of-service (DoS) attacks. Users are urged to update immediately to the newly-released ClamAV versions 1.4.2 and 1.0.8 to safeguard their systems. Details…
-
Confident Cybersecurity: Essentials for Every Business
by
in SecurityNewsAre Businesses Truly Prepared for Today’s Cybersecurity Challenges? With the transition to a digital majority, company networks are continuously at risk, and potential breaches are growing more severe each day. So, how well-prepared is the average business when it comes to cybersecurity essentials? Business Cybersecurity: More Than Just Firewalls and Antivirus One critical aspect of……
-
Beware cybersecurity tech that’s past its prime, 5 areas to check or retire
by
in SecurityNews
Tags: access, advisory, ai, antivirus, attack, authentication, breach, bug-bounty, ciso, cloud, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, firewall, Hardware, network, password, penetration-testing, risk, router, siem, software, strategy, switch, threat, tool, vpn, vulnerability, waf, zero-trustCybersecurity leaders can choose from an ever-expanding list of digital tools to help them ward off attacks and, based on market projections, they’re implementing plenty of those options.Gartner predicts a 15% increase in cybersecurity spending for 2025, with global expenditures expected to reach $212 billion in the upcoming year. The research and consulting firm says…
-
Malware targets Mac users by using Apple’s security tool
by
in SecurityNewsA variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
-
New NonEuclid RAT Evades Antivirus and Encrypts Critical Files
A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant and ever-evolving cyber threat. The malware leverages a multifaceted approach to evade detection and maintain persistence, employing advanced techniques such as antivirus bypass, anti-detection mechanisms, anti-virtual machine checks, rootkit-like capabilities to conceal its presence, and…
-
Banshee 2.0 Malware Steals Apple’s Encryption to Hide on Macs
by
in SecurityNewsThe most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple’s own antivirus product. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/banshee-malware-steals-apple-encryption-macs
-
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
by
in SecurityNewsCybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.”Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new analysis shared with The Hacker News. “This development allows it to…