Tag: malware
-
Found on VirusTotal: The world’s first UEFI bootkit for Linux
by
in SecurityNews“Bootkitty” is likely a proof-of-concept, but may portend working UEFI malware for Linux. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
-
Hackers abuse popular Godot game engine to infect thousands of PCs
by
in SecurityNewsHackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-godloader-malware-infects-thousands-of-gamers-using-godot-scripts/
-
Found in the wild: The world’s first unkillable UEFI bootkit for Linux
by
in SecurityNews“Bootkitty” is likely a proof-of-concept, but may portend working UEFI malware for Linux. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
-
Cybercriminals used a gaming engine to create undetectable malware loader
by
in SecurityNewsThreat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/27/godot-engine-malware-loader-godloader/
-
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
by
in SecurityNewsA stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card form or extracting data directly from payment fields. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/sneaky-skimmer-malware-magento-sites-black-friday
-
Researchers discover first UEFI bootkit malware for Linux
by
in SecurityNewsThe first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/researchers-discover-bootkitty-first-uefi-bootkit-malware-for-linux/
-
Attack Group APT60 Targets Japan Using Trusted Platforms
APT-C-60 targets Japan with phishing emails, using job application ruse and malware via Google Drive First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/aptc60-targets-japan-using-trusted/
-
Banshee Stealer Quellcode geleakt: macOS-Malware unschädlich gemacht
by
in SecurityNewsCyberkriminelle geben auf: Die Malware Banshee Stealer für MacOS wurde nach Veröffentlichung des Quellcodes aufgegeben. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/banshee-stealer-quellcode-geleakt-macos-malware-unschaedlich-gemacht-304847.html
-
Russian Script Kiddie Assembles Massive DDoS Botnet
Over the past year, Matrix has used publicly available malware tools and exploit scripts to target weakly secured IoT devices, and enterprise servers. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-script-kiddie-assembles-massive-ddos-botnet
-
Gaming Engines: An Undetected Playground for Malware Loaders
by
in SecurityNewsey Points Introduction Cybercriminals constantly try to evolve their tactics and techniques, aiming to increase infections. Their need to stay undetected pushes them to innovate and discover new methods of delivering and executing malicious code, which can result in credentials theft and even ransomware encryption. Check Point Research discovered a new undetected technique that uses…
-
Exploits gesichtet – Schwachstellen in VMware vCenter ermöglichen Malware-Angriffe
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/patches-exploit-vmware-vcenter-schwachstellen-a-139e6c7835ef3f388a645cbe38014bce/
-
Zscaler-Tool <> bekämpft den Malware-Loader <>
by
in SecurityNewsDurch die Zusammenarbeit von internationalen Strafverfolgungsbehörden mit Partnern aus der Wirtschaft in der Operation Endgame konnten im Mai viele bekannte Malware-Loader ausgeschaltet werden. Mehr als 1.000 Befehls- und Kontrolldomänen (C2) wurden damals beschlagnahmt und über 50.000 Infektionen beseitigt. Diese erste großangelegte Aktion gegen eine C2-Infrastruktur seit über zehn Jahren hatte allerdings nur kurzfristige Wirksamkeit, denn…
-
Black-Friday Paradies für Schnäppchenjäger und Cyberkriminelle
by
in SecurityNewsDer Black-Friday lockt jedes Jahr Millionen Schnäppchenjäger online, doch die Schattenseite des Shopping-Booms ist ebenso präsent: eine massive Zunahme an Cyberangriffen. Cyberkriminelle nutzen diese Gelegenheit gezielt aus, um mit Phishing-E-Mails, Fake-Webseiten und betrügerischen SMS persönliche Daten zu stehlen oder Malware zu verbreiten. Für Konsumenten und Unternehmen gleichermaßen bedeutet das eine erhöhte Gefahr, Opfer von Betrug…
-
Source Code of $3,000Month macOS Malware ‘Banshee Stealer’ Leaked
by
in AllgemeinThe Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak. The post Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/source-code-of-3000-a-month-macos-malware-banshee-stealer-leaked/
-
APT60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign
The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor.That’s according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August…
-
A US soldier is suspected of being behind the massive Snowflake data leak
by
in SecurityNewsOne of the hackers who masterminded the Snowflake credential leak that led to the threat actors stealing data from and extorting at least 165 companies, including 560 million Ticketmaster and 110 AT&T customers, could be a US soldier, according to cybersecurity journalist Brian Krebs.The hacker, known for using the moniker Kiberphant0m, carried out online chats…
-
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
by
in SecurityNewsA threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet.”This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a First seen…
-
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
by
in SecurityNewsThe APT, aka Earth Estries, is one of China’s most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/salt-typhoon-malware-arsenal-ghostspider
-
Novel GhostSpider malware part of Salt Typhoon’s attack arsenal
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/novel-ghostspider-malware-part-of-salt-typhoons-attack-arsenal
-
Get 50% off Malwarebytes during Black Friday 2024
Malwarebytes’ Black Friday 2024 deals are now live, offering a 50% discount for one and two-year subscriptions to personal, family, and business subscriptions to its standalone anti-malware software, VPN, and Personal Data Remover services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/get-50-percent-off-malwarebytes-during-black-friday-2024/
-
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed First…
-
The source code of Banshee Stealer leaked online
by
in SecurityNewsBanshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. BANSHEE Stealer supports basic evasion techniques, relies on the sysctl API…
-
Ursnif Trojan Campaign Targets U.S. Professionals via Stealthy Spam Attacks
The Ursnif banking Trojan, one of the most notorious forms of malware targeting financial data, has been observed in a sophisticated campaign using advanced techniques to avoid detection and steal sensitive information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/ursnif-banking-trojan/
-
9 VPN alternatives for securing remote network access
by
in SecurityNews
Tags: access, ai, api, attack, authentication, automation, best-practice, business, cloud, compliance, computer, computing, control, corporate, credentials, cve, cybercrime, cybersecurity, data, defense, detection, dns, encryption, endpoint, exploit, firewall, fortinet, group, guide, Hardware, iam, identity, infrastructure, Internet, iot, least-privilege, login, malicious, malware, mfa, microsoft, monitoring, network, office, password, ransomware, risk, router, saas, service, software, strategy, switch, threat, tool, update, vpn, vulnerability, vulnerability-management, waf, zero-trustOnce the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, large numbers…
-
Infostealers VietCredCare and DuckTail Fuel Facebook Business Account Exploitation
Vietnam has become a hotspot for malicious operations targeting Facebook Business accounts, with threat actors leveraging infostealers like VietCredCare and DuckTail. According to a report from Group-IB, these malware families... First seen on securityonline.info Jump to article: securityonline.info/infostealers-vietcredcare-and-ducktail-fuel-facebook-business-account-exploitation/
-
Malware linked to Salt Typhoon used to hack telcos around the world
by
in SecurityNews
Tags: malwareA report from Trend Micro details the highly sophisticated ways Salt Typhoon carries out its operations. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-us-telecom-hack-earth-estries-trend-micro-report/
-
Mysterious Elephant Using Hajj-Themed Bait in Attacks
Group Deploys Upgraded Malware Disguised as Microsoft File on Pilgrimage Goers. A South Asian threat actor identified as Mysterious Elephant or APT-K-47 by Knownsec 404 researchers is using a Hajj-themed lure to trick victims into malicious payload disguised as a Windows file. The hacker is using upgraded Asyncshell malware disguised as a Microsoft Compiled HTML…
-
China’s Salt Typhoon hackers target telecom firms in Southeast Asia with new malware
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/china-salt-typhoon-targets-southeast-asia-telecom