Tag: malware
-
Sophisticated TA397 Malware Targets Turkish Defense Sector
Sophisticated phishing attack targeting Turkey’s defense sector revealed TA397’s advanced tactics First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ta397-malware-targets-turkish/
-
The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs
The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. The report includes a set of recommendations to mitigate the exposure to the…
-
Researchers reveal OT-specific malware in use and in development
by
in SecurityNewsMalware that’s made specifically to target industrial control systems (ICS), Internet of Things (IoT) and operational technology (OT) control devices is still rare, but … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/17/ot-specific-malware-siemens-industrial-iot/
-
Malvertising on steroids serves Lumma infostealer
by
in SecurityNewsA large-scale malvertising campaign distributing the Lumma infostealer malware via intrusive >>ads
-
Vier unverzichtbare Maßnahmen zur BYOD-Sicherheit
by
in SecurityNews
Tags: malwareViele Unternehmen erlauben Mitarbeitern, persönliche Geräte für die Arbeit zu nutzen (BYOD). Diese flexible Praxis birgt Sicherheitsrisiken, da solche Geräte oft weniger geschützt sind als Firmenhardware. BYOD-Richtlinien sollen Datenverlust und Malware verhindern. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/vier-unverzichtbare-massnahmen-zur-byod-sicherheit/
-
Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware
A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT.”The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target machine…
-
Venom Spider lässt RevC2 und Venom Loader von der Kette
by
in SecurityNewsDie Sicherheitsforscher von Zscaler ThreatLabz haben zwei neue Kampagnen aufgedeckt, die auf das Malware-as-a-Service-Angebot von Venom Spider zurückzuführen sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/venom-spider-revc2
-
Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers
by
in SecurityNewsMalicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a typically harmless security feature, to launch large-scale malware distribution campaigns. This startling revelation uncovers how these fake captchas, interlaced with malicious advertising, are infecting users with password-stealing malware. Over the past several weeks, cybercriminals have been leveraging fake captcha pages to…
-
Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection
by
in SecurityNewsBogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker.”Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks,” Morphisec researcher Nadav Lorber said in a technical report published Monday.The attacks make use of fake update alerts…
-
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.”The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007,” Kaspersky researchers Georgy Kucherin and Marc Rivero…
-
Voice Phishing on Microsoft Teams Facilitates DarkGate Malware Attack
by
in SecurityNewsTrend Micro has revealed a new vector for cyberattacks: voice phishing (vishing) conducted via Microsoft Teams. This tactic was recently employed to distribute DarkGate malware, a sophisticated threat capable of... First seen on securityonline.info Jump to article: securityonline.info/voice-phishing-on-microsoft-teams-facilitates-darkgate-malware-attack/
-
Winnti-Like Glutton Backdoor Targets Cybercriminals
by
in SecurityNewsMalware Exploits Cybercrime Ecosystem for Profit. Hackers are using a variant of a backdoor that’s the hallmark of a Chinese threat actor suspected of ties to Beijing in order to target the cybercriminal underground. The malware t shares near-complete similarity with the a backdoor exclusively used by the Winnti Group. First seen on govinfosecurity.com Jump…
-
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
by
in SecurityNewsThe FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-spots-hiatusrat-malware-attacks-targeting-web-cameras-dvrs/
-
Technical Analysis of RiseLoader
by
in SecurityNewsIntroductionIn October 2024, Zscaler ThreatLabz came across malware samples that use a network communication protocol that is similar to RisePro. However, unlike RisePro which has primarily been used for information stealing, this new malware specializes in downloading and executing second-stage payloads. Due its distinctive focus and similarities with RisePro’s communication protocol, we named this new…
-
BADBOX malware operation sinkholed by Germany
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/badbox-malware-operation-sinkholed-by-germany
-
Malicious ads push Lumma infostealer via fake CAPTCHA pages
by
in SecurityNewsA large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-ads-push-lumma-infostealer-via-fake-captcha-pages/
-
Microsoft Teams Vishing Spreads DarkGate RAT
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/vishing-via-microsoft-teams-spreads-darkgate-rat
-
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
by
in SecurityNewsCybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds.”Entirely reliant on a single ad network for propagation, this campaign showcases the core mechanisms of malvertising, delivering over First seen…
-
Venom-Spider infiltriert Unternehmen mit zwei neuen Malware-asService-Kampagnen
Die Sicherheitsforscher von Zscaler-ThreatLabz haben zwei neue Kampagnen aufgedeckt, die auf das Malware-as-a-Service-Angebot von Venom-Spider zurückzuführen sind. Venom-Spider, auch bekannt als Golden Chickens bietet MaaS-Tools wie , , und , die in der Vergangenheit von Malware-Gruppierungen wie FIN6 und Cobalt eingesetzt wurden. Jetzt haben die Forscher zwei neue Kampagnen auf Basis von Venom-Spiders MaaS-Tools […]…
-
Fake Captcha Campaign Highlights Risks of Malvertising Networks
Large-scale campaign identified by Guardio Lans and Infoblox, exploiting malvertising and fake captchas to distribute Lumma infostealer for massive theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
-
Evasive Node.js loader masquerading as game hack
by
in SecurityNewsMalware peddlers are using NodeLoader, a loader written in Node.js, to foil security solutions and deliver infostealers and cryptominers to gamers. The malicious links in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/16/node-js-malware-loader-nodeloader-game-hack/
-
Hackers Abuse Google Ads To Attacking Graphic Design Professionals
Researchers identified a threat actor leveraging Google Search ads to target graphic design professionals, as the actor has launched at least 10 malvertising campaigns hosted on two specific IP addresses: 185.11.61[.]243 and 185.147.124[.]110, where these malicious ads, when clicked, redirect users to websites that initiate malicious downloads. Two IP addresses, 185.11.61.243 and 185.147.124.110, have been…
-
Hackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And Firewalls
by
in SecurityNews
Tags: attack, cctv, control, cyber, cyberattack, exploit, firewall, hacker, infrastructure, iot, iran, malware, router, vulnerabilityRecent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in Israel and the US, have been attributed to the Iranian-backed CyberAv3ngers. The attacks, leveraging a custom-built malware named IOCONTROL, exploit vulnerabilities in IoT and OT devices, such as routers, PLCs, HMIs, and firewalls. The malware, designed to operate on various platforms,…
-
Malware Hidden in Fake Business Proposals Hits YouTube Creators
by
in SecurityNewsCybercriminals are targeting YouTube creators with sophisticated phishing attacks disguised as brand collaborations. Learn how to identify these scams, protect your data, and safeguard your online presence First seen on hackread.com Jump to article: hackread.com/malware-fake-business-proposals-hits-youtube-creators/
-
Team82 identifiziert gegen kritische Infrastruktur gerichtete Malware
by
in SecurityNewsDie Sicherheitsforscher von Team82, der Forschungsabteilung des Spezialisten für die Sicherheit von cyberphysischen Systemen (CPS) Claroty, haben eine speziell entwickelte IoT/OT-Malware identifiziert, die gegen Geräte wie IP-Kameras, Router, SPS, HMIs und Firewalls von verschiedenen Herstellern, unter anderem Baicells, D-Link, Hikvision, Red Lion, Orpak, Phoenix Contact und Teltonika gerichtet ist. Die Forscher stufen die Schadsoftware […]…
-
New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
by
in SecurityNewsCybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa.QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked Winnti…