Tag: malware
-
Researchers Discover Malware Used by Nation-Sates to Attack Industrial Systems
by
in SecurityNewsIOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-nation-sate-industrial/
-
Schwachstellen entdeckt: Forscher schleusen Malware per Bluetooth in einen Skoda
by
in SecurityNewsDer Angriff soll es den Forschern ermöglicht haben, das Fahrzeug aus der Ferne in Echtzeit zu tracken, Mikrofone abzuhören und allerhand Daten abzugreifen. First seen on golem.de Jump to article: www.golem.de/news/schwachstellen-entdeckt-forscher-schleusen-malware-per-bluetooth-in-einen-skoda-2412-191683.html
-
Experts discovered the first mobile malware families linked to Russia’s Gamaredon
by
in SecurityNewsThe Russia-linked APT Gamaredon used two new Android spyware tools called BoneSpy and PlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, and ACTINIUM). These are the first known mobile malware families linked to the Russian APT. The cyberespionage group is behind a…
-
APT60 Exploits Legitimate Services in Sophisticated Malware Attack Targeting Japanese Organizations
In August 2024, JPCERT/CC confirmed a targeted attack against a Japanese organization, believed to be the work of the threat group APT-C-60. This advanced campaign utilized legitimate services like Google... First seen on securityonline.info Jump to article: securityonline.info/apt-c-60-exploits-legitimate-services-in-sophisticated-malware-attack-targeting-japanese-organizations/
-
Cleo urges customers to ‘immediately’ apply new patch as researchers discover new malware
by
in SecurityNewsThe bug was initially tagged as CVE-2024-50623 in October and patched by the company, but researchers from cybersecurity firm Huntress discovered that systems were still vulnerable even after applying the fix.]]> First seen on therecord.media Jump to article: therecord.media/cleo-urges-customers-to-immediately-patch-systems-after-exploitation
-
New stealthy Pumakit Linux rootkit malware spotted in the wild
by
in SecurityNewsA new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-stealthy-pumakit-linux-rootkit-malware-spotted-in-the-wild/
-
New IOCONTROL malware used in critical infrastructure attacks
by
in SecurityNewsIranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-iocontrol-malware-used-in-critical-infrastructure-attacks/
-
More advanced Zloader malware variant emerges
by
in SecurityNews
Tags: malwareFirst seen on scworld.com Jump to article: www.scworld.com/brief/more-advanced-zloader-malware-variant-emerges
-
New Malware Framework Targets Cleo File Systems
by
in SecurityNewsPossible Long-Term Attack by Unknown Hackers Thwarted. Hackers exploiting flaws in Cleo Communications software instances had intimate knowledge of their internals and deployed a previously unknown family of malware, security researchers from Huntress said Thursday. Cleo published a patch Wednesday evening. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-malware-framework-targets-cleo-file-systems-a-27045
-
Remcos RAT Malware Evolves with New Techniques
Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-malware-evolves-new/
-
Die wichtigsten Cybersecurity-Prognosen für 2025
by
in SecurityNews
Tags: access, ai, apple, apt, cloud, cyberattack, cybercrime, cybersecurity, cyersecurity, data, deep-fake, governance, incident response, jobs, kritis, malware, military, mobile, nis-2, ransomware, service, software, stuxnet, supply-chain -
Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement
Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from…
-
Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns.”BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims,” Lookout said in an analysis. “Both…
-
BSI legt Kommunikation von 30.000 BadBox-Drohnen lahm
by
in SecurityNewsDas BSI konnte in die Kommunikation der BadBox-Malware eingreifen und 30.000 infizierte Geräte schützen. First seen on heise.de Jump to article: www.heise.de/news/BSI-legt-Kommunikation-von-30-000-BadBox-Drohnen-lahm-10197321.html
-
87 Prozent der Cyberbedrohungen verstecken sich im verschlüsselten Datenverkehr
by
in SecurityNews
Tags: malwareVerschlüsselter Datenverkehr entwickelte sich zu einem wachsenden Einfallstor für immer raffiniertere Bedrohungen und dieser Trend wurde durch den Einsatz von Künstlicher Intelligenz (KI) auf Seiten der Malware-Akteure im letzten Jahr noch weiter verstärkt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/87-prozent-der-cyberbedrohungen-verstecken-sich-im-verschluesselten-datenverkehr
-
Malware-Explosion: Windows-Ziele im Fokus
by
in SecurityNewsEin aktuelles Security-Bulletin meldet 2024 täglich 467.000 neue Schaddateien ein Plus von 14 Prozent. Trojaner nahmen um 33 Prozent zu, Trojan-Dropper um 150 Prozent. Sechs Prozent der Schadsoftware stammten aus MS-Office-Dokumenten, 93 Prozent der Angriffe zielten auf Windows. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/malware-explosion-windows-ziele-im-fokus/
-
Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks
by
in SecurityNewsCleo has released patches for the exploited vulnerability and security firms have detailed the malware delivered in attacks. The post Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cleo-patches-exploited-flaw-as-security-firms-detail-malware-pushed-in-attacks/
-
Cleo 0-day Vulnerability Exploited to Deploy Malichus Malware
by
in SecurityNewsCybersecurity researchers have uncovered a sophisticated exploitation campaign involving a zero-day (0-day) vulnerability in Cleo file transfer software platforms. This campaign has been used to deliver a newly identified malware family, now dubbed “Malichus.” The threat, recently analyzed by Huntress and corroborated by other industry vendors, demonstrates significant technical complexity, raising alarms across the cybersecurity…
-
Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor
Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) was spotted using the Amadey malware to deploy the KazuarV2 backdoor on devices in Ukraine. The experts observed threat actors using the Amadey bot malware between March and April 2024. Microsoft highlights…
-
Attackers can abuse the Windows UI Automation framework to steal data from apps
by
in SecurityNewsAn accessibility feature built into Windows to facilitate the use of computers by people with disabilities can be abused by malware to steal data from other applications or control them in malicious ways that evades detection by most endpoint protection systems.The Windows UI Automation framework has existed since the days of Windows XP and provides…
-
Malware trickst Sicherheitslösungen mit beschädigten Dateien (ZIP, Office) aus
by
in SecurityNewsDie Betreiber von ANY.RUN sind auf eine neue Angriffswelle bzw. SPAM-Kampagne gestoßen, die für 0-Day-Angriffe ausgenutzt werden könnte. Beschädigte ZIP-Archive oder kaputte Office-Dokumente sollen SPAM-Filter und Sicherheitslösungen austricksen, so dass entsprechende Phishing-Mails im Postfach landen. ANY.RUN-Beobachtung einer Kampagne ANY.RUN ist … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/12/beschaedigte-dateien-zip-office-tricksen-sicherheitsloesungen-aus/
-
The imperative for governments to leverage genAI in cyber defense
by
in SecurityNews
Tags: ai, attack, cyber, cyberattack, cybersecurity, dark-web, data, deep-fake, defense, detection, email, endpoint, gartner, government, incident response, infrastructure, intelligence, LLM, malicious, malware, microsoft, strategy, tactics, threat, tool, training, vulnerabilityIn an era where cyber threats are evolving at an unprecedented pace, the need for robust cyber defense mechanisms has never been more critical. Sixty-two percent of all cyberattacks focus on public sector organizations directly and indirectly. Nation-state actors, equipped with generative artificial intelligence (genAI) sophisticated tools and techniques, pose significant threats to national security,…
-
China using ‘EagleMsgSpy’ malware to tap Android devices
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/china-using-eaglemsgspy-to-tap-android-devices
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
MoqHao Malware Targets Apple IDs and Android Devices Using iCloud and VK Platforms
A new campaign by the Roaming Mantis-affiliated MoqHao malware family, also known as Wroba and XLoader, has been uncovered by Threat Hunting Platform Hunt.io. The campaign exploits trusted platforms... First seen on securityonline.info Jump to article: securityonline.info/moqhao-malware-targets-apple-ids-and-android-devices-using-icloud-and-vk-platforms/
-
Androxgh0st Malware Continues Targeting IoT Devices and Critical Infrastructure
by
in SecurityNewsCybersecurity firm Check Point’s Global Threat Index for November 2024 underscores the escalating sophistication of cybercriminals. A key highlight is the rapid rise of Androxgh0st malware, now intergrated with the notorious Mozi botnet. This worrisome combination poses a significant threat to critical infrastructure globally. Critical infrastructure, encompassing energy grids, transportation systems, healthcare networks, and more,…
-
Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack
by
in SecurityNewsThe department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-sanctions-chinese-cyber-company-2020-firewall-attack/
-
Top-Malware im November 2024
Check Point Software Technologies hat seinen Global-Threat-Index für November 2024 veröffentlicht. Darin wird die zunehmende Raffinesse von Cyber-Kriminellen offenbar: Androxgh0st ist seit Neuestem in das Mozi-Bot-Netz integriert worden und damit noch effektiver darin, kritische Infrastrukturen anzugreifen. Global steht das Bot-Netz auf Platz eins der meistverbreiteten Malware-Typen. In Deutschland hingegen ist der Infostealer Formbook weiterhin Spitzenreiter…