Tag: malware
-
Top-Malware im November 2024
Check Point Software Technologies hat seinen Global-Threat-Index für November 2024 veröffentlicht. Darin wird die zunehmende Raffinesse von Cyber-Kriminellen offenbar: Androxgh0st ist seit Neuestem in das Mozi-Bot-Netz integriert worden und damit noch effektiver darin, kritische Infrastrukturen anzugreifen. Global steht das Bot-Netz auf Platz eins der meistverbreiteten Malware-Typen. In Deutschland hingegen ist der Infostealer Formbook weiterhin Spitzenreiter…
-
AppLite: A New AntiDot Variant Targeting Mobile Employee Devices
by
in SecurityNewsOur zLabs team has identified an extremely sophisticated mishing (mobile-targeted phishing) campaign that delivers malware to the user’s Android mobile device enabling a broad set of malicious actions including credential theft of banking, cryptocurrency and other critical applications. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/applite-a-new-antidot-variant-targeting-mobile-employee-devices/
-
RedLine Malware Weaponizing Pirated Corporate Softwares To Steal Logins
by
in SecurityNewsAttackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate, and targets entrepreneurs automating business processes and aims to compromise their systems. They are distributing malicious activators on forums targeting business owners and accountants, deceptively promoting them as legitimate license bypass tools with update functionality…
-
New AppLite Malware Targets Banking Apps in Phishing Campaign
by
in SecurityNewsNew AppLite Banker malware targets Android devices, employing advanced phishing techniques to steal credentials and data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/applite-malware-targets-banking/
-
Über 87 Prozent der Cyberbedrohungen verstecken sich im verschlüsselten Datenverkehr
by
in SecurityNewsZscaler veröffentlicht im eine Analyse der neuesten Bedrohungen, die von der Zscaler-Security-Cloud abgewehrt werden. Verschlüsselter Datenverkehr entwickelte sich zu einem wachsenden Einfallstor für immer raffiniertere Bedrohungen und dieser Trend wurde durch den Einsatz von künstlicher Intelligenz (KI) auf Seiten der Malware-Akteure im letzten Jahr noch weiter verstärkt. ThreatLabz fand […] First seen on netzpalaver.de Jump…
-
Ongoing Phishing and Malware Campaigns in December 2024
by
in SecurityNewsCyber attackers never stop inventing new ways to compromise their targets. That’s why organizations must stay updated on the latest threats. Here’s a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you.Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security Systems…
-
SpyLoan Malware: A Growing Threat to Android Users
by
in SecurityNewsThe rise in android users has transformed how individuals and businesses access financial services, offering convenience and speed like never before. However, this rapid digitalization has also made these platforms a prime target for hackers. SpyLoan malware is a threat specifically engineered to exploit vulnerabilities in digital lending ecosystems. By stealing sensitive customer data, manipulating……
-
New Meeten Malware Attacking macOS And Windows Users To Steal Logins
by
in SecurityNewsA sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as >>Meetio,
-
APT53 Weaponizing LNK Files To Deploy Malware Into Target Systems
by
in CISOGamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging malicious LNK and XHTML files alongside intricate phishing schemes to carry out cyberattacks. Phishing emails with four distinct attack payloads…
-
EDR-Software ein Kaufratgeber
by
in SecurityNews
Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day -
âš¡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 – 8)
by
in SecurityNewsThis week’s cyber world is like a big spy movie. Hackers are breaking into other hackers’ setups, sneaky malware is hiding in popular software, and AI-powered scams are tricking even the smartest of us. On the other side, the good guys are busting secret online markets and kicking out shady chat rooms, while big companies…
-
Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices
A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight.”Proxy malware and services enable other types of criminal activity adding uncontrolled layers of anonymity to the threat actors, so they can perform all kinds of malicious activity using chains of victim systems,” the company’s security research team…
-
Gen AI use cases rising rapidly for cybersecurity, but concerns remain
by
in SecurityNews
Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usaGenerative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 23
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT DroidBot: Insights from a new Turkish MaaS fraud operation RedLine, A […]…
-
RedLine info-stealer campaign targets Russian businesses through pirated corporate software
by
in SecurityNewsAn ongoing RedLine information-stealing campaign is targeting Russian businesses using pirated corporate software. Since January 2024, Russian businesses using unlicensed software have been targeted by an ongoing RedLine info-stealer campaign. Pirated software is distributed via Russian online forums, attackers disguise the malware as a tool to bypass licensing for business automation software. Threat actors target…
-
BlueAlpha Exploits Cloudflare Tunnels for GammaDrop Malware Infrastructure
by
in SecurityNewsThe Insikt Group has uncovered a sophisticated cyber-espionage operation conducted by BlueAlpha, a state-sponsored threat actor with links to the Russian Federal Security Service (FSB). The campaign targets Ukrainian entities... First seen on securityonline.info Jump to article: securityonline.info/bluealpha-exploits-cloudflare-tunnels-for-gammadrop-malware-infrastructure/
-
Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals’ Data
by
in SecurityNewsCybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings.”The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy,” Cado Security researcher Tara…
-
Supply chain compromise of Ultralytics AI library results in trojanized versions
by
in SecurityNewsAttackers have compromised Ultralytics YOLO packages published on PyPI, the official Python package index, by compromising the build environment of the popular library for creating custom machine learning models. The malicious code deployed cryptocurrency mining malware on systems that installed the package, but the attackers could have delivered any type of malware.According to researchers from…
-
Emerging Ransomware Group Termite Claims Attack on Blue Yonder
by
in SecurityNewsTermite, an emerging ransomware group that launched its data leak site in late October and appears to be using a modified version of the Babuk malware, is claiming responsibility for the hack of giant SaaS provider Blue Yonder late last month that disrupted the operations of several corporations, including Starbucks. First seen on securityboulevard.com Jump…
-
Pirated corporate software infects Russian businesses with info-stealing malware
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/russia-businesses-pirated-corporate-software-redline-infostealer-malware
-
Crypto-stealing malware posing as a meeting app targets Web3 pros
by
in SecurityNewsCybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crypto-stealing-malware-posing-as-a-meeting-app-targets-web3-pros/
-
Deutschland noch immer schlecht auf Cyberangriffe vorbereitet
by
in SecurityNewssrcset=”https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?quality=50&strip=all 5184w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Jedes dritte Unternehmen aus dem Bereich der kritischen Infrastruktur in Deutschland fühlt sich schlecht auf Cyberangriffe vorbereitet. CHONRI510 Shutterstock.comMehr als die Hälfte der Unternehmen in Deutschland aus Bereichen…
-
Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware
by
in SecurityNewsBlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using spearphishing emails with malicious HTML attachments to deliver GammaLoad malware. To evade detection, BlueAlpha is leveraging Cloudflare Tunnels to conceal their infrastructure and using DNS fast-fluxing for their C2 servers, as this ongoing campaign, active since early 2024, highlights the persistent…
-
Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication
by
in SecurityNewsSecret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to the Pakistani group Storm-0156, which allows Secret Blizzard to access networks of Afghan government entities and Pakistani operators. They have deployed their own malware, TwoDash and Statuezy, and leveraged Storm-0156’s malware, Waiscot and CrimsonRAT, to gather intelligence on targeted networks, which…
-
Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials
by
in SecurityNewsResearchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection with obfuscation and anti-analysis techniques, steals data from various browsers, applications, and cryptocurrency wallets. It operates as an Electron or NodeJS application, injecting code into vulnerable apps and communicating with C2 servers. The malware’s FUD status is maintained through regular updates…
-
Windows, macOS users targeted with cryptoinfo-stealing malware
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/06/information-cryptocurrency-stealing-malware-windows-macos/