Tag: malware
-
Fortschrittliche Verschleierung und Verschlüsselung – Kaspersky entdeckt hochentwickelte Malware Ymir
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/neue-fortschrittliche-ransomware-ymir-entdeckt-a-63b186b2c39735eb078d337b60629aa2/
-
SmokeLoader picks up ancient MS Office bugs to pack fresh credential stealer
by
in SecurityNewsThreat actors are using a well-known modular malware loader, SmokeLoader, to exploit known Microsoft Office vulnerabilities and steal sensitive browser credentials.The loader which runs a framework to deploy multiple malware modules, was observed by Fortinet’s FortiGuard Labs in attacks targeting manufacturing, healthcare, and IT companies in Taiwan.”SmokeLoader, known for its ability to deliver other malicious…
-
‘Bootkitty’ First Bootloader to Take Aim at Linux
by
in SecurityNewsThough it’s still just a proof of concept, the malware is functional and can evade the Secure Boot process on devices from multiple vendors. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/bootkitty-first-bootloader-target-linux-systems
-
Phishers send corrupted documents to bypass email security
Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/03/phishers-send-corrupted-documents-to-bypass-email-security/
-
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT.The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded…
-
Hundreds of UK Ministry of Defence passwords found circulating on the dark web
by
in SecurityNews
Tags: 2fa, access, attack, authentication, banking, breach, credentials, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, email, government, hacker, intelligence, iraq, login, malware, mfa, password, phishing, risk, russia, theft, warfareThe login credentials of nearly 600 employees accessing a key British Ministry of Defence (MOD) employee portal have been discovered circulating on the dark web in the last four years, it has been reported.According to the i news site, the stolen credentials were for the MOD’s Defence Gateway website, a non-classified portal used by employees…
-
SmokeLoader Campaign Targets Taiwanese Companies
by
in SecurityNewsTheat Actor Uses Trojan as Infostealer. A threat actor is targeting Taiwanese companies using phishing emails and long-standing vulnerabilities to deliver SmokeLoader malware. The threat actor uses plugins for the infamous malware to directly attack systems rather than using SmokeLoader as its name suggests, as a loader for other malware. First seen on govinfosecurity.com Jump…
-
Millions of Android devices compromised with SpyLoan malware apps
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/millions-of-android-devices-compromised-with-spyloan-malware-apps
-
Just Like Windows: Linux Targeted by First-Ever UEFI Bootkit – UPDATED
by
in SecurityNewsLinux-Targeting Bootkitty Appears More Proof-of-Concept Than Threat, Researchers Say. Cybersecurity researchers have discovered the first-ever UEFI bootkit designed to target Linux systems and subvert their boot process for malicious purposes. The Bootkitty malware, first uploaded to VirusTotal this month, appears to be more proof of concept than full-fledged threat, they said. First seen on govinfosecurity.com…
-
SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials
by
in SecurityNewsSmokeLoader malware has resurfaced with enhanced capabilities and functionalities, targeting your personal data. First seen on hackread.com Jump to article: hackread.com/smokeloader-malware-ms-office-flaws-browser-data/
-
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
by
in SecurityNewsThe recently uncovered ‘Bootkitty’ UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka ‘LogoFAIL,’ to infect computers running on a vulnerable UEFI firmware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bootkitty-uefi-malware-exploits-logofail-to-infect-linux-systems/
-
New CleverSoar Malware Attacking Windows Users Bypassing Security Mechanisms
CleverSoar, a new malware installer, targets Chinese and Vietnamese users to deploy advanced tools like Winos4.0 and Nidhogg rootkit. These tools enable keylogging, data theft, security circumvention, and stealthy system control for potential long-term espionage. It was initially uploaded to VirusTotal in July 2024 and began distribution in November 2024 as an .msi installer, extracting…
-
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan
by
in SecurityNewsTaiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware.”SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks,” Fortinet FortiGuard Labs said in a report shared with The Hacker News.”While…
-
SmokeLoader Malware Campaign Targets Companies in Taiwan
by
in SecurityNewsSmokeLoader malware identified targeting Taiwanese firms via phishing, exploiting Microsoft Office vulnerabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smokeloader-malware-taiwan/
-
Beware Of Malicious PyPI Packages That Inject infostealer Malware
Recent research uncovered a novel crypto-jacking attack targeting the Python Package Index (PyPI), where malicious actors uploaded a legitimate-seeming cryptocurrency client package, >>aiocpa,
-
Gaming Engines: Ein unentdeckter Spielplatz für Malware-Loader
by
in SecurityNewsDie Sicherheitsforscher von Check Point haben herausgefunden, dass die freizugängliche Gaming Engine namens Godot Engine von Cyber-Kriminellen zur Ausführung von schädlichem Code missbraucht wird. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gaming-engines-ein-unentdeckter-spielplatz-fuer-malware-loader
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 22
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. A Case-Control Study to Measure Behavioral Risks of Malware Encounters in Organizations PyPI Python Library >>aiocpa
-
Zscaler analysiert gefälschte Online Meeting-Dienste als Köder für Malware
by
in SecurityNewsDie Zscaler Cloud Sandbox erkennt die Samples durch ihr Verhalten und verweisen auf spezifische MITRE ATT&ACK-Techniken die während der Analyse getrig… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zscaler-analysiert-gefaelschte-online-meeting-dienste-als-koeder-fuer-malware/a36721/
-
WordPress-Websites im Visier einer neuen FakeUpdates-Kampagne
by
in SecurityNewsFakeUpdates, auch bekannt als SocGholish, ist seit mindestens 2017 aktiv und verwendet JavaScript-Malware, um Websites anzugreifen, insbesondere solch… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wordpress-websites-im-visier-einer-neuen-fakeupdates-kampagne/a36764/
-
Cyberangriffe auf junge Roblox-User via Community-Plattformen, YouTube und Discord
by
in SecurityNewsDa fast die Hälfte (45 Prozent) der Roblox-User jünger als 13 Jahre sind, besteht die Gefahr, dass die Malware auch auf weitere Systeme im gleichen Ha… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cyberangriffe-auf-junge-roblox-user-via-community-plattformen-youtube-und-discord/a36808/
-
Neue Malware-Kampagne nimmt spanische Unternehmen ins Visier
by
in SecurityNews
Tags: malwareUm Bedrohungen wie der ‘Iberian Infiltrator-Kampagne effektiv entgegenzuwirken, ist ein mehrschichtiger Sicherheitsansatz entscheidend. Dazu zählen re… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neue-malware-kampagne-nimmt-spanische-unternehmen-ins-visier/a37191/
-
Zscaler analysiert neue Backdoor-Bedrohung MadMxShell
by
in SecurityNewsDie Gefahr, die von dieser Malvertising-Kampagne ausgeht, zeigt ein hohes Maß an fortschrittlichen Taktiken, Techniken und Vorgehensweisen, die auf IT… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zscaler-analysiert-neue-backdoor-bedrohung-madmxshell/a37271/
-
Malware Ranking: Aufstieg des Multi-Plattform-Trojaners Androxgh0st
by
in SecurityNews
Tags: malwareIm vergangenen Monat stellten die Security-Forscher eine deutliche Zunahme von Androxgh0st-Angriffen fest. Die Malware wird als Werkzeug für den Diebs… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/malware-ranking-aufstieg-des-multi-plattform-trojaners-androxgh0st/a37365/
-
Malware-Gefahr auf TikTok und wie man den Konten-Klau verhindert
by
in SecurityNewsBei TikTok habe man zwar bereits Gegenmaßnahmen eingeleitet, doch wer ein Konto besitzt, sollte umgehend die Zwei-Faktor-Authentifizierung (2FA) einri… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/malware-gefahr-auf-tiktok-und-wie-man-den-konten-klau-verhindert/a37540/
-
Check Point deckt Android-Malware Rafel RAT auf
by
in SecurityNewsDie Entdeckung von Rafel RAT zeigt, wie vielseitig und gefährlich Android-Malware sein kann und unterstreicht die Notwendigkeit ständiger Wachsamkeit … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-deckt-android-malware-rafel-rat-auf/a37641/
-
Iranische Angreifer missbrauchen Backdoor für SpearAngriffe
by
in SecurityNewsIn den meisten Beispielen erstellt BugSleep eine geplante Aufgabe mit demselben Namen wie die Mutex, die die Persistenz der Malware gewährleistet. Die… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/iranische-angreifer-missbrauchen-backdoor-fuer-phishing-angriffe/a37886/
-
Check Point entdeckt erfolgreiches Malware-Netzwerk auf GitHub
by
in SecurityNewsGitHub, der weltweit größte Quellcode-Host, ist integraler Bestandteil von über 100 Millionen Entwicklern und bietet mehr als 420 Millionen Repositori… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-entdeckt-erfolgreiches-malware-netzwerk-auf-github/a37903/
-
Check Point: Meistverbreitete Malware im Juli 2024: Remcos und RansomHub
by
in SecurityNewsCheck Point Research hat seinen Global Threat Index für Juli 2024 veröffentlicht. Trotz eines deutlichen Rückgangs im Juni ist LockBit im vergangenen … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-meistverbreitete-malware-im-juli-2024-remcos-und-ransomhub/a38046/