Recherche : [Malware]

Hadooken Malware Targets Weblogic Applications https://www.aquasec.com/blog/hadooken-malware-targets-weblogic-applications/

16/09/2024 15:59:33

Nautilus researchers identified a new Linux malware targeting Weblogic servers with running Hadooken malware

'Vo1d' Trojan Malware Infects 1.3 Million Android-Based TV Boxes Globally https://www.pcmag.com/news/vo1d-trojan-malware-infects-13-million-android-tv-boxes-globally

14/09/2024 21:27:36

Antivirus firm Dr.Web has flagged a type of Android malware known as Android.Vo1d that has infected about 1.3 million TV boxes across 197 countries.

The malware effectively enables a backdoor into the TV box's system that allows an attacker to download and install malicious third-party software. The R4 TV box model running Android 7.1.2, a TV Box running Android 12.1, and the KJ-SMART4KVIP TV box running Android 10.1 were the types of devices reportedly impacted.

Fake OnlyFans Checker Tool Infects Hackers with Lummac Stealer Malware https://hackread.com/onlyfans-checker-tool-hackers-lummac-stealer-malware/

07/09/2024 11:47:11

Cybersecurity experts uncover the infamous Lummac Stealer malware, disguised as an OnlyFans "Checker" tool, targeting hackers.

The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort” https://www.proofpoint.com/us/blog/threat-insight/malware-must-not-be-named-suspected-espionage-campaign-delivers-voldemort

02/09/2024 18:34:01

Key findings Proofpoint researchers identified an unusual campaign delivering malware that the threat actor named “Voldemort”. Proofpoint assesses with moderate confidence the goal of the activi...

Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant https://unit42.paloaltonetworks.com/global-protect-vpn-spoof-distributes-wikiloader/

02/09/2024 16:28:57

Unit 42 discusses WikiLoader malware spoofing GlobalProtect VPN, detailing evasion techniques, malicious URLs, and mitigation strategies. Unit 42 discusses WikiLoader malware spoofing GlobalProtect VPN, detailing evasion techniques, malicious URLs, and mitigation strategies.

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises https://www.bleepingcomputer.com/news/security/fake-palo-alto-globalprotect-used-as-lure-to-backdoor-enterprises/

30/08/2024 08:27:26

Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further.

HZ Rat backdoor for macOS harvests data from WeChat and DingTalk https://securelist.com/hz-rat-attacks-wechat-and-dingtalk/113513/

28/08/2024 20:42:23

Kaspersky experts discovered a macOS version of the HZ Rat backdoor, which collects user data from WeChat and DingTalk messengers.

WordPress Websites Used to Distribute ClearFake Trojan Malware https://blog.sucuri.net/2024/08/wordpress-websites-used-to-distribute-clearfake-trojan-malware.html

26/08/2024 09:15:16

Learn about the ClearFake Trojan malware distributed via WordPress sites, its tactics, and how to safeguard your online experience.

MacOS X Malware Development https://0xf00sec.github.io/0x1A

25/08/2024 23:26:49

In today’s post, We’ll explore the process of designing and developing malware for macOS, which is a Unix-based operating system. We’ll use a classic approach to understanding Apple’s internals. To follow along, you should have a basic understanding of exploitation, as well as knowledge of C and Python programming, and some familiarity with low-level assembly language. While the topics may be advanced, I’ll do my best to present them smoothly.

Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules https://www.aon.com/en/insights/cyber-labs/unveiling-sedexp

25/08/2024 19:50:44

Stroz Friedberg identified a stealthy malware, dubbed “sedexp,” utilizing Linux udev rules to achieve persistence and evade detection. This advanced threat, active since 2022, hides in plain sight while providing attackers with reverse shell capabilities and advanced concealment tactics.

TodoSwift Disguises Malware Download Behind Bitcoin PDF https://www.kandji.io/blog/todoswift-disguises-malware-download-behind-bitcoin-pdf

24/08/2024 12:18:51

A new piece of malware that we're calling TodoSwift downloads its malicious payload alongside a seemingly legitimate piece of content about cryptocurrency.

NGate Android malware relays NFC traffic to steal cash https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/

23/08/2024 10:25:56

ESET Research uncovers Android malware that relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM.

Gafgyt Malware Variant Exploits GPU Power and Cloud Native Environments https://www.aquasec.com/blog/gafgyt-malware-variant-exploits-gpu-power-and-cloud-native-environments/

15/08/2024 08:37:48

Aqua Nautilus researchers discovered a new variant of Gafgyt targeting machines with weak SSH passwords.

Extension Trojan Malware Campaign https://reasonlabs.com/research/new-widespread-extension-trojan-malware-campaign

14/08/2024 17:49:30

Malwares make no distinction between corporate and personal devices. Therefore, past perceptions of different levels of antivirus for businesses and households must be challenged. ReasonLabs is the first endpoint protection based on a multilayered machine-learning engine, that provides enterprise-grade security for all your personal devices.

A Dive into Earth Baku’s Latest Campaign https://www.trendmicro.com/en_us/research/24/h/earth-baku-latest-campaign.html

12/08/2024 08:45:14

Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the Godzilla webshell for command and control.

Ransomware gang targets IT workers with new SharpRhino malware https://www.bleepingcomputer.com/news/security/hunters-international-ransomware-gang-targets-it-workers-with-new-sharprhino-malware/

06/08/2024 09:55:35

The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks.

Black Basta ransomware switches to more evasive custom malware https://www.bleepingcomputer.com/news/security/black-basta-ransomware-switches-to-more-evasive-custom-malware/

03/08/2024 21:04:49

The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network.

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova https://thehackernews.com/2024/07/cyber-espionage-group-xdspy-targets.html

03/08/2024 21:01:33

Russian and Moldovan companies targeted by XDSpy phishing campaign, deploying DSDownloader malware, amid escalating cyber conflicts.

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft https://www.trendmicro.com/en_us/research/24/h/malvertising-campaign-fake-ai-editor-website-credential-theft.html

03/08/2024 02:04:24

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

Google ads push fake Google Authenticator site installing malware https://www.bleepingcomputer.com/news/security/google-ads-push-fake-google-authenticator-site-installing-malware/

31/07/2024 19:49:22

Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware.

Liens par page

Filtres