The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey.

Korean telecom company KT Corporation sent malware to its subscribers who use Webhard's Grid Service peer-to-peer sharing program to hide their files and stop them from using the service.

In this article, we analyze XZ backdoor behavior inside OpenSSH, after it has achieved RSA-related function hook.

Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources.

However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even system vulnerabilities.

Uncover an in-depth analysis of PikaBot, a malware loader used by Initial Access Brokers for network compromise and ransomware deployment.

Researchers have discovered several vulnerabilities in popular WordPress plugins that allow attackers to create rogue admin accounts.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

A macOS version of the LightSpy surveillance framework has been discovered, confirming the extensive reach of a tool only previously known for targeting Android and iOS devices.

The Kaspersky GERT has detected a VBS script that has been abusing Microsoft Windows features by modifying the system to lower the defenses and using the local MS BitLocker utility to encrypt entire drives and demand a ransom.
#BitLocker #Data #Descriptions #Encryption #Incident #Malware #Microsoft #Ransomware #Technologies #Windows #response

Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad.

Learn how the Log4j vulnerability (CVE-2021-44228) is exploited by XMRig cryptominer malware. Discover attack methods, indicators, and effective mitigation strategies.

Recent infostealer malware campaign utilizing fake Homebrew websites to deliver Cuckoo and AtomicStealer.

Russia-Linked APT28 Strikes Poland with Malware Campaign Polish government bodies were hit by a sophisticated malware attack orchestrated by the infam

Executive Summary: The Black Lotus Labs team at Lumen Technologies is tracking a malware platform we’ve named Cuttlefish, that targets networking equipment, specifically enterprise-grade small office/home office (SOHO) routers. This malware is modular, designed primarily to steal authentication material found in web requests that transit the router from the adjacent local area network (LAN). A

Attackers are using Docker Hub for malicious campaigns of various types, including spreading malware, phishing and scams. Read the analysis of 3 malware campaigns.

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder.

Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process.

Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor that has been active since early 2023. Its modular design is comprised of a

Throughout the past few months, several publications have written about a North Korean threat actor group’s use of NPM packages to deploy malware to developers and other unsuspecting victims. This blog post provides additional details regarding the second and third-stage malware in these attacks, which these publications have only covered in limited detail.

Key takeaways  Proofpoint identified multiple YouTube channels distributing malware by promoting cracked and pirated video games and related content.  The video descriptions include links leading t...