Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 3
50 résultats taggé Malware  ✕
Last Week on My Mac: Is your Mac still secure from malware? https://eclecticlight.co/2022/08/07/last-week-on-my-mac-is-your-mac-still-secure-from-malware/
07/08/2022 11:16:02
QRCode
archive.org
thumbnail

If you’re still running macOS Mojave or earlier, now is the time to take action to ensure your Mac maintains protection against malware.

eclecticlight 2022 EN macOS malware protection
Raccoon Stealer v2: The Latest Generation of the Raccoon Family https://www.zscaler.com/blogs/security-research/raccoon-stealer-v2-latest-generation-raccoon-family
02/08/2022 08:02:58
QRCode
archive.org
thumbnail

Raccoon is a malware family that has been sold as malware-as-a-service on underground forums since early 2019. In early July 2022, a new variant of this malware was released. The new variant, popularly known as Raccoon Stealer v2, is written in C unlike previous versions which were mainly written in C++.

zscaler EN 2022 Raccoon malware malware-as-a-service Stealer
Microsoft links Raspberry Robin malware to Evil Corp attacks https://www.bleepingcomputer.com/news/security/microsoft-links-raspberry-robin-malware-to-evil-corp-attacks/
30/07/2022 11:33:31
QRCode
archive.org
thumbnail

Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics.

Evil-Corp bleepingcomputer EN 2022 DEV-206 DEV-243 FakeUpdates Malware Ransomware Raspberry-Robin Worm
LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities https://www.trendmicro.com/en_us/research/22/g/lockbit-ransomware-group-augments-its-latest-variant--lockbit-3-.html
28/07/2022 08:40:45
QRCode
archive.org
thumbnail

In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are similar to those of the BlackMatter ransomware

trendmicro EN 2022 analysis lockbit blackmatter malware
Russia Released a Ukrainian App for Hacking Russia That Was Actually Malware https://www.vice.com/en/article/bvmnxd/russia-released-a-ukrainian-app-for-hacking-russia-that-was-actually-malware
20/07/2022 22:19:28
QRCode
archive.org
thumbnail

Google researchers said the app was designed to figure out who may want to use this kind of app.

vice 2022 EN malware Russia Russia-Ukraine-war app spy cyberwarefare
Joker, Facestealer and Coper banking malwares on Google Play store https://www.zscaler.com/blogs/security-research/joker-facestealer-and-coper-banking-malwares-google-play-store
19/07/2022 08:43:01
QRCode
archive.org
thumbnail

Joker, Facestealers and Banker swarming Google Play store

zscaler EN 2022 Android Joker FaceStealer Coper Exobot Malware GooglePlay store apps analysis
ChromeLoader: New Stubborn Malware Campaign https://unit42.paloaltonetworks.com/chromeloader-malware/
17/07/2022 08:47:41
QRCode
archive.org

In January 2022, a new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands of users and organizations.

unit42 EN 2022 ChromeLoader malware browser hijacker adware extension
Il malware EnvyScout (APT29) è stato veicolato anche in Italia https://cert-agid.gov.it/news/il-malware-envyscout-apt29-e-stato-veicolato-anche-in-italia/
09/07/2022 07:00:14
QRCode
archive.org
thumbnail

Il malware EnvyScout (APT29) è stato veicolato anche in Italia

govit IT 2022 APT29 Italia malware EnvyScout IoC report
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
07/07/2022 07:30:53
QRCode
archive.org

Unit 42 continuously hunts for new and unique malware samples that match known advanced persistent threat (APT) patterns and tactics. On May 19, one such sample was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.

unit42 EN 2022 BruteRatelC4 CobaltStrike redteam APT BRc4 C2 malware
Microsoft finds Raspberry Robin worm in hundreds of Windows networks https://www.bleepingcomputer.com/news/security/microsoft-finds-raspberry-robin-worm-in-hundreds-of-windows-networks/
03/07/2022 12:03:15
QRCode
archive.org
thumbnail

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

Bleepingcomputer EN 2022 Malware Microsoft Raspberry-Robin raspberryrobin USB Windows Worm Security Detection
Flubot: the evolution of a notorious Android Banking Malware https://blog.fox-it.com/2022/06/29/flubot-the-evolution-of-a-notorious-android-banking-malware/?s=09
01/07/2022 07:48:54
QRCode
archive.org
thumbnail

Flubot is an Android based malware that has been distributed in the past 1.5 years in
Europe, Asia and Oceania affecting thousands of devices of mostly unsuspecting victims.
Like the majority of Android banking malware, Flubot abuses Accessibility Permissions and Services
in order to steal the victim’s credentials, by detecting when the official banking application
is open to show a fake web injection, a phishing website similar to the login form of the banking
application. An important part of the popularity of Flubot is due to the distribution
strategy used in its campaigns, since it has been using the infected devices to send
text messages, luring new victims into installing the malware from a fake website.
In this article we detail its development over time and recent developments regarding
its disappearance, including new features and distribution campaigns.

foxit EN 2022 Flubot Android Banking Malware evolution research
The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact https://securelist.com/the-sessionmanager-iis-backdoor/106868/
30/06/2022 22:25:26
QRCode
archive.org
thumbnail

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

securelist EN 2022 APT Backdoor Malware Microsoft Exchange Targeted IIS-attacks Vulnerabilities GELSEMIUM
Conti vs. LockBit: A Comparative Analysis of Ransomware Groups https://www.trendmicro.com/en_us/research/22/f/conti-vs-lockbit-a-comparative-analysis-of-ransomware-groups.html
28/06/2022 20:50:49
QRCode
archive.org
thumbnail

We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June 27, 2022.

trendmicro EN 2022 Conti Lockbit malware cyber-crime research cyber-threats endpoints ransomware articles news reports
There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families https://unit42.paloaltonetworks.com/api-hammering-malware-families/
26/06/2022 13:26:06
QRCode
archive.org
thumbnail

Learn about the unique implementations of API Hammering malware samples and how to mitigate them.

unit42 API Hammering EN 2022 malware API-Hammering Zloader BazarLoader
BRATA is evolving into an Advanced Persistent Threat https://www.cleafy.com/cleafy-labs/brata-is-evolving-into-an-advanced-persistent-threat?s=09
20/06/2022 08:49:35
QRCode
archive.org
thumbnail

Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.

cleafy 2022 EN malware BRATA APT phishing analysis IOCs banker
Police Linked to Hacking Campaign to Frame Indian Activists https://www.wired.com/story/modified-elephant-planted-evidence-hacking-police/
16/06/2022 21:36:26
QRCode
archive.org
thumbnail

New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest.

Wired en 2022 crime malware hacking India police spyware activists
Linux Threat Hunting: 'Syslogk' a kernel rootkit found under development in the wild https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/
14/06/2022 09:44:10
QRCode
archive.org
thumbnail

Introduction Rootkits are dangerous pieces of malware. Once in place, they are usually really hard to detect. Their code is typically more challenging to write than other malware, so developers resort to code reuse from open source projects. As rootkits are very interesting to analyze, we are always looking out for these kinds of samples […]

avast EN 2022 Rootkit Linux Syslogk malware Adore-Ng
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat https://www.intezer.com/blog/research/new-linux-threat-symbiote/
10/06/2022 08:19:14
QRCode
archive.org
thumbnail

Symbiote is a new Linux malware we discovered that acts in a parasitic nature, infecting other running processes to inflict damage on machines.

intezer 2022 EN research Symbiote malware BPF Linux Threat
SVCReady: A New Loader Gets Ready https://threatresearch.ext.hp.com/svcready-a-new-loader-reveals-itself/
07/06/2022 14:48:46
QRCode
archive.org
thumbnail

Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.

threatresearch EN 2022 SVCReady Loader Windows malware VBA Macro research
Android FluBot enters Switzerland – SWITCH Security-Blog https://securityblog.switch.ch/2021/06/19/android-flubot-enters-switzerland/
02/06/2022 10:43:14
QRCode
archive.org
thumbnail

FluBot is a new Android malware first discovered in December 2020. During the first few months, FluBot has been active in Spain, Hungary and Poland. Since then, the development of the malware advan…

FluBot switchCH EN 2022 malware Android
page 1 / 3
493 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio