Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 6
111 résultats taggé malware  ✕
Onenote Malware: Classification and Personal Notes https://marcoramilli.com/2023/02/04/onenote-malware-classification-and-personal-notes/
06/02/2023 18:59:12
QRCode
archive.org
thumbnail

During the past 4 months Microsoft Onenote file format has been (ab)used as Malware carrier by different criminal groups. While the main infection vector is still on eMail side - so nothing really relevant to write on - the used techniques, the templates and the implemented code to inoculate Malware changed a lot. So it…

marcoramilli EN 2023 OneNote abused technical Malware
OneNote Documents Increasingly Used to Deliver Malware https://www.proofpoint.com/us/blog/threat-insight/onenote-documents-increasingly-used-to-deliver-malware
01/02/2023 22:06:17
QRCode
archive.org
thumbnail

Key Findings:

  • The use of Microsoft OneNote documents to deliver malware via email is increasing.
  • Multiple cybercriminal threat actors are using OneNote documents to deliver malware.
  • While some campaigns are targeted at specific industries, most are broadly targeted and include thousands of messages.
  • In order to detonate the payload, an end-user must interact with the OneNote document.
  • Campaigns have impacted organizations globally, including North America and Europe.
  • TA577 returned from a month-long hiatus in activity and began using OneNote to deliver Qbot at the end of January 2023.
proofpoint EN 2023 OneNote Documents Malware AsyncRAT IoCs Redline AgentTesla DOUBLEBACK
HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign https://blog.aquasec.com/headcrab-attacks-servers-worldwide-with-novel-state-of-art-redis-malware
01/02/2023 21:42:57
QRCode
archive.org
thumbnail

HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign
Aqua Nautilus researchers discovered a new elusive and severe threat that has been infiltrating and residing on servers worldwide since early September 2021. Known as HeadCrab, this advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers. The HeadCrab botnet has taken control of at least 1,200 servers.

This blog will delve into the details of the HeadCrab attack, examining its methods of operation, techniques used to evade detection, and steps organizations can take to safeguard their systems.

aquasec EN 2023 State-of-the-Art Redis Malware HeadCrab
Google sponsored ads malvertising targets password manager https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager
01/02/2023 19:36:45
QRCode
archive.org
thumbnail

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system.

malwarebytes EN 2023 Google googleads passwordmanagers malware
Analyzing and remediating a malware infested T95 TV box from Amazon https://www.malwarebytes.com/blog/news/2023/01/preinstalled-malware-infested-t95-tv-box-from-amazon
31/01/2023 22:59:54
QRCode
archive.org
thumbnail

Find out why one of our Android experts has been obsessing over a little black box from Amazon.

malwarebytes EN 2023 howto T95 TVbox malware Android
IT specialists search and recruitment on the dark web https://securelist.com/darknet-it-headhunting/108526/
30/01/2023 11:20:30
QRCode
archive.org
thumbnail

We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like.

securelist EN 2023 Darknet Data-theft Hackers Malware Malware-Creators recruitment profiling
Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results https://www.sentinelone.com/blog/breaking-down-the-seo-poisoning-attack-how-attackers-are-hijacking-search-results/
21/01/2023 22:56:51
QRCode
archive.org
thumbnail

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

sentinelone EN 2023 SEO poisoning Hijacking Search Results googleads malware web malicious
Batloader Malware Abuses Legitimate Tools Uses Obfuscated JavaScript Files in Q4 2022 Attacks https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
19/01/2023 20:11:10
QRCode
archive.org
thumbnail

We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader).

trendmicro EN 2023 Malware Batloader analysis
Can you rely on macOS Ventura for malware protection? https://eclecticlight.co/2023/01/03/can-you-rely-on-macos-ventura-for-malware-protection/
18/01/2023 13:41:10
QRCode
archive.org
thumbnail

Samples of four malicious software downloaded and run on macOS 13.1. Could it detect and block them effectively? Or do you need 3rd party protection?

eclecticlight EN 2023 macOS malware protection Ventura
7 Ways Threat Actors Deliver macOS Malware in the Enterprise https://www.sentinelone.com/blog/7-ways-threat-actors-deliver-macos-malware-in-the-enterprise/
18/01/2023 13:38:11
QRCode
archive.org
thumbnail

Stay ahead of the game with our review on macOS malware threats. Learn about the top techniques used by threat actors to deliver malware and how to build more resilient defenses.

sentinelone EN 2023 macOS Malware Enterprise threats
InfoSec Handlers Diary Blog - SANS Internet Storm Center https://isc.sans.edu/diary/29448
18/01/2023 13:37:13
QRCode
archive.org
thumbnail

Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware

SANS EN 2023 googleads Fake Notepad Aurora Stealer malware
Google Ads Exploited to Spread Malware https://heimdalsecurity.com/blog/google-ads-exploited-to-spread-malware/
18/01/2023 13:34:43
QRCode
archive.org
thumbnail

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

heimdalsecurity EN 2022 googleads abuse Malware Exploited
“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets https://labs.guard.io/masquerads-googles-ad-words-massively-abused-by-threat-actors-targeting-organizations-gpus-42ae73ee8a1e
18/01/2023 13:31:41
QRCode
archive.org

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

labs.guard.io EN 2022 googleads technique advertisement abuse malware distribution
Accidentally Crashing a Botnet https://www.akamai.com/blog/security-research/kmsdbot-part-two-crashing-a-botnet
15/01/2023 16:15:38
QRCode
archive.org
thumbnail

As part of our research into the cryptomining botnet kmsdbot, we rendered it useless.

akamai EN 2022 Security-Research Research Bot-Attacks DDOS Bot-Attacks Cyber-Security Research Security-Research Kmsdbot botnet SIRT cryptomining crash malware
Misconfigured PostgreSQL Used to Target Kubernetes Clusters https://www.databreachtoday.eu/misconfigured-postgresql-used-to-target-kubernetes-clusters-a-20899?s=09
11/01/2023 11:33:08
QRCode
archive.org
thumbnail

Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained

databreachtoday EN 2023 PostgreSQL Kubernetes Misconfigured malware Kinsing
Raspberry Robin's botnet second life https://blog.sekoia.io/raspberry-robins-botnet-second-life/
10/01/2023 20:52:19
QRCode
archive.org
thumbnail

Raspberry Robin appears to be a type of Pay-Per-Install botnet, likely to be used by cybercriminals to distribute other malware.

sekoia EN 2023 RaspberryRobin Pay-Per-Install botnet cybercriminals malware
How do you know when macOS detects and remediates malware? https://eclecticlight.co/2023/01/04/how-do-you-know-when-macos-detects-and-remediates-malware/
04/01/2023 21:12:28
QRCode
archive.org
thumbnail

macOS may alert you when you’re trying to open or run a file, with an alert informing you that malware was detected. But what about in scans?

eclecticlight EN 2023 malware alert macos XProtect Remediator
Shc Linux Malware Installing CoinMiner https://asec.ahnlab.com/en/45182/
04/01/2023 12:14:36
QRCode
archive.org
thumbnail

The ASEC analysis team recently discovered that a Linux malware developed with Shc has been installing a CoinMiner. It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system. Among those installed were the Shc downloader, XMRig CoinMiner installed through the former, and DDoS IRC Bot, developed with Perl.

asec 2023 EN Shell Script Compiler analysis Linux Malware CoinMiner Shc
The Mac Malware of 2022 👾 https://objective-see.org/blog/blog_0x71.html
02/01/2023 19:48:36
QRCode
archive.org
thumbnail

A comprehensive analysis of the year's new malware

objective-see 2022 EN malware macos analysis
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information https://blog.cyble.com/2022/12/23/new-youtube-bots-malware-spotted-stealing-users-sensitive-information/
30/12/2022 11:55:50
QRCode
archive.org
thumbnail

New YouTube Bot Malware Spotted Stealing User’s Sensitive Information

Cyble EN 2022 Malware Bot YouTube stealer analysis
page 1 / 6
1033 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio