Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor... weiterlesen

A PDF is one of the most frequently used file formats for sending documents, commonly used everywhere, a successful replacement ... Read more The post... weiterlesen

In this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, discusses newly found PyPI packages that pack ransomware, and another... weiterlesen

After almost 6 months of war with Ukraine, Russia seems to have hit it digitally and so is reportedly launching wiper cyber attacks that could clean off... weiterlesen

... weiterlesen

Threat actors associated with the Cuba ransomware have been linked to previously undocumented tactics, techniques and procedures (TTPs), including a new... weiterlesen

A wave of cybercriminals spreading malware families – including QakBot, IceID, Emotet, and RedLine Stealer – are shifting to shortcut (LNK) files for... weiterlesen

A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access... weiterlesen

... weiterlesen

... weiterlesen

Critical infrastructure cybersecurity vendor OPSWAT has announced new malware analysis capabilities for IT and operational technology (OT). Revealed at... weiterlesen

Critical infrastructure cybersecurity vendor OPSWAT has announced new malware analysis capabilities for IT and operational technology (OT). Revealed at... weiterlesen

OPSWAT announced new malware analysis capabilities for IT and OT at the Black Hat USA 2022 conference. These enhancements include OPSWAT Sandbox for OT... weiterlesen

... weiterlesen

Researchers have discovered more details on the newly discovered Android spyware 'Dracarys,' used by the Bitter APT group in cyberespionage operations... weiterlesen

Die US-IT-Sicherheitsbehörde CISA und das australische Cyber Security Center haben zusammengetragen, welche Malware-Stämme 2021 am häufigsten beobachtet... weiterlesen

A joint advisory from the U.S. and Australia offers tips on combating the top malware strains of 2021, including Agent Tesla, LokiBot, Qakbot, TrickBot... weiterlesen

An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry... weiterlesen

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have published a joint advisory to detail... weiterlesen

... weiterlesen

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family... weiterlesen

The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan (RAT), which they named Woody RAT, and which has been active for at... weiterlesen

... weiterlesen

Facebook security researchers released their second quarter Adversarial Threat Report that confirms two APT groups using a new android malware dubbed Dracarys.... weiterlesen

... weiterlesen

Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected... weiterlesen

By Keegan Keplinger, Research and Reporting Lead, Threat Response Unit, eSentire In March eSentire’s security research team, the […] The post eSentire... weiterlesen

A nascent service called Dark Utilities has already attracted 3,000 users for its ability to provide command-and-control (C2) services with the goal of... weiterlesen

... weiterlesen

... weiterlesen

Nozomi Networks Labs hat soeben seinen neuesten OT/IoT Security Report veröffentlicht. Wie der Bericht zeigt, hatten Wiper-Malware, die Aktivitäten von... weiterlesen

VIPRE Security Group announced it is preparing to add a new cybersecurity tool to its comprehensive suite of offerings. The new solution, VIPRE Endpoint... weiterlesen

A new botnet called 'RapperBot' has emerged in the wild since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers and then establishing... weiterlesen

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a list of the topmost detected malware strains last year in a joint advisory... weiterlesen

... weiterlesen

BeatRev Version 2 The first time the malware runs on a victim it AES encrypts the actual payload(an RDLL) using... The post BeatRev: frustrating/defeating... weiterlesen

BeatRev Version 2 The first time the malware runs on a victim it AES encrypts the actual payload(an RDLL) using... The post BeatRev: frustrating/defeating... weiterlesen

An unknown threat actor has been targeting Russian entities with a newly discovered remote access trojan called Woody RAT for at least a year as part of... weiterlesen

An unknown threat actor has been targeting Russian entities with a newly discovered remote access trojan called Woody RAT for at least a year as part of... weiterlesen

... weiterlesen

Google-owned malware analysis service VirusTotal has published a report showing how threat actors abuse trust to bypass defenses and deliver their malware. According... weiterlesen

... weiterlesen

Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely.... weiterlesen

A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange... weiterlesen

Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several new file types threat... weiterlesen

NEW YORK–(BUSINESS WIRE)–Deep Instinct, the first company to apply end-to-end deep learning to cybersecurity, today delivered Deep Instinct Prevention... weiterlesen

Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase... weiterlesen

Ein Sicherheitsforscher hat eine groß angelegte Malware-Kampagne entdeckt, die versucht, sich durch einfache Pull Requests einzuschmuggeln. (Github, Malware)... weiterlesen

... weiterlesen

With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there is now something... weiterlesen

Underground forums are so last year. Telegram, Discord offer better privacy, functionality to criminals, says Intel 471 Cybercriminals are turning to messaging... weiterlesen

One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve... weiterlesen

Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted... weiterlesen

... weiterlesen

Gootkit access-as-a-service (AaaS) malware is back with tactics and fileless delivery of Cobalt Strike beacons. Gootkit runs on an access-a-as-a-service model,... weiterlesen

... weiterlesen

... weiterlesen

Researchers have found a new malware, “Ducktail,” that attempts to hack Facebook Business accounts via… Ducktail Malware Targets Facebook Business... weiterlesen

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. Trend Micro... weiterlesen

... weiterlesen

Sicherheitsforscher warnen jetzt davor, dass Hacker das Windows Defender-Befehlszeilentool MpCmdRun.exe missbrauchen, um unbemerkt Malware zu verbreiten.... weiterlesen

... weiterlesen

A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware. These... weiterlesen

In the age of EDR, red team operators cannot get away with using pre-compiled payloads anymore. As such, malware development is becoming a vital skill... weiterlesen

Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where... weiterlesen

Der österreichische Staatstrojaner-Hersteller DSIRF verwahrt sich gegen die Vorwürfe Microsofts, Malware beliebig an jeden Interessierten zu verkaufen.... weiterlesen

... weiterlesen

Authored by Dexter Shin McAfee’s Mobile Research Team has identified new malware on the Google Play Store. Most of them... The post New HiddenAds malware... weiterlesen

With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they... weiterlesen

Bis vor kurzem haben Cyberkriminelle Linux im Vergleich zu anderen, populäreren Betriebssystemen weitgehend ignoriert. Die neuen Daten zeigen jedoch,... weiterlesen

Bis vor kurzem haben Cyberkriminelle Linux im Vergleich zu anderen, populäreren Betriebssystemen weitgehend ignoriert. Die neuen Daten zeigen jedoch,... weiterlesen

Malware – what are the threats? Malware can come from and in a variety of attack vectors. Besides using ‘traditional’ methods of spreading malware,... weiterlesen

A novel malware named CosmicStrand is said to be targeting the old motherboards offered by Asus and Gigabyte and the crux is that it can survive operating... weiterlesen

... weiterlesen

Ducktail malware tries to hijack the accounts of individuals who use Facebook’s Business and Ads platforms, says WithSecure Intelligence. The post Infostealer... weiterlesen

As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware. "All... weiterlesen

Microsoft has linked a threat group it tracks as Knotweed to a cyber mercenary outfit (aka private-sector offensive actor) named DSIRF, targeting European... weiterlesen

2022 stieg das Malware-Volumen erstmals wieder, bei gleichzeitig weniger Ransomware-Attacken – zumindest global, denn in Europa gilt der gegensätzliche... weiterlesen

Security researchers have observed an uptick in new Luca Stealer samples after the malware’s source code was made public. Coded in Rust, the malware... weiterlesen

Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially... weiterlesen

Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys Security vendor WithSecure, which was spun out in... weiterlesen

An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using... weiterlesen

Helsinki-based cybersecurity vendor WithSecure (formerly F-Secure Business) says it has discovered an operation, dubbed “DUCKTAIL,” that uses social... weiterlesen

... weiterlesen

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial... weiterlesen

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial... weiterlesen

A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times... weiterlesen

Cool, another Rust project ... Oh A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities... weiterlesen

Be ready for a rebound, and protect yourself with patching and segmentation SonicWall has published its latest threat report, showing a drop in ransomware... weiterlesen

... weiterlesen

An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader. The attacks hinge on tricking users... weiterlesen

Chinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

After a four-year Sabbatical, the infamous Amadey Bot malware has returned with even more crafty tricks up its sleeve. The malware was recently detected... weiterlesen

... weiterlesen

Threat analysts have uncovered a new campaign attributed to APT37, a North Korean group of hackers, targeting high-value organizations in the Czech Republic,... weiterlesen

... weiterlesen

... weiterlesen