malware

Join the Telegram channel Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement in a financially motivated cybercriminal hacking collective known as Fxmsp that the Department of Justice says cost victims tens of millions of dollars. Turchin — who […]

Join the Telegram channel Researchers have developed a decryption tool for the recently discovered EvilQuest ransomware program designed to target Mac machines. But several analysts now concur that EvilQuest’s malicious encryption may be more of a decoy, while the program’s true purpose appears to be data exfiltration. In a new […]

Join the Telegram channel A new blog post and research report from the Lookout Threat Intelligence Team has exposed the lengths to which a reputed Chinese government-sponsored APT operation has allegedly gone to track the country’s Uyghur minority population, including the trojanization of mobile apps with surveillanceware. Lookout details four […]

Join the Telegram channel The actors behind a campaign to spread GoldenSpy malware via tax accounting software used by customers of a Chinese bank have recently attempted to distribute an uninstaller that deletes the backdoor in an apparent attempt to cover up their illicit activities. In a previous company blog post and […]

Join the Telegram channel After publishing a final security update for Magento 1 last week, Adobe is ending support for its popular 12-year-old ecommerce platform. “If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have […]

Join the Telegram channel StrongPity, aka Promethium, a potentially state-sponsored APT group active since 2012, isn’t letting exposed campaigns in recent years stop it from trying to install malware around the world, particularly in warzones such as Syria. Two separate reports this week from Cisco Talos and Bitdefender suggest the […]

Join the Telegram channel A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers SYSTEM-level privileges, researchers warn. In a company blog post and more detailed threat report, Trustwave and its SpiderLabs team identified the accounting softwa […]

Join the Telegram channel The University of California, San Francisco (UCSF) ponied up a $1.4 million to hackers to retrieve data encrypted during a NetWalker ransomware attack disclosed in early June.  “The data that was encrypted is important to some of the academic work we pursue as a university serving […]

Join the Telegram channel Glupteba malware does something novel: It uses the bitcoin blockchain as a communications channel to receive updated configuration information. That’s important because malware always needs a way to go back to its home base, preferably without being detected, according to a paper released this week by […]

Join the Telegram channel A military-themed malware campaign targeting military and government organizations in South Asia unleashes “maldocs” that spread full remote-access trojan (RAT) capabilities. The multistage chain attack, which began in 2018, infects endpoints with customized beacons and a modular dropper that Talos calls IndigoDrop, which executes the final […]

Join the Telegram channel Researchers have discovered a new variant of Shlayer Mac malware that  bypasses Apple’s built-in security protections and is being spread via malicious results from Google web searches. Shlayer is used generally to distributed bundled adware or unwanted programs. According to a company blog post from Intego, […]

Join the Telegram channel Researchers at Awake Security have made news over the past 24 hours exposing a scheme in which some 79 malicious Google extensions were found on the Chrome Web Store as recently as the first week of May. While much of the news focused on the malicious […]

Join the Telegram channel “Two can play at this game…” Cybersecurity is a non-stop arms race between white hats and malicious hackers, and the three “A’s” — automation, analytics and artificial intelligence — are among the more powerful defensive tools that CISOs can implement to defend their organizations. But cybercriminals […]

Join the Telegram channel A cyber espionage operation used fake job offers, sent via LinkedIn messages, to target employees at aerospace and military companies in Europe and the Middle East late last year, researchers from ESET have reported. The highly targeted campaign — dubbed Operation In(ter)ception (an allusion to one […]

Want to stay up to date? Join the Telegram channel here By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to researchers who say it has added some detection and research evasion techniques to its arsenal. “It has a new […]

Want to stay up to date? Join the Telegram channel here A malware campaign is abusing the popular machine-learning (ML) framework Kubeflow in order to target Kubernetes clusters with a crypto miner, Microsoft’s Azure Security Center (ASC) warns. Tens of clusters running on the Kubernetes open-source container orchestration system have […]

Want to stay up to date? Join the Telegram channel here The Gamaredon threat group has built a post-compromise tool arsenal that includes remote template injectors for Word and Excel documents as well as a unique Outlook mass-mailing macro, researchers recently discovered. The tools, previously undocumented, boast a VBA macro […]

Want to stay up to date? Join the Telegram channel here Scammers often craft social engineering schemes around major crises and news events, as demonstrated by the wealth of coronavirus-themed phishing campaigns seen this year. Now, as massive U.S. and global protests continue following the May 25 killing of George […]