FreshRSS

πŸ”’
❌ About FreshRSS
☷
β–½ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Malware Builder Leverages Discord Webhooks

By Nate Nelson
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.

Threat Actors Use Telegram to Spread β€˜Eternity’ Malware-as-a-Service

By Elizabeth Montalbano
An account promoting the projectβ€”which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modulesβ€”has more than 500 subscribers.

April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell

By Sagar Tiwari
Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild.

DOJ Says Doctor is Malware Mastermind

By Nate Nelson
The U.S. Department of Justice indicts middle-aged doctor, accusing him of being a malware mastermind.

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

By Ravie Lakshmanan
Fronton, a distributed denial-of-service (DDoS) botnet that came to light in March 2020, is much more powerful than previously thought, per the latest research. "Fronton is a system developed for coordinated inauthentic behavior on a massive scale," threat intelligence firm Nisos said in aΒ reportΒ published last week. "This system includes a web-based dashboard known as SANA that enables a user

Snake Keylogger Spreads Through Malicious PDFs

By Elizabeth Montalbano
Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug.

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

By Ravie Lakshmanan
Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. "It's a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to

Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

By Ravie Lakshmanan
Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down its attack infrastructure in favor of migrating their malicious cyber activities to other ancillary operations, including Karakurt and BlackByte. "From the negotiations site, chatrooms, messengers to servers and proxy hosts - the Conti brand, not the organization

Malware Analysis: Trickbot

By The Hacker News
In this day and age, we are not dealing with roughly pieced together, homebrew type of viruses anymore. Malware is an industry, and professional developers are found to exchange, be it by stealing one's code or deliberate collaboration. Attacks are multi-layer these days, with diverse sophisticated software apps taking over different jobs along the attack-chain from initial compromise to

New Chaos Ransomware Builder Variant "Yashma" Discovered in the Wild

By Ravie Lakshmanan
Cybersecurity researchers have disclosed details of the latest version of the Chaos ransomware line, dubbed Yashma. "Though Chaos ransomware builder has only been in the wild for a year, Yashma claims to be the sixth version (v6.0) of this malware," BlackBerry research and intelligence team said in a report shared with The Hacker News. Chaos is a customizable ransomware builder thatΒ emergedΒ in

Fronton IOT Botnet Packs Disinformation Punch

By Sagar Tiwari
Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda.

Poisoned Python and PHP packages purloin passwords for AWS access

By Paul Ducklin
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.

Researchers Find New Malware Attacks Targeting Russian Government Entities

By Ravie Lakshmanan
An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. "The campaigns [...] are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run commands on them remotely," MalwarebytesΒ saidΒ in a

Verizon Report: Ransomware, Human Error Among Top Security Risks

By Elizabeth Montalbano
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.

Link Found Connecting Chaos, Onyx and Yashma Ransomware

By Nate Nelson
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.

Cybergang Claims REvil is Back, Executes DDoS Attacks

By Elizabeth Montalbano
Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.

Cybergang Claims REvil is Back, Executes DDoS Attacks

By Elizabeth Montalbano
Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.

Experts Warn of Rise in ChromeLoader Malware Hijacking Users' Browsers

By Ravie Lakshmanan
A malvertising threat is witnessing a new surge in activity since its emergence earlier this year. Dubbed ChromeLoader, the malware is a "pervasive and persistent browser hijacker that modifies its victims' browser settings and redirects user traffic to advertisement websites," Aedan Russell of Red CanaryΒ saidΒ in a new report. ChromeLoader is a rogue Chrome browser extension and is typically

The Myths of Ransomware Attacks and How To Mitigate Risk

By The Hacker News
Today's modern companies are built on data, which now resides across countless cloud apps. ThereforeΒ preventing data lossΒ is essential to your success. This is especially critical for mitigating against rising ransomware attacks β€” a threat thatΒ 57% of security leaders expect to be compromised by within the next year.Β  AsΒ organizations continue to evolve, in turn so does ransomware. To help you

EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities

By Ravie Lakshmanan
A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS). "The malware is rapidly adopting one-day vulnerabilities as part of its exploitation capabilities," AT&T Alien LabsΒ saidΒ in a technical write-up published last week. "Services

Zero-Day β€˜Follina’ Bug Lays Microsoft Office Open to Attack

By Sagar Tiwari
Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports.

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

By Sagar Tiwari
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.

Zero-Day β€˜Follina’ Bug Lays Microsoft Office Open to Attack

By Sagar Tiwari
Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports.

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

By Sagar Tiwari
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.

Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise

By Ravie Lakshmanan
An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF). Other frequently targeted countries include Poland, Australia, the U.S., Germany, the U.K., Italy, France, and Portugal. "The most

New XLoader Botnet Version Using Probability Theory to Hide its C&C Servers

By Ravie Lakshmanan
An enhanced version of the XLoader malware has been spotted adopting a probability-based approach to camouflage its command-and-control (C&C) infrastructure, according to the latest research. "Now it is significantly harder to separate the wheat from the chaff and discover the real C&C servers among thousands of legitimate domains used by Xloader as a smokescreen," Israeli cybersecurity company

FluBot Android Spyware Taken Down in Global Law Enforcement Operation

By Ravie Lakshmanan
An international law enforcement operation involving 11 countries has culminated in the takedown of a notorious mobile malware threat calledΒ FluBot. "This Android malware has been spreading aggressively through SMS, stealing passwords, online banking details and other sensitive information from infected smartphones across the world," EuropolΒ saidΒ in a statement. <!--adsense--> The "complex

International Authorities Take Down Flubot Malware Network

By Elizabeth Montalbano
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

By Ravie Lakshmanan
As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns. Called Ransomware for IoT orΒ R4IoTΒ by Forescout, it's a "novel, proof-of-concept ransomware that exploits an IoT device to gain access and move laterally in an IT [information technology] network and impact the OT [

International Authorities Take Down Flubot Malware Network

By Elizabeth Montalbano
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.

Conti Leaks Reveal Ransomware Gang's Interest in Firmware-based Attacks

By Ravie Lakshmanan
An analysis ofΒ leaked chatsΒ from the notoriousΒ Conti ransomware groupΒ earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices. "Control over firmware gives attackers virtually unmatched powers both to directly cause damage and to enable other long-term strategic goals,"

Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network

By Ravie Lakshmanan
The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according to new research. Sucuri, which has been tracking the same campaign since February 2019 under the name "NDSW/NDSX," said that "the malware was one of the top infections" detected in 2021, accounting for more than 61,000 websites. Parrot TDS wasΒ documentedΒ in

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

By Elizabeth Montalbano
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

By Elizabeth Montalbano
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.
❌