Malware – Page 12 – Search.AI.Wiki

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Reptile Rootkit employed in attacks against Linux systems in South Korea

Researchers observed threat actors that are using an open-source rootkit called Reptile in attacks aimed at systems in South Korea.

Reptile is an open-source kernel module rootkit that was designed to target Linux systems, unlike other rootkits, it also offers …

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data.

On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were …

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data.

On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were …

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store.

Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented …

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519.

Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds of Citrix Netscaler ADC and Gateway servers have already been compromised …

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets.

Palo Alto Network Unit 42 discovered a previously unreported phishing campaign that distributed a Python variant of the NodeStealer. The malicious code was …

US govt is hunting a Chinese malware that can interfere with its military operations

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict.

American intelligence officials believe China has implanted malware in key US power and communications networks …

US govt is hunting a Chinese malware that can interfere with its military operations

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict.

American intelligence officials believe China has implanted malware in key US power and communications networks …

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind …

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind …

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector.

In July, Palo Alto Networks Unit 42 researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers …

Experts link AVRecon bot to the malware proxy service SocksEscort

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021.

In early July, researchers from Lumen Black Lotus Labs discovered the AVRecon botnet that targets small office/home office (SOHO) routers and infected over 70,000 …

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an alert on a malware variant, tracked as SUBMARINE Backdoor, that …

Now Abyss Locker also targets VMware ESXi servers

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn.

The operators behind the Abyss Locker developed a Linux variant that targets VMware ESXi servers expanding their potential targets.

VMware …

Now Abyss Locker also targets VMware ESXi servers

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn.

The operators behind the Abyss Locker developed a Linux variant that targets VMware ESXi servers expanding their potential targets.

VMware …

Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor

Russia-linked BlueBravo has been spotted targeting diplomatic entities in Eastern Europe with the GraphicalProton Backdoor.

The Russia-linked threat-state actor BlueBravo (aka APT29, Cloaked Ursa, and Midnight Blizzard, Nobelium) has been observed targeting diplomatic entities throughout Eastern Europe. The group was …

Android malware steals user credentials using optical character recognition

Enlarge (credit: Getty Images)

Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens.

The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been

…

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Multiple

…

Category: Malware

Reptile Rootkit employed in attacks against Linux systems in South Korea

Researchers observed threat actors that are using an open-source rootkit called Reptile in attacks aimed at systems in South Korea.

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data.

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data.

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store.

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519.

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets.

US govt is hunting a Chinese malware that can interfere with its military operations

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict.

US govt is hunting a Chinese malware that can interfere with its military operations

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict.

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector.

Experts link AVRecon bot to the malware proxy service SocksEscort

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021.

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks.

Now Abyss Locker also targets VMware ESXi servers

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn.

Now Abyss Locker also targets VMware ESXi servers

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn.

Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor

Russia-linked BlueBravo has been spotted targeting diplomatic entities in Eastern Europe with the GraphicalProton Backdoor.

Android malware steals user credentials using optical character recognition

Experts warn of OSS supply chain attacks against the banking sector

Checkmark researchers have uncovered the first known targeted OSS supply chain attacks against the banking sector.

Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.