Malware – Page 14 – Search.AI.Wiki

43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off.

Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that …

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya.

Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO …

A new sophisticated SkidMap variant targets unsecured Redis servers

A new campaign targets Redis servers, this time the malware employed in the attacks is a new variant of the SkidMap malware.

Skidmap is a piece of crypto-miner detected by Trend Micro in September 2019 while it was targeting Linux …

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack.

In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a …

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

…

Reptile Rootkit employed in attacks against Linux systems in South Korea

Researchers observed threat actors that are using an open-source rootkit called Reptile in attacks aimed at systems in South Korea.

Reptile is an open-source kernel module rootkit that was designed to target Linux systems, unlike other rootkits, it also offers …

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data.

On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were …

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data.

On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were …

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store.

Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented …

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519.

Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds of Citrix Netscaler ADC and Gateway servers have already been compromised …

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets.

Palo Alto Network Unit 42 discovered a previously unreported phishing campaign that distributed a Python variant of the NodeStealer. The malicious code was …

US govt is hunting a Chinese malware that can interfere with its military operations

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict.

American intelligence officials believe China has implanted malware in key US power and communications networks …

US govt is hunting a Chinese malware that can interfere with its military operations

The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict.

American intelligence officials believe China has implanted malware in key US power and communications networks …

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind …

WikiLoader malware-as-a-service targets Italian organizations

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader.

WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind …

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector.

In July, Palo Alto Networks Unit 42 researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers …

Experts link AVRecon bot to the malware proxy service SocksEscort

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021.

In early July, researchers from Lumen Black Lotus Labs discovered the AVRecon botnet that targets small office/home office (SOHO) routers and infected over 70,000 …