Malware – Page 19 – Search.AI.Wiki

Western Digital notifies customers of data breach after March cyberattack

Western Digital is notifying its customers of a data breach that exposed their sensitive personal information, the incident took place in March.

In March 2022, Western Digital was hit by a ransomware attack and in response to the incident, it …

CERT-UA warns of an ongoing SmokeLoader campaign

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file.

CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot …

San Bernardino County Sheriff’s Department paid a $1.1M ransom

The San Bernardino County Sheriff’s Department confirmed that it has paid a $1.1-million ransom after the April ransomware attack.

The San Bernardino County Sheriff’s Department opted to pay a $1.1-million ransom after a ransomware attack infected its systems in early …

Dragon Breath APT uses double-dip DLL sideloading strategy

An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique.

Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that …

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Twitter

…

North Korea-linked Kimsuky APT uses new recon tool ReconShark

North Korea-linked APT group Kimsuky has been observed using a new reconnaissance tool dubbed ReconShark in a recent campaign.

SentinelOne researchers observed an ongoing campaign from North Korea-linked Kimsuky Group that is using a new malware called ReconShark.

The reconnaissance …

Fleckpe Android malware totaled +620K downloads via Google Play Store

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022.

Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is …

Facebook warns of a new information-stealing malware dubbed NodeStealer

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta.

NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The…

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector.

Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns.

The …

City of Dallas shut down IT services after ransomware attack

The City of Dallas, Texas, was hit by a ransomware attack that forced it to shut down some of its IT systems.

The IT systems at the City of Dallas, Texas, have been targeted by a ransomware attack. To prevent …

Hackers are taking advantage of the interest in generative AI to install Malware

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned.

Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. …

North Korea-linked ScarCruft APT uses large LNK files in infection chains

North Korea-linked ScarCruft APT group started using oversized LNK files to deliver the RokRAT malware starting in early July 2022.

Check Point researchers reported that the infection chains observed in the attacks attributed to North Korea-linked ScarCruft APT group (aka …

New Lobshot hVNC malware spreads via Google ads

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices.

Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads.

Threat actors are …

Experts spotted a new sophisticated malware toolkit called Decoy Dog

Infoblox researchers discovered a new sophisticated malware toolkit, dubbed Decoy Dog, targeting enterprise networks.

While analyzing billions of DNS records, Infoblox researchers discovered a sophisticated malware toolkit, dubbed Decoy Dog, that was employed in attacks aimed at enterprise networks.

Threat actors behind …

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers.

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of …

Russian APT Nomadic Octopus hacked Tajikistani carrier

Russian APT group Nomadic Octopus hacked a Tajikistani carrier to spy on government officials and public service infrastructures.

Russian cyber espionage group Nomadic Octopus (aka DustSquad) has hacked a Tajikistani telecoms provider to spy on 18 entities, including high-ranking government …

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides.

Russia-linked APT28 group is targeting Ukrainian government bodies with fake ‘Windows Update’ guides, Computer Emergency Response Team of Ukraine (CERT-UA) warns. …

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

ViperSoftX

…

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection.

Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique.

#ViperSoftX is back,

…

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month.

Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS). …