Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs
Major vendors' products scuppered by novel techniques
Research18 Jul 2024 | 5
Malware
Iran's MuddyWater phishes Israeli orgs with custom BugSleep backdoor
India, Turkey, also being targeted by campaign that relies on corporate email compromise
Malware Month17 Jul 2024 | 11
Cyber-crime super-crew Scattered Spider falls in love with RansomHub and Qilin
Extortionists left hanging after rivals crawled into the woodwork
Malware Month16 Jul 2024 |
I spy another mSpy breach: Millions more stalkerware buyers exposed
Infosec in brief Also: Velops routers love plaintext; everything is a dark pattern; Internet Explorer rises from the grave, and more
Security15 Jul 2024 | 8
Three words to send a chill down your spine: Snowflake. Intrusion. Alert
Kettle And can AI save us from the scourge of malware? In theory, why not, but in practice ... Color us skeptical
CSO13 Jul 2024 | 7
IcedID henchman gets nine years in clanger for abusing malware to drain bank accounts
The slippery Ukrainian national must also pay a hefty $74 million on top of the jail time
Malware Month12 Jul 2024 | 7
NARROWER TOPICS
China's APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox
Meet DodgeBox, son of StealthVector
Malware Month12 Jul 2024 |
Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems
IT giant says data exfiltration was extremely difficult to detect
Malware Month10 Jul 2024 | 8
ViperSoftX variant spotted abusing .NET runtime to disguise data theft
Freeware AutoIt also used to hide entire PowerShell environments in scripts
Malware Month10 Jul 2024 | 3
Houthi rebels are operating their own GuardZoo spyware
Interview Fairly 'low budget', unsophisticated malware, say researchers, but it can collect the same data as Pegasus
Malware Month09 Jul 2024 |
Avast secretly gave DoNex ransomware decryptors to victims before crims vanished
Updated Good riddance to another pesky tribe of miscreants
Malware Month08 Jul 2024 | 12
Not-so-OpenAI allegedly never bothered to report 2023 data breach
security in brief Also: F1 authority breached; Prudential victim count skyrockets; a new ransomware actor appears; and more
Security08 Jul 2024 | 5
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Private sector helped out with week-long operation – but didn't touch China
Malware Month04 Jul 2024 | 7
Baddies hijack Korean ERP vendor's update systems to spew malware
Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack
Malware Month02 Jul 2024 |
Microsoft tells yet more customers their emails have been stolen
Infosec in brief Plus: US auto dealers still offline; Conti coders sanction; Rabbit R1 hardcoded API keys; and more
Security01 Jul 2024 | 24
Korean telco allegedly infected its P2P users with malware
KT may have had an entire team dedicated to infecting its own customers
Security27 Jun 2024 | 8
Cybercrooks get cozy with BoxedApp to dodge detection
Some of the biggest names in the game are hopping on the trend
Research04 Jun 2024 | 2
New Nork-ish cyberespionage outfit uncovered after three years
Sector-agnostic group is after your data, wherever you are
Cyber-crime31 May 2024 |
Euro cops disrupt malware droppers, seize thousands of domains
Operation Endgame just beginning: 'Stay tuned,' says Europol
Malware Month30 May 2024 |
Suspected supply chain attack backdoors courtroom recording software
An open and shut case, but the perps remain at large – whoever they are
Cyber-crime24 May 2024 | 2
Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks
Infosec in brief Also: Microsoft promises to git gud on cybersecurity; unqualified attackers are targeting your water systems, and more
Security06 May 2024 | 18
Discord dismantles Spy.pet site that snooped on millions of users
Updated - Infosec in brief ALSO: Infostealer spotted hiding in CDN cache, antivirus update hijacked to deliver virus, and some critical vulns
Security29 Apr 2024 | 3
US House approves FISA renewal – warrantless surveillance and all
Infosec in brief PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more
Security15 Apr 2024 | 12
Head of Israeli cyber spy unit exposed ... by his own privacy mistake
Infosec in brief Plus: Another local government hobbled by ransomware; Huge rise in infostealing malware; and critical vulns
Security08 Apr 2024 | 19
Microsoft confirms memory leak in March Windows Server security update
Infosec in brief ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns
Security25 Mar 2024 | 11
It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files
New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia
Research21 Mar 2024 | 5
ChatGPT side-channel attack has easy fix: Token obfuscation
Infosec in brief Also: Roblox-themed infostealer on the prowl, telco insider pleads guilty to swapping SIMs, and some crit vulns
Security18 Mar 2024 | 2
Chinese PC-maker Acemagic customized its own machines to get infected with malware
Tried to speed boot times, maybe by messing with 'Windows source code', ended up building a viral on-ramp
Security29 Feb 2024 | 24
That home router botnet the Feds took down? Moscow's probably going to try again
Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs
Security28 Feb 2024 | 37
Zeus, IcedID malware kingpin faces 40 years in slammer
Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts
Cyber-crime16 Feb 2024 | 1
Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts
Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash
Research15 Feb 2024 | 30
North Korea running malware-laden gambling websites as-a-service
$5k a month for the site. $3k for tech support. Infection with malware and funding a despot? Priceless
Cyber-crime15 Feb 2024 | 3
Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros
Trying to break in with malicious Word documents? How very 2015 of you
Cyber-crime14 Feb 2024 | 5
Raspberry Robin devs are buying exploits for faster attacks
One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever
Research08 Feb 2024 | 2
Chinese Coathanger malware hung out to dry by Dutch defense department
Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions
CSO06 Feb 2024 | 12
Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers
Efforts part of internationally coordinated operations carried out in recent months
Cyber-crime02 Feb 2024 | 2
So, are we going to talk about how GitHub is an absolute boon for malware, or nah?
Microsoft says it's doing its best to crack down on crims
Research12 Jan 2024 | 23
Google password resets not enough to stop these info-stealing malware strains
Updated Now every miscreant is jumping on Big G's OAuth account security hole
Research02 Jan 2024 | 12
Cybercrooks book a stay in hotel email inboxes to trick staff into spilling credentials
Research highlights how major attacks like those exploiting Booking.com are executed
Cyber-crime20 Dec 2023 | 20
Qakbot's backbot: FBI-led takedown keeps crims at bay for just 3 months
Experts say malware strain make take years to die off completely
Cyber-crime19 Dec 2023 | 2
NKabuse backdoor harnesses blockchain brawn to hit several architectures
Novel malware adapts delivers DDoS attacks and provides RAT functionality
Research15 Dec 2023 | 3
Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware
Latest offensive cyber group to switch to atypical programming for payloads
Research11 Dec 2023 | 10
CISA details twin attacks on federal servers via unpatched ColdFusion flaw
Tardy IT admins likely to get a chilly reception over the lack of updates
Security05 Dec 2023 | 2
US readies prison cell for another Russian Trickbot developer
Hunt continues for the other elusive high-ranking members
Cyber-crime01 Dec 2023 | 2
North Korea makes finding a gig even harder by attacking candidates and employers
That GitHub repo an interviewer wants you to work on could be malware
Cyber-crime23 Nov 2023 | 6
Novel backdoor persists even after critical Confluence vulnerability is patched
Got a Confluence server? Listen up. Malware said to have wide-ranging capabilities
Cyber-crime14 Nov 2023 | 1
MOVEit cybercriminals unearth fresh zero-day to exploit on-prem SysAid hosts
Second novel zero-day exploited by Lace Tempest this year offers notable demonstration of skill, especially for a ransomware affiliate
Cyber-crime09 Nov 2023 |
Fresh find shines new light on North Korea’s latest macOS malware
Months of work reveals how this tricky malware family targets... the financial services sector
Research07 Nov 2023 | 4
Mozi botnet murder mystery: China or criminal operators behind the kill switch?
Middle Kingdom or self-immolation - there are a couple of theories
Security01 Nov 2023 | 3
Cybercrooks amp up attacks via macro-enabled XLL files
Neither Excel nor PowerPoint safe as baddies continue to find ways around protections
Research01 Nov 2023 | 6
Paying for WinRAR in all the wrong ways - Russia and China hitting ancient app
Incidentally, Windows 11 has native rar support now
Cybersecurity Month18 Oct 2023 | 22
Malware crooks find an in with fake browser updates, in case real ones weren't bad enough
Researchers say ransomware could be on the horizon if success continues
Cybersecurity Month18 Oct 2023 | 2
BLOODALCHEMY provides backdoor to southeast Asian nations' secrets
Sophisticated malware devs believed to be behind latest addition to toolset of China-aligned attackers
Research16 Oct 2023 | 1
GoldDigger Android trojan targets Vietnamese banking apps, code contains hints of wider targets
More malware scum using acessibility features to steal personal info
Security06 Oct 2023 |
North Korea's Lazarus Group upgrades its main malware
LightningCan evades infosec tools in new and interesting ways
Cybersecurity Month04 Oct 2023 | 3
T-Mobile US exposes some customer data – but don't call it a breach
Infosec in brief PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns
Security25 Sep 2023 | 7
Meatbag mishaps more menacing than malware? CISOs think so
Company boards, on the other hand, aren't letting cybersecurity disturb their sleep as much
Research06 Sep 2023 | 6
Malware loader lowdown: The big 3 responsible for 80% of attacks so far this year
Top of the list to trip sensors
CSO28 Aug 2023 | 6
Maker of Chrome extension with 300,000+ users tells of constant pressure to sell out
Interview Anyone with sizable audience in this surveillance economy is invited to stuff their add-ons with tracking and ads
Security11 Aug 2023 | 25
Undiplomatic Chinese threat actor attacks embassies and foreign affairs departments
Sneaky HTML smuggling signals MustangPanda shift towards Europe, Checkpoint charges
Security04 Jul 2023 | 7
Ex-FBI employee jailed for taking classified material home
Infosec in brief Also: a PII harvest at Dole's server farm, military members mailed mystery smartwatches, and this week's critical vulns
CSO26 Jun 2023 | 55
To kill BlackLotus malware, patching is a good start, but...
...that alone 'could provide a false sense of security,' NSA warns in this handy free guide for orgs
CSO22 Jun 2023 | 4
Biting the hand that feeds IT
