Researchers warn of new support scam malware

Computer Weekly

Security researchers have identified a new strain of support scam malware and a way of clearing up infected machines

Hackers Slipped Mysterious Malware Into Thousands of Macs But Researchers Can't Figure Out Why

GizModo VR

A new malware strain has infected Mac devices all over the world—most prominently in the U.S. malware computer programming cyberwarfare computing payload technology internet cybercrime security breaches fireball

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mac malware continuing to escalate, warn security researchers

Computer Weekly

Malware targeting the Mac operating system has seen a significant growth in the first half of this hear, according to security firm Malwarebytes

Recorded Future: Cobalt Strike and Metasploit accounted for a quarter of all malware C2 servers in 2020

CTOvision

Cobalt Strike and Metasploit, two penetration testing toolkits usually employed by security researchers, have been used to host more than a quarter of all the malware command and control (C&C) […].

FSociety Locker – Python Malware

Doctor Chaos

The authors of this malware must be “Mr. Security researchers at Sarah (Qi) Wu and He Xu at Fortinet described the the […]. Malware malwareA new ransomware variant, named “Fsociety Locker” (“Fsociety ALpha 1.0”), showed up recently seeking a place in the threat marketplace. Robot” fans, as the name “Fsociety” refers to the fictional group of hackers in that show.

Android Agent Smith mobile malware hits millions of devices

CTOvision

Mobile malware dubbed Agent Smith has infected about 25 million devices, mainly in India and other Asian countries, but other countries have also been affected, including the UK and US, according to security researchers at Check Point Software Technologies. Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps […].

Researchers find malware samples that exploit Meltdown and Spectre

Network World

Once Google published its findings for the Meltdown and Spectre vulnerabilities in CPUs, the bad guys used that as a roadmap to create their malware. And so far, researchers have found more than 130 malware samples designed to exploit Spectre and Meltdown. If there is any good news, it’s that the majority of the samples appear to be in the testing phase, according to antivirus testing firm AV-TEST, or are based on proof-of-concept software created by security researchers.

New macOS malware discovered, but threat remains unknown

TechSpot

The malware—identified by Red Canary researchers—has been found in 153 countries, with concentrations in the United States, the United Kingdom, Canada, France, and Germany.

A New SolarWinds Malware Strain Is Discovered

GizModo VR

On Monday, researchers announced the discovery of yet another malware strain used by foreign hackers to infiltrate a wide milieu of American government agencies and companies. SolarWinds: it’s the hack that keeps on growing.

Cybercriminals now spoofing job hunters to deploy password-stealing malware

Tech Republic Security

Malicious files masquerading as curriculum vitae are being sent to businesses to install malware that can capture passwords and other sensitive information, says Check Point Research

New Video: Automating Your Cyber Defenses Including Malware Removal

CTOvision

The video at this link and embedded below provides an overview of conclusions from CTOvision research into ways to automate the removal of cyber threats (including malware) from your enterprise. Additional context into this topic is available in our research report downloadable here: . Analysis Big Data Cloud Computing CTO Cyber Security DoD and IC Strategy The Future Trends Video Automation Chief information security officer CISO Computer security Malware

NotPetya and Olympic Destroyer Malware: 6 Russian Officers Charged

SecureWorld News

But the GRU members being charged in this case started with other strains of malware and a narrow target: Ukraine's power grid. In what is commonly referred to as the most destructive and costly cyber attack ever, the conspirators unleashed the 'NotPetya' malware.

New Grelos skimmer variant reveals overlap in Magecart group activities, malware infrastructure

CTOvision

On Wednesday, researchers from RiskIQ described how a new Grelos […]. A new variant of a skimmer has revealed the increasingly muddy waters associated with tracking groups involved in Magecart-style attacks. News RiskIQ

New malware "Silver Sparrow" is targeting both Intel and M1 Macs

Mashable VR

A new piece of malware has been detected on almost 30,000 Macs (so far), and it appears that security types can't quite pinpoint the malware's motives. In a blog post , Red Canary explained how it's been keeping an eye on the malware for over a week (as of Feb.

Malware hidden in CCleaner targeted tech firms

Computer Weekly

Major tech firms were targeted by malware hidden in Avast’s Piriform CCleaner software, researchers have found, leading to speculation that it may have been state-sponsored espionage attack

HummingBad Android malware highlights worrying trend, say researchers

Computer Weekly

Security researchers uncover a cyber crime operating model that provides financial self-sufficiency, which they fear will enable larger and more sophisticated campaigns in the future

Phishing Campaign Uses Fake Google reCAPTCHA to Distribute Malware

CTOvision

Sucuri researchers discovered that the campaign sent out malicious emails masquerading as a confirmation for a recent transaction. Digital attackers deployed this disguise in the hopes that employees at the targeted bank would click on a link to a malicious PHP file out of alarm. That file was responsible for loading a fake 404 error […]. Cyber Security News

Cheating software for Call of Duty: Warzone found to contain malware

TechSpot

As reported by Vice, security researchers at Activision found that a Warzone cheat advertised on popular cheating forums contained more than met the eye. It surreptitiously installed a dropper on a device, which allowed other types of malware to be downloaded onto a computer

Check Point finds AdultSwine malware in Google Play apps

Computer Weekly

Security researchers have discovered new malware code hidden in game apps, mainly aimed at youngsters

Using AI-enhanced malware, researchers disrupt algorithms used in antimalware

Tech Republic Security

Who will win: Antimalware developers or malware developers Artificial intelligence algorithms are involved in a cyber arms race.

The One Where The Car Inspection Expired Due To Malware

Forrester's Customer Insights

We kept Research Associate, Alexis, pretty busy during the first three months of the year, and she procrastinated getting her annual car inspection in Massachusetts done. Cybersecurity Incident Response Malware Zero Trust

What Can You Do About Malware In The Cloud?

CTOvision

Malware exists even there - and it spreads fast. And like any system with a physical backend, the cloud can easily be subject to a wide range of vulnerabilities - including malware. But malware on the cloud is a very real, and very present threat. Earlier this month, a research study by Georgia Tech revealed that as many as 10% of cloud repositories may be infected - including some hosted by Amazon and Google. Rachel Gillevet.

17 Apps Removed from Google Play for Joker Malware

SecureWorld News

Google has removed 17 apps from its Google Play store due to malware known as Joker. The Joker malware family is infamous for constantly targeting Android devices. The research team identified 17 different samples uploaded to the store in September 2020.

PSA: Discord and Slack links are being used by hackers to distribute malware

TechSpot

Research published by Cisco's Talos division tells us hackers have been using Slack and Discord to hand out malware through links that seem legitimate. Once malware

Leaked SMB exploits make malware powerful, warns Cylance

Computer Weekly

Four key exploits at the heart of hacking tools leaked by the Shadow Brokers have given malware authors a lot of power, say security researchers

SMB 146

This Researcher Hacked Into 35 Major Tech Companies, Including Microsoft, Tesla, and Netflix

GizModo VR

Alex Birsan, a Romanian threat researcher, recently made over $130,000 by virtuously breaking into IT systems at dozens of major tech companies. Read more.

Mac malware is found targeting biomedical research

Network World

A Mac malware that’s been spying on biomedical research centers may have been circulating undetected for years, according to new research. The malware, which Apple calls Fruitfly, is designed to take screen captures, access the Mac’s webcam, and simulate mouse clicks and key presses, allowing for remote control by a hacker, Malwarebytes said in a blog post on Wednesday.

North Korean Hackers Successfully Phished Cyber Researchers Using a Fake Blog

GizModo VR

A recent phishing campaign by North Korean nation-state hackers successfully duped a number of security professionals who were involved in vulnerability research and development, according to a new report from Google’s Threat Analysis Group.

Sophisticated hackers snuck sleeper malware into nearly 30,000 Macs

The Verge

There’s a popular stereotype that Apple’s computers are largely immune to malware. It was literally just one week ago that Objective-See security researcher Patrick Wardle published a story about the first piece of malware discovered in the wild targeting Apple Silicon, and now we have two.

Malware Uses Your PC to send 30K Sextortion Emails Per Hour

CTOvision

First developed to distribute various malware like Gandcrab, Pony, and Pushdo to email users for the purpose of turning victim accounts into hosts for fraudulent cryptomining operations, Phorpiex now has a new trick up its sleeve. Researchers at the Tel Aviv-based Check Point confirmed […]. The Phorpiex (aka Trik) botnet has existed for almost 10 years.

Non-malware attacks pose bigger threat than malicious software

Computer Weekly

Malware-free cyber attacks are on the rise and artificial intelligence in cyber security is still far from replacing humans, according to most cyber security researchers

Strider cyber attack group deploying malware for espionage

Computer Weekly

Symantec security researchers have uncovered a spying campaign by a previously unknown group using modular malware as stealthware

Researchers can now hack a PC with malware stored on synthetic DNA

Tech Republic Security

University of Washington researchers successfully stored malware in synthetic DNA strands, and used it to gain control of the computer analyzing it

Researcher finds over 711 million compromised email accounts

Computer Weekly

A security researcher has discovered a spambot using more than 711 million compromised email accounts to spread data-stealing malware

4 Ways North Korea Is Targeting Security Researchers

SecureWorld News

Security researchers are some of the unsung heroes within the cybersecurity field. How is North Korea targeting security researchers? The North Korea based threat actors are using a number of different strategies to target security researchers.

Apple accidentally approved malware disguised as Flash, new report finds

The Verge

Apple accidentally approved common malware disguised as an update for Adobe Flash Player to run on macOS, according to a new report. According to security researcher Patrick Wardle, Apple approved an app that contained code used by a well-known malware called Shlayer.

How much malware tools sell for on the Dark Web

Tech Republic Security

A low-quality batch of malicious tools can sell for as low as $70, while a premium set can go as high as $6,000, according to the security research site Privacy Affairs

Hackers Threatening East Coast's Fuel Supply Claim They're Not Trying to Cause Anybody Trouble

GizModo VR

cyberwarfare ransomware check point research malware lotem finkelsteen cyberattacks information technology management vladimir putin cybercrime security breaches computing solarwinds presidency of joe biden biden computer security ekhram ahmad

This ambitious Microsoft project aims to fix cloud computing security

Tech Republic Security

Microsoft Research's Project Freta aims to find invisible malware running on the cloud

Millions of Android users beware: Alibaba’s UC Browser can be used to deliver malware

CTOvision

UC Browser, a hugely popular mobile browser from Alibaba-owned UCWeb, has a design flaw that allows attackers to swap out downloads from the company’s servers with files from any server on the internet, according to researchers at Russian security firm Dr. Web.

Financial malware more than twice as prevalent as ransomware

Computer Weekly

While ransomware continues to make the headlines, particularly in the wake of WannaCry, research has revealed that financial threats are 2.5 times more prevalent

IDG Contributor Network: Major cloud is infested with malware, researchers say

Network World

Cloud repositories are actively supplying malware, according to computer experts. The problem being that the resulting malware is quick to “assemble from stored components that individually may not appear to be malicious.” And problematically, it’s insidious and hard to find. Hundreds of buckets have been undermined, says Xiaojing Liao, a graduate student at Georgia Tech who’s the lead author on a study that’s looking into the problem.

Researcher hides stealthy malware inside legitimate digitally signed files

Network World

The attack method, developed by Tom Nipravsky, a researcher with cybersecurity firm Deep Instinct, might prove to be a valuable tool for criminals and espionage groups in the future, allowing them to get malware past antivirus scanners and other security products. The first part of Nipravsky's research, which was presented at the Black Hat security conference in Las Vegas this week, has to do with file steganography -- the practice of hiding data inside a legitimate file.