#malware

#malware

Microsoft has patched two actively exploited zero-day vulnerabilities in its February Patch Tuesday.

The vulnerabilities bypass security features and are being used by cybercriminal groups to deliver malware. [ more ]

North Korean state-backed hackers are distributing a malicious version of a legitimate application developed by CyberLink.

Microsoft's Threat Intelligence team has identified the compromise and has taken measures to protect customers. [ more ]

A fake browser update called ClearFake is infecting Apple computers with malware that steals passwords and money.

The malware works by bombarding users with counterfeit Chrome updates and can hack data from cryptocurrency extensions.

Mac users should avoid downloading browser updates from third-party sites and pop-ups to prevent becoming infected. [ more ]

BlackBerry's latest Global threat intelligence report reveals that cybercriminals are using a more diverse range of malware than ever before, with over 380,000 malicious samples observed.

The high volume of unique malware samples can overwhelm and bypass traditional security operations centers (SOCs) easily, increasing the need for advanced anti-malware protection.

BlackBerry recommends leveraging AI and ML capabilities for advanced anti-malware protection to ease the pressure on security teams. [ more ]

Cyber criminals are increasingly using valid accounts to breach corporate networks, necessitating a focus on distinguishing between legitimate and malicious user activity. [ more ]

Developers in AI need to prioritize security amidst the rush to create new products.

Supply-chain attacks can compromise AI projects by hiding malware in components. [ more ]

AI-powered worm developed by researchers can spread between computers using generative AI.

Researchers warn of potential cybersecurity threats posed by AI-powered malware. [ more ]

Remote work blurs the line between work and home networks, challenging traditional security perimeters.

Sophisticated threats like advanced persistent threats and insiders present significant security challenges in a borderless network environment. [ more ]

40,000 routers have been infected with TheMoon malware for anonymizing illicit activities

The infected devices are being enrolled into Faceless, a service for anonymizing online crime activities [ more ]

Using public USB ports for phone charging can expose devices to malware

Charging stations can transfer data in addition to power, posing a security risk [ more ]

Russian hackers targeted German politicians with fake dinner event invitation using malware called 'Wineloader'.

Mandiant, a subsidiary of Alphabet, identified the APT29 hacking group, also known as 'Cozy Bear', as responsible for the cyber attacks. [ more ]

PyPI has suspended new project creation due to a malware upload campaign.

Attackers are using typosquatting to distribute malicious Python packages for data theft. [ more ]

High-risk vulnerability in ConnectWise ScreenConnect is easy to exploit

Malicious hackers actively exploiting the flaw [ more ]

Variston, a Barcelona-based startup, has been identified as the source of malware used to target iPhones, Android devices, and PCs.

Variston's exploits included zero-days, meaning the software makers were unaware of the bugs at the time. [ more ]

Cyber criminals are using ad networks to optimize their malware campaigns and increase the likelihood of users falling for their social engineering attacks.

The DarkGate PDF malware campaign uses ad tools to deliver malicious URLs to victims, evading detection and collecting analytics on who clicks their links. [ more ]

A new password-stealing malware called Ov3r_Stealer is spreading through fake job ads on Facebook.

The malware is downloaded via a PowerShell script from a Discord URL linked in the fake job ads. [ more ]

GitHub's popularity and utility make it immune to Chinese censorship, but also attractive to criminals for distributing malware.

GitHub's advantageous features for malware authors include being seldom blocked by corporate networks, familiarity to attackers, and low costs for hosting and account creation. [ more ]

Scammers are using Google Ads to target people searching for popular tech products and redirect them to fake websites that install malware.

The top offenders in the study were MacBook Air, Samsung Galaxy Buds, and Amazon Fire TV Stick. [ more ]

Hackers are using popular Google searches as a way to install malware on unsuspecting users' computers.

Specific searches that hackers tend to use include 'how to make money online' and 'Taylor Swift'.

Users should be wary of downloading special software or visiting websites promising free people and phone number searches. [ more ]

The UK government has denied the report that the Sellafield nuclear complex has been compromised by malware for years.

The government claims that there is no evidence to suggest that Sellafield's networks have been attacked by state-actors as described in the Guardian report. [ more ]

LY Corp. reported a massive data breach that affected up to 440,000 items of personal data, including over 300,000 linked to Line messaging app users.

The leaked data did not include sensitive information such as bank accounts, credit cards, or chat messages.

The breach was caused by malware infecting a subcontractor's computer owned by LY Corp.'s South Korea-based affiliate. [ more ]

North Korean threat group Diamond Sleet (Zinc) breached a Taiwanese software company and used their systems to distribute malware.

The hackers added malicious code to a legitimate application installer and signed it with a valid CyberLink certificate.

Microsoft has not observed any direct interaction with compromised systems but warns that the threat actor is known for stealing data and establishing persistent access. [ more ]

A social engineering campaign that previously targeted Windows systems is now spreading to macOS.

The campaign uses fake browser updates to distribute the Atomic Stealer malware.

This is the first time experts have observed a social engineering scam targeting both Windows and macOS systems. [ more ]

Atomic Stealer malware targets Apple users through fake browser updates.

ClearFake is a dangerous social engineering scheme that is actively being updated. [ more ]

Buying budget Android devices from online vendors can result in getting devices with malware or riskware.

Manufacturers often customize the Android operating system, making it difficult to find devices with stock Android. [ more ]

Google is taking legal action against cybercriminals who delivered malware through websites claiming to offer its chat-based AI tool, Bard.

The company filed a lawsuit against the scammers behind the malicious sites and is seeking an order to stop them from setting up similar domains.

Google has also targeted threat actors who abused the DMCA to harm competitors by submitting bogus copyright takedowns. [ more ]