Malware

Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks

IOCONTROL targets IoT and OT devices from a ton of makers, apparently

Research13 Dec 2024 | 15

First-ever UEFI bootkit for Linux in the works, experts say

Bootkitty doesn’t bite… yet

Research27 Nov 2024 | 14

Swiss cheesed off as postal service used to spread malware

QR codes arrive via an age-old delivery system

Bootnotes16 Nov 2024 | 37

Don't open that 'copyright infringement' email attachment – it's an infostealer

Curiosity gives crims access to wallets and passwords

Research07 Nov 2024 | 21

Cybercrooks are targeting Bengal cat lovers in Australia for some reason

In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos

Research06 Nov 2024 | 15

Belgian cops cuff 2 suspected cybercrooks in Redline, Meta infostealer sting

US also charges an alleged Redline dev, no mention of an arrest

Cyber-crime29 Oct 2024 | 1

Dutch cops pwn the Redline and Meta infostealers, leak 'VIP' aliases

Legal proceedings underway with more details to follow

Cybersecurity Month28 Oct 2024 | 5

Perfctl malware strikes again as crypto-crooks target Docker Remote API servers

Attacks on unprotected servers reach 'critical level'

Cybersecurity Month24 Oct 2024 | 1

Pixel perfect Ghostpulse malware loader hides inside PNG image files

Miscreants combine it with an equally tricky piece of social engineering

Cybersecurity Month22 Oct 2024 | 34

Internet Archive wobbles back online, with limited functionality

DDoS detectives deduce Mirai used to do the deed, using home entertainment boxes in Korea, China, and Brazil

Cybersecurity Month16 Oct 2024 | 14

Moscow-adjacent GoldenJackal gang strikes air-gapped systems with custom malware

USB sticks help, but it's unclear how tools that suck malware from them are delivered

Cybersecurity Month09 Oct 2024 | 24

'Critical' CUPS vulnerability chain easy to use for massive DDoS attacks

Infosec In Brief Also, rooting for Russian cybercriminals, a new DDoS record, sneaky Linux server malware and more

Cybersecurity Month07 Oct 2024 | 5

NCA unmasks man it suspects is both 'Evil Corp kingpin' and LockBit affiliate

Aleksandr Ryzhenkov alleged to have extorted around $100M from victims, built 60 LockBit attacks

Cybersecurity Month01 Oct 2024 |

Necro malware continues to haunt side-loaders of dodgy Android mods

Updated 11M devices exposed to trojan, Kaspersky says

Cyber-crime23 Sep 2024 | 2

Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town

No malware crew linked to this latest red-teaming tool yet

Research23 Sep 2024 |

What a coincidence. Spyware makers, Russia's Cozy Bear seem to share same exploits

Google researchers note similarities, can't find smoking-gun link

Security29 Aug 2024 | 3

Proof-of-concept code released for zero-click critical IPv6 Windows hole

If you haven't deployed August's patches, get busy before others do

OSes28 Aug 2024 | 14

Microsoft mistake blows up admins' inboxes with fake malware alerts

Updated Legitimate emails misclassified in software snafu

Security26 Aug 2024 | 11

RansomHub-linked EDR-killing malware spotted in the wild

Infosec in brief Also: Your external-facing NetSuite sites need a review; five popular malware varieties for Q2, and more

Security19 Aug 2024 | 1

SharpRhino malware targets IT admins – Hunters International gang suspected

Fake Angry IP Scanner will make you furious - or maybe remind you of how the Hive gang went about its banal business

Security07 Aug 2024 |

Bad apps bypass Windows security alerts for six years using newly unveiled trick

Windows SmartScreen and Smart App Control both have weaknesses of which to be wary

Research06 Aug 2024 | 16

Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets

Malware logs users' keystrokes, pilfers credentials, exfiltrates data

Research05 Aug 2024 | 15

Breaking the economy of trust: How busts affect malware gangs

Feature It's hard to track down individuals, so why not disrupt the underground market itself?

Malware Month02 Aug 2024 | 6

Five months after takedown, LockBit is a shadow of its former self

Feature An unprecedented period for an unparalleled force in cybercrime

Malware Month31 Jul 2024 | 19

'LockBit of phishing' EvilProxy used in more than a million attacks every month

Insight Leaves a trail of ransomware infections, data theft, business email compromise in its wake

Malware Month30 Jul 2024 | 7

Malware crew Stargazers Goblin used 3,000 GitHub accounts to make bank

May even have targeted other malware gangs, and infosec researchers

Cyber-crime26 Jul 2024 | 9

Beware of fake CrowdStrike domains pumping out Lumma infostealing malware

PSA: Only accept updates via official channels ... ironically enough

Malware Month25 Jul 2024 | 3

Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

Latest trend follows various malware campaigns that began just hours after IT calamity

Cyber-crime23 Jul 2024 | 4

FrostyGoop malware shut off heat to 600 Ukraine apartment buildings

First nasty to exploit Modbus to screw with operational tech devices

Malware Month23 Jul 2024 | 11

Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs

Major vendors' products scuppered by novel techniques

Research18 Jul 2024 | 5

Iran's MuddyWater phishes Israeli orgs with custom BugSleep backdoor

India, Turkey, also being targeted by campaign that relies on corporate email compromise

Malware Month17 Jul 2024 | 11

Cyber-crime super-crew Scattered Spider falls in love with RansomHub and Qilin

Extortionists left hanging after rivals crawled into the woodwork

Malware Month16 Jul 2024 |

I spy another mSpy breach: Millions more stalkerware buyers exposed

Infosec in brief Also: Velops routers love plaintext; everything is a dark pattern; Internet Explorer rises from the grave, and more

Security15 Jul 2024 | 8

Three words to send a chill down your spine: Snowflake. Intrusion. Alert

Kettle And can AI save us from the scourge of malware? In theory, why not, but in practice ... Color us skeptical

CSO13 Jul 2024 | 7

IcedID henchman gets nine years in clanger for abusing malware to drain bank accounts

The slippery Ukrainian national must also pay a hefty $74 million on top of the jail time

Malware Month12 Jul 2024 | 7

China's APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox

Meet DodgeBox, son of StealthVector

Malware Month12 Jul 2024 |

Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems

IT giant says data exfiltration was extremely difficult to detect

Malware Month10 Jul 2024 | 8

ViperSoftX variant spotted abusing .NET runtime to disguise data theft

Freeware AutoIt also used to hide entire PowerShell environments in scripts

Malware Month10 Jul 2024 | 3

Houthi rebels are operating their own GuardZoo spyware

Interview Fairly 'low budget', unsophisticated malware, say researchers, but it can collect the same data as Pegasus

Malware Month09 Jul 2024 |

Avast secretly gave DoNex ransomware decryptors to victims before crims vanished

Updated Good riddance to another pesky tribe of miscreants

Malware Month08 Jul 2024 | 12

Not-so-OpenAI allegedly never bothered to report 2023 data breach

security in brief Also: F1 authority breached; Prudential victim count skyrockets; a new ransomware actor appears; and more

Security08 Jul 2024 | 5

Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown

Private sector helped out with week-long operation – but didn't touch China

Malware Month04 Jul 2024 | 7

Baddies hijack Korean ERP vendor's update systems to spew malware

Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack

Malware Month02 Jul 2024 |

Microsoft tells yet more customers their emails have been stolen

Infosec in brief Plus: US auto dealers still offline; Conti coders sanction; Rabbit R1 hardcoded API keys; and more

Security01 Jul 2024 | 24

Korean telco allegedly infected its P2P users with malware

KT may have had an entire team dedicated to infecting its own customers

Security27 Jun 2024 | 8

Cybercrooks get cozy with BoxedApp to dodge detection

Some of the biggest names in the game are hopping on the trend

Research04 Jun 2024 | 2

New Nork-ish cyberespionage outfit uncovered after three years

Sector-agnostic group is after your data, wherever you are

Cyber-crime31 May 2024 |

Euro cops disrupt malware droppers, seize thousands of domains

Operation Endgame just beginning: 'Stay tuned,' says Europol

Malware Month30 May 2024 |

Suspected supply chain attack backdoors courtroom recording software

An open and shut case, but the perps remain at large – whoever they are

Cyber-crime24 May 2024 | 2

Germany points finger at Fancy Bear for widespread 2023 hacks, DDoS attacks

Infosec in brief Also: Microsoft promises to git gud on cybersecurity; unqualified attackers are targeting your water systems, and more

Security06 May 2024 | 18

Discord dismantles Spy.pet site that snooped on millions of users

Updated - Infosec in brief ALSO: Infostealer spotted hiding in CDN cache, antivirus update hijacked to deliver virus, and some critical vulns

Security29 Apr 2024 | 3

US House approves FISA renewal – warrantless surveillance and all

Infosec in brief PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more

Security15 Apr 2024 | 12

Head of Israeli cyber spy unit exposed ... by his own privacy mistake

Infosec in brief Plus: Another local government hobbled by ransomware; Huge rise in infostealing malware; and critical vulns

Security08 Apr 2024 | 19

Microsoft confirms memory leak in March Windows Server security update

Infosec in brief ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns

Security25 Mar 2024 | 11

It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files

New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia

Research21 Mar 2024 | 5

ChatGPT side-channel attack has easy fix: Token obfuscation

Infosec in brief Also: Roblox-themed infostealer on the prowl, telco insider pleads guilty to swapping SIMs, and some crit vulns

Security18 Mar 2024 | 2