Security Affairs

FEBRUARY 13, 2025

Valve removed a game from Steam because it contained malware, the company also warned affected users to reformat their operating systems. Valve removed the game PirateFi from the Steam video game platform because it contained a Windows malicious code to steal browser cookies and hijack accounts. Lazzzy.gen.” Lazzzy.gen.”

Malware 108

Malware Antivirus Accountability Software 108

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 115

Malware Cybersecurity Cyber threats Threat Detection 115

Security Affairs

APRIL 6, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor Advancements in delivery: Scripting with (..)

Malware 76

Malware Cryptocurrency Hacking Accountability 76

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software.

Identity Theft 123

Identity Theft Passwords Malware Banking 123

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” reads the report published by Cleafy. ” continues the report.

Banking 119

Banking Malware Accountability Authentication 119

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. from fake websites (phishing sites) disguised as websites of real securities companies.” Avoid password reuse, choose complex passwords, and check account activity often.

Financial Services 118

Financial Services Passwords Accountability Antivirus 118

Security Affairs

OCTOBER 11, 2024

These scripts sometimes leveraged publicly available pentesting tools and security services to programmatically find vulnerable infrastructure.” The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. ” reads the OpenAI’s report.

Malware 134

Malware Social Engineering Engineering Hacking 134

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 326

Malware Software Technology Accountability 326

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 140

Banking Accountability Malware Mobile 140

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware 119

Malware Cryptocurrency Mobile Firmware 119

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 350

Cybercrime Malware VPN Ransomware 350

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. Mamont spreads via Telegram, Mamont malware is delivered through Telegram channels.

Banking 113

Banking Computers and Electronics Mobile Malware 113

Security Affairs

MARCH 10, 2025

Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert ( WPD ) tools by crooks to distribute malware under this pretense, the researchers spotted the campaign.

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

Security Affairs

JUNE 5, 2024

A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The compromised accounts did not post content, and the extent of the impact is unclear.

Accountability 132

Accountability Hacking Malware Information Security 132

Security Affairs

OCTOBER 19, 2024

This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. reads a statement published by Sophos on Mastodon. “In In one case, attackers dropped Fog ransomware.

Backups 128

Backups VPN Ransomware Authentication 128

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 135

Malware Ransomware Banking Healthcare 135

Security Affairs

SEPTEMBER 29, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 125

Malware Social Engineering IoT Scams 125

Security Affairs

MAY 22, 2024

A threat actor is targeting organizations in Africa and the Middle East by exploiting Microsoft Exchange Server flaws to deliver malware. The keylogger was used to collect account credentials. According to the researchers, the malware campaign targeting MS Exchange Server has been active since at least 2021.

Malware 136

Malware Accountability Technology Internet 136

The Last Watchdog

MAY 15, 2023

The physical safety of things like airbags, rearview mirrors, and brakes is well accounted for; yet cybersecurity auto safety concerns are rising to the fore. Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats.

Malware 230

Malware Manufacturing IoT Software 230

Security Affairs

AUGUST 23, 2024

Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS) targeting macOS users dubbed Cthulhu Stealer. ” reads the report published by Cado Security.

Malware 127

Malware Passwords Cryptocurrency Software 127

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 136

Malware Cryptocurrency Accountability Cybercrime 136

Security Affairs

MAY 26, 2024

The threat actors focus on compromising accountants’ PCs (which are used to support financial activities, such as access to remote banking systems), stealing credentials, and making unauthorized fund transfers. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware 138

Malware Banking Accountability Phishing 138

Security Affairs

DECEMBER 4, 2024

that could be exploited to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine. In mid-October, Sophos researchers warned that ransomware operators are exploiting the vulnerability CVE-2024-40711 to create rogue accounts and deploy malware. ” reads the advisory.

Backups 111

Backups Ransomware Accountability Hacking 111

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 106

Architecture Internet Internet Malware 106

Security Affairs

JULY 31, 2024

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT.

Phishing 133

Phishing Malware Accountability Hacking 133

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime 137

Cybercrime Social Engineering Accountability Government 137

Security Affairs

JANUARY 1, 2024

The MultiLogin endpoint endpoint is an internal mechanism that allows the synchronization of Google accounts across services. This endpoint receives a vector containing account IDs and auth-login tokens for efficiently handling concurrent sessions or seamlessly transitioning between user profiles. ” continues the report.

Malware 145

Malware Penetration Testing Passwords Encryption 145

Security Affairs

FEBRUARY 2, 2025

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite).

Spyware 107

Spyware Hacking Surveillance Malware 107

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 122

Ransomware Hacking Accountability Cyber Attacks 122

Security Affairs

APRIL 12, 2025

Exploiting the flaw lets attackers fully take over a WordPress site, upload malicious plugins, alter content, serve malware or spam, and redirect visitors to malicious websites. If the plugin’s secret key is unset and an attacker sends an empty key, they can bypass authentication and create an admin account.

Accountability 79

Accountability Authentication Passwords Hacking 79

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft has notified affected organizations and disrupted the fraudulent Azure infrastructure and accounts associated with this activity.” dll to execute its functions.

Malware 127

Malware Social Engineering Education Government 127

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. csproj or.vcxproj), it is automatically executed when the project is built.

Malware 141

Malware Cryptocurrency Encryption Hacking 141

Daniel Miessler

MAY 14, 2020

Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Pick either 1Password or LastPass , go through all your accounts, and for each one…reset the password to something created by (and stored in) your password manager. Automatic Logins Using Lastpass.

Risk 345

Risk Passwords Password Management Accountability 345

Security Affairs

FEBRUARY 19, 2025

Russia-linked threat actors exploit Signal ‘s “linked devices” feature to hijack accounts, per Google Threat Intelligence Group. Google Threat Intelligence Group (GTIG) researchers warn of multiple Russia-linked threat actors targeting Signal Messenger accounts used by individuals of interest to Russian intelligence.

Phishing 81

Phishing Accountability Social Engineering Malware 81

Krebs on Security

OCTOBER 28, 2020

-based cyber intelligence firm Hold Security , KrebsOnSecurity in March told Gunnebo about a financial transaction between a malicious hacker and a cybercriminal group which specializes in deploying ransomware. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job. ”

Hacking 356

Hacking Ransomware Banking Accountability 356

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information. Customer financials.

Accountability 140

Accountability Ransomware Data breaches Hacking 140

Security Affairs

NOVEMBER 3, 2024

The operators maintain the botnet to launch distributed brute-force attacks on VPNs, Telnet, SSH, and Microsoft 365 accounts. These routers are used to relay brute-force attacks on Microsoft 365 accounts. In the majority of the campaigns, about 80 percent, CovertNetwork-1658 makes only one sign-in attempt per account per day.

Passwords 131

Passwords Wireless VPN Accountability 131