Tech Republic Security

MAY 19, 2024

Antivirus software is critical to ensure information security of organizational networks and resources. By establishing an antivirus policy, organizations can quickly identify and address malware and virus threats, as well as detect and appropriately respond to incidents.

Antivirus 97

Antivirus Information Security Malware Software 97

Security Affairs

OCTOBER 5, 2020

Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Antivirus solutions that are supposed to protect the systems from infection may unintentionally allow malware in escalating privileges on the system. .

Antivirus 135

Antivirus Malware Advertising Software 135

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 119

Malware Advertising Antivirus Cybercrime 119

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware 70

Malware Adware Antivirus Marketing 70

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus 132

Antivirus Malware Banking Internet 132

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware 120

Malware Cryptocurrency Mobile Firmware 120

Security Affairs

FEBRUARY 4, 2025

Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous websites. The script retrieved from the remote server contains encoded data segments, which are decoded and executed to advance the malware’s operation.

Banking 116

Banking Malware Antivirus Cyber threats 116

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. The post Romanians arrested for running underground malware services appeared first on Security Affairs.

Malware 141

Malware Antivirus Cybercrime Software 141

Security Affairs

NOVEMBER 5, 2024

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. ” continues the report.

Banking 120

Banking Malware Accountability Authentication 120

Security Affairs

APRIL 22, 2025

Keeping devices updated and using reliable antivirus software also helps prevent malware-related data theft. Japan s Financial Services Agency (FSA) recommends checking the warning issued by the Japan Securities Dealers Association regarding matters to be aware of when using securities companies’ online trading services.

Financial Services 119

Financial Services Passwords Accountability Antivirus 119

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 62

Malware Spyware Antivirus VPN 62

Security Affairs

MAY 25, 2024

Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. The fake websites were masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes. exe.zip”) that was used to deploy the Lumma information stealer.

Malware 136

Malware Antivirus Cryptocurrency Hacking 136

Security Affairs

JULY 26, 2021

Researchers demonstrated how to hide malware inside an image classifier within a neural network in order to bypass the defense solutions. Researchers Zhi Wang, Chaoge Liu, and Xiang Cui presented a technique to deliver malware through neural network models to evade the detection without impacting the performance of the network.

Malware 139

Malware Antivirus Artificial Intelligence Engineering 139

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 107

Architecture Internet Internet Malware 107

Security Affairs

MARCH 10, 2025

Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert ( WPD ) tools by crooks to distribute malware under this pretense, the researchers spotted the campaign.

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

Security Affairs

SEPTEMBER 13, 2024

Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. million Android devices in 197 countries.

Malware 139

Malware Firmware Antivirus Manufacturing 139

Security Affairs

JANUARY 14, 2022

A weakness in the Microsoft Defender antivirus can allow attackers to retrieve information to use to avoid detection. Threat actors can leverage a weakness in Microsoft Defender antivirus to determine in which folders plant malware to avoid the AV scanning. SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware 145

Malware Antivirus Hacking Information Security 145

Security Affairs

SEPTEMBER 19, 2024

This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had disconnected all servers following a cyberattack on Saturday, September 14. Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend.

Antivirus 136

Antivirus Malware Hacking Information Security 136

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches 116

Data breaches Cybercrime Cyber Insurance Marketing 116

Security Affairs

JUNE 9, 2022

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by security firms Intezer and BlackBerry uncovered a new Linux threat dubbed Symbiote. “Symbiote is a malware that is highly evasive. ” concludes the report.

Malware 145

Malware DNS Antivirus Passwords 145

Security Affairs

AUGUST 27, 2022

Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. sys, for the Genshin Impact video game to disable antivirus software. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware.”

Antivirus 98

Antivirus Ransomware Malware Cybercrime 98

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware 143

Malware Antivirus Phishing Cryptocurrency 143

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation.

Malware 144

Malware Passwords Advertising Antivirus 144

Security Affairs

JANUARY 8, 2021

Multiple threat actors have recently started using the Ezuri memory loader as a loader to executes malware directly into the victims’ memory. According to researchers from AT&T’s Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. ” concludes the report.

Malware 145

Malware Encryption Passwords Antivirus 145

Security Affairs

FEBRUARY 20, 2021

Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. Malware researchers at Red Canary uncovered a new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across the world. continue the researchers.

Malware 145

Malware Adware Antivirus DDOS 145

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. aliyuncs.com/ Android.Joker.531

Malware 145

Malware Spyware Mobile Antivirus 145

Security Affairs

JULY 24, 2021

Tokyo Olympics could be a great opportunity for cybercriminals and malware authors, the US FBI warned p rivate US companies of cyberattacks that might attempt to disrupt the 2021 Tokyo Olympics. The malware only targets data under the Users folder, likely because it was designed to infect users who do not have administrator privileges.

Malware 145

Malware Antivirus Cyber Attacks Hacking 145

Security Affairs

FEBRUARY 17, 2023

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. Secure Endpoint Private Cloud CSCwe18204 3.6.0

Antivirus 98

Antivirus Engineering Malware Hacking 98

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Figure 1: Lampion malware email templates. 2020-02-13] #Lampion v2 #portugal #malware #ATA 0998f6473004e0ba54ead5784ba62db8 h}//vrau-x.s3.us-east-2.amazonaws.[com/0.zip zip h//oiurx14x.s3.us-east-2.amazonaws.}com/P-14-7.dll

Malware 118

Malware Banking Antivirus Advertising 118

Security Affairs

MARCH 31, 2025

CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active since September 2024, that uses multiple techniques to evade endpoint security while downloading second-stage payloads.

Malware 79

Malware Encryption Antivirus Marketing 79

Security Affairs

NOVEMBER 23, 2020

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. This follows on the heels of last week’s news when Sonatype’s Nexus Intelligence engine and it’s release integrity algorithm discovered discord.dll : the successor to “ fallguys ” malware and 3 other components. and ac-addon.

Malware 142

Malware Engineering Antivirus Software 142

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. Security experts from ThreatFabric have discovered a new Android banking trojan dubbed BlackRock that steals credentials and credit card data from a list of 337 apps.

Malware 128

Malware Banking Mobile Advertising 128

Security Affairs

MARCH 4, 2021

Malware researchers at FireEye discovered a new sophisticated second-stage backdoor, dubbed Sunshuttle, while analyzing the servers of an organization that was compromised as a result of the SolarWinds supply-chain attack. The new malware is dubbed Sunshuttle , and it was “uploaded by a U.S.-based ” continues FireEye.

Malware 125

Malware Hacking Antivirus Information Security 125

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . “While the Windows system is in safe mode antivirus software doesn’t work. “It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Antivirus 143

Antivirus Cryptocurrency Malware Software 143

Security Affairs

FEBRUARY 10, 2021

Antivirus firm Emsisoft discloses a data breach, a third-party had access to a publicly exposed database containing technical logs. The anti-malware solutions provider Emsisoft disclosed last week a data breach. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Malware 139

Malware Data breaches Antivirus Passwords 139

Security Affairs

JUNE 20, 2022

The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented more features to make their attacks stealthy. “TAs are modifying their code in order to tailor their malware on specific banking institutions.

Malware 131

Malware Banking Antivirus Phishing 131

Security Affairs

MAY 6, 2022

Researchers discovered a sophisticated malware framework, dubbed NetDooka, distributed via a pay-per-install (PPI) malware service known as PrivateLoader. The PrivateLoader malware is a downloader used by threat actors for downloading and installing multiple malware. ” reads a report published by Trend Micro.

Malware 105

Malware Antivirus DDOS Hacking 105