Cybersecurity, Information Security and Malware

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware.

Malware

Malware Cybersecurity Cyber threats Threat Detection

CISA warns of RESURGE malware exploiting Ivanti flaw

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE.

Malware

Malware Authentication Cybersecurity Encryption

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation.

Malware

Malware Government Hacking Cybersecurity

Esperts found new DoNot Team APT group’s Android malware

Security Affairs

JANUARY 20, 2025

Researchers linked the threat actor DoNot Teamto a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The group persistently employs similar techniques in their Android malware.”

Malware

Malware Cyber Attacks Mobile Phishing

Don’t Let Encryption Become A Double-Edged Sword That Undermines Zero Trust CyberSecurity

Joseph Steinberg

APRIL 21, 2022

It is no secret that cybersecurity professionals universally recommend that people, businesses, and governments employ strong encryption as one of several methods of protecting sensitive information. You can learn more about VMware and its Zero Trust security solutions here.

Encryption

Encryption Cybersecurity Artificial Intelligence Backups

Malwarebytes Premium Security awarded “Product of the Year” from AVLab

Malwarebytes

MARCH 10, 2025

Malwarebytes Premium Security has once again been awarded Product of the Year after successfully blocking 100% of in-the-wild malware samples. The samples were deployed in multiple, consecutive third-party tests conducted by the AVLab Cybersecurity Foundation. secondsalmost 26 seconds faster than the industry average.

Malware

Malware Cybersecurity Information Security

The source code of Banshee Stealer leaked online

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware

Malware Cryptocurrency Encryption Passwords

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “Information sharing is easy to talk about, and hard to do in practice,” Daniel said.

Cybersecurity

Cybersecurity Cyber threats Government Phishing

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software.

Identity Theft

Identity Theft Passwords Malware Banking

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware

Malware Advertising Antivirus Cybercrime

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

The physical safety of things like airbags, rearview mirrors, and brakes is well accounted for; yet cybersecurity auto safety concerns are rising to the fore. What used to be a focus on physical safety has now shifted to cybersecurity due to the widened attack surface that connected cars present.

Malware

Malware Manufacturing IoT Software

BlackLock Ransomware Targeted by Cybersecurity Firm

Security Affairs

MARCH 26, 2025

Cybersecurity experts were able to exploit misconfiguration in vulnerable web-app used by ransomware operators to publish victims data – leading to clearnet IP addresses disclosure related to their network infrastructure behind TOR hidden services (hosting them) and additional service information acquired from server-side.

Ransomware

Ransomware Cybersecurity Healthcare Accountability

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

In a report, cybersecurity firm Secureworks exposed a tactic employed by the North Korean hacker group known as Nickel Tapestry. Last summer, finally, North Korean hackers allegedly attempted another hiring scheme, this time targeting a well-known cybersecurity company based in the United States.

Risk

Risk Education Scams VPN

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Security Affairs

FEBRUARY 4, 2025

Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous websites. The script retrieved from the remote server contains encoded data segments, which are decoded and executed to advance the malware’s operation.

Banking

Banking Malware Antivirus Cyber threats

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications. The company immediately activated its cybersecurity response plan and launched an investigation into the incident with the help of external experts.

Ransomware

Ransomware Manufacturing Malware Hacking

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 23, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Fortinet FortiManager missing authentication vulnerability CVE-2024-47575 (CVSS v4 score: 9.8)

Authentication

Authentication Malware Risk Cybersecurity

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Team82 and Claroty have been unable to verify the attackers’ claims, however, they conducted a detailed analysis of the Fuxnet malware relying on information provided by the attackers.

Malware

Malware Firmware IoT Hacking

Dark Gate malware campaign uses Samba file shares

Security Affairs

JULY 14, 2024

A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details about a DarkGate malware campaign from March-April 2024. The malware is considered a sophisticated threat and is continuously improved.

Malware

Malware Cybercrime Software Phishing

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

Intelligence and cybersecurity experts warn that Chinese nation-state actors have shifted from stealing secrets to infiltrate critical U.S. In July, Cisco fixed an actively exploited NX-OS zero-day that was exploited to install previously unknown malware as root on vulnerable switches. and around the globe.”

Hacking

Hacking Internet Internet Government

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs

OCTOBER 6, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware

Malware Architecture Cryptocurrency Cyber Attacks

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

New York, the city that never sleeps, is also the city that takes cybersecurity very seriously. If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S. Educate your employees on threats and risks such as phishing and malware. About the essayist: Don Boian is the Chief Information Security Officer at Hound Labs, Inc., The efficacy of hygiene.

Cybersecurity

Cybersecurity Cybercrime Education Government

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware

Malware Banking Accountability Phishing

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. The malware targets multiple platforms, including Windows, Linux, macOS, ESXi, and Android. Today they are going to send me a report on the supposed hacking.”

Government

Government Hacking Ransomware Insurance

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. ” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

Ransomware

Ransomware IoT Encryption Passwords

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) reads the advisory.

Backups

Backups VPN Ransomware Authentication

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime Malware VPN Ransomware

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly. In golf there’s a popular saying: play the course, not your opponent.

Risk

Risk Cybersecurity Technology CISO

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

The cybersecurity firm uncovered a Grandoreiro campaign targeting users in Mexico, Argentina, and Spain via phishing emails impersonating tax agencies. The malware uses a custom URI Client and unusual port numbers to communicate with the server. net to evade detection.”

Banking

Banking Phishing Malware Passwords

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Ransomware attackers often spend weeks or months inside of a target’s network before attempting to deploy malware across the network that encrypts servers and desktop systems unless and until a ransom demand is met. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job. ”

Hacking

Hacking Ransomware Banking Accountability

Cybersecurity in the Evolving Threat Landscape

Security Affairs

APRIL 10, 2024

As technology evolves and our dependence on digital systems increases, the cybersecurity threat landscape also rapidly changes, posing fresh challenges for organizations striving to protect their assets and data. Cybersecurity has always been seen as a catch-up game, with determined adversaries a step ahead.

Cybersecurity

Cybersecurity Digital transformation Threat Detection Cyber threats

Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

Security Affairs

AUGUST 16, 2024

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. ” concludes the report.

Malware

Malware Cryptocurrency Advertising Architecture

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising

Advertising Cybercrime Malware Cryptocurrency

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

The cybersecurity firm discovered the campaign on January 7, 2025, the company discovered that threat actors used false offers of employment with CrowdStrike. “On January 7, 2025, CrowdStrike identified a phishing campaign exploiting its recruitment branding to deliver malware disguised as an “employee CRM application.”

Phishing

Phishing Scams Malware Authentication

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and credential-harvesting web pages.

Malware

Malware Phishing Surveillance Internet

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability has been addressed in versions 2.23.6,

Malware

Malware Telecommunications Encryption DDOS

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. Cybersecurity and Infrastructure Security Agency (CISA) added the the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. ” reported Akamai. In June, the U.S.

Malware

Malware DDOS Internet Internet

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN

VPN Malware Authentication Hacking

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about.

Risk

Risk Cybersecurity Data breaches Cyber threats

China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

Security Affairs

JULY 2, 2024

Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-2024-20399 (CVSS score of 6.0), that the China-linked group Velvet Ant exploited to deploy previously unknown malware as root on vulnerable switches.

Malware

Malware Software Authentication Hacking

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

CISA warns of RESURGE malware exploiting Ivanti flaw

Trending Sources

FBI deleted China-linked PlugX malware from over 4,200 US computers

Esperts found new DoNot Team APT group’s Android malware

Don’t Let Encryption Become A Double-Edged Sword That Undermines Zero Trust CyberSecurity

Malwarebytes Premium Security awarded “Product of the Year” from AVLab

The source code of Banshee Stealer leaked online

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

International law enforcement operation dismantled RedLine and Meta infostealers

Banshee macOS stealer supports new evasion mechanisms

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

BlackLock Ransomware Targeted by Cybersecurity Firm

Digital nomads and risk associated with the threat of infiltred employees

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Carbanak malware returned in ransomware attacks

U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Dark Gate malware campaign uses Samba file shares

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

2024 Cybersecurity Laws & Regulations

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Akira ransomware gang used an unsecured webcam to bypass EDR

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Crooks are reviving the Grandoreiro banking trojan

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Cybersecurity in the Evolving Threat Landscape

Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

APT28 targets key networks in Europe with HeadLace malware

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Multiple malware used in attacks exploiting Ivanti VPN flaws

From Risk Assessment to Action: Improving Your DLP Response

China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

Stay Connected