Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The ransomware group Codefinger utilizes an AES-256 encryption key they generate and store locally.

Encryption 114

Encryption Ransomware Authentication Accountability 114

Security Affairs

JANUARY 24, 2025

It activates upon detecting a “magic packet” with predefined parameters, enabling attackers to establish a reverse shell, control devices, steal data, or deploy malware. The J-magic campaign is notable for targeting JunoOS, a FreeBSD-based operating system that threat actors rarely target in malware attacks.

Malware 118

Malware VPN Encryption Hacking 118

Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 121

Malware Ransomware Encryption Phishing 121

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

Threat Detection 130

Threat Detection Engineering Malware Artificial Intelligence 130

Schneier on Security

MARCH 30, 2021

Researchers write that the RAT is constantly on the lookout for “any activity of interest, such as a phone call, to immediately record the conversation, collect the updated call log, and then upload the contents to the C&C server as an encrypted ZIP file.” This is a sophisticated piece of malware.

Malware 332

Malware Manufacturing Encryption Government 332

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 113

Malware Cybersecurity Cyber threats Threat Detection 113

Schneier on Security

MAY 18, 2022

Researchers have demonstrated iPhone malware that works even when the phone is fully shut down. t turns out that the iPhone’s Bluetooth chip­ — which is key to making features like Find My work­ — has no mechanism for digitally signing or even encrypting the firmware it runs.

Malware 309

Malware Firmware Encryption Risk 309

Security Affairs

MARCH 25, 2025

Researchers warn of a new Android malware that uses.NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using.NET MAUI to evade detection. Another malware observed by the experts targets Chinese-speaking users, stealing contacts, SMS, and photos through third-party app stores.

Malware 70

Malware Encryption Banking Cyber threats 70

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 71

Malware Spyware Government Mobile 71

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 68

Malware Social Engineering Antivirus Engineering 68

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software 115

Software Cryptocurrency Malware Encryption 115

Schneier on Security

MAY 4, 2022

An unusual way a second-stage backdoor connects to attacker-controlled infrastructure by, in essence, acting as a TLS-encrypted server that proxies data through the SOCKS protocol. […]. Unpacking this threat group is difficult. From outward appearances, their focus on corporate transactions suggests a financial interest.

Malware 291

Malware IoT Wireless Antivirus 291

Tech Republic Security

MAY 30, 2024

The ShrinkLocker ransomware exploits the BitLocker feature on enterprise PCs to encrypt the entire local drive and remove recovery options.

Encryption 207

Encryption Ransomware Software Malware 207

SecureList

FEBRUARY 5, 2025

In March 2023, researchers at ESET discovered malware implants embedded into various messaging app mods. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources. The campaign, which targeted Android and Windows users, saw the malware spread through unofficial sources.

Malware 143

Malware Encryption Mobile Cryptocurrency 143

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 142

Malware Cryptocurrency Encryption Passwords 142

Security Affairs

MARCH 23, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs Jaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer PlaybookThen a Second Hacker Strikes ClearFakes (..)

Malware 62

Malware Threat Detection Cryptocurrency Ransomware 62

Security Affairs

FEBRUARY 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 69

Malware Scams Banking Ransomware 69

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives.

Ransomware 119

Ransomware Encryption Passwords Backups 119

Security Affairs

APRIL 10, 2025

At least one APT group has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security measures. Kaspersky researchers reported that an APT group, tracked as ToddyCat , has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security. ” states the report.

Malware 75

Malware Software Encryption Hacking 75

Security Affairs

FEBRUARY 16, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 64

Malware Data breaches Mobile Encryption 64

Security Affairs

JANUARY 12, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 57

Malware Scams Phishing Encryption 57

Security Affairs

MARCH 9, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 64

Malware DDOS Hacking Ransomware 64

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 62

Malware Artificial Intelligence DNS Ransomware 62

Security Affairs

APRIL 2, 2025

The threat actor FIN7 , also known as Savage Ladybug, has developed a new Python-based malware, named Anubis Backdoor, which allows attackers to gain full remote control over infected Windows systems. “The malware is distributed as a ZIP package, which includes a single Python script alongside multiple Python executables.

Antivirus 124

Antivirus Cybercrime Malware Encryption 124

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 117

Malware Advertising Antivirus Cybercrime 117

Security Affairs

MARCH 8, 2025

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR). Akira successfully encrypted files across the network.

Ransomware 126

Ransomware IoT Encryption Passwords 126

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 333

Antivirus VPN Encryption Malware 333

Schneier on Security

JULY 8, 2021

” By digitally signing their malware, attackers are able to suppress many security warnings that would otherwise appear when it’s being installed. Cybereason said that the certificate appears to have been used exclusively by REvil malware that was deployed during this attack.

Ransomware 363

Ransomware Malware Firewall Encryption 363

Adam Shostack

JANUARY 2, 2025

Evading Machine Learning Malware Classifiers , from the winner of the Defcon Machine Learning Static Evasion Competition. The general counsel of the NSA and former general counsel of the FBI have editorials on encryption. We Cannot Afford to Lose the Digital Revolution, and Rethinking Encryption.

Encryption 130

Encryption Malware 130

Graham Cluley

OCTOBER 17, 2024

No-one would be bold enough to say that the ransomware problem is receding, but a newly-published report by Microsoft does deliver a slither of encouraging news amongst the gloom. And boy do we need some good news - amid reports that 389 US-based healthcare institutions were hit by ransomware last year - more than one every single day.

Ransomware 114

Ransomware Encryption Healthcare Data breaches 114

Security Affairs

JANUARY 5, 2025

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. ” reads the report published by Google.

Malware 127

Malware Encryption Phishing Hacking 127

SecureList

OCTOBER 15, 2024

The malware uses different strings to load libraries and functions required for execution. q=0" Icon File Name : %systemroot%System32moricons.dll Machine ID : desktop-84bs21b Downloader module The RTF exploits and LNK files execute the same JavaScript malware. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

The Hacker News

JANUARY 9, 2025

Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.

Encryption 133

Encryption Antivirus Malware Cybersecurity 133

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 61

Malware Spyware Antivirus VPN 61

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 238

Malware VPN Internet Internet 238

Krebs on Security

JULY 30, 2020

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based a supermarket chain in the northeastern United States. .

Banking 363

Banking Malware Encryption Accountability 363

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. “Don’t pay,” the agent said.

Ransomware 356

Ransomware Encryption Backups Manufacturing 356