SecureList

NOVEMBER 6, 2024

It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device. GitHub payloads After that, the malware resolves the IP address behind the ankjdans[.]xyz

Software 123

Software Cryptocurrency Malware DNS 123

Schneier on Security

JANUARY 10, 2023

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. Another part used a hard-coded password to encrypt system files using the Blowfish and Twofish algorithms.

Malware 64

Malware Encryption Cybercrime Passwords 64

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware 108

Malware Ransomware Passwords Healthcare 108

Krebs on Security

NOVEMBER 12, 2024

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. ” McCarthy also pointed to CVE-2024-43498 , a remote code execution flaw in.NET and Visual Studio that could be used to install malware. This bug has earned a CVSS severity rating of 9.8 (10 10 is the worst).

Authentication 261

Authentication Engineering Malware Passwords 261

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. MacOS computers include X-Protect , Apple’s built-in antivirus technology.

Malware 328

Malware Cryptocurrency Software Phishing 328

Security Affairs

NOVEMBER 19, 2024

Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY , DEEPDATA, and DEEPPOST.

VPN 117

VPN Malware Spyware Passwords 117

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The investigation into the makers and buyers of this phishing software has not yet been completed with the seizure of the servers and domains.”

Phishing 254

Phishing Cybercrime Advertising Malware 254

Krebs on Security

SEPTEMBER 1, 2021

Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. Between 2003 and 2006, Corpse focused on selling and supporting his Haxdoor malware.

Malware 340

Malware Cybercrime Internet Internet 340

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. “Antivirus software trusts signed programs more. For some types of software, a digital signature is mandatory.”

Malware 304

Malware Cybercrime Software Accountability 304

The Hacker News

SEPTEMBER 27, 2023

A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager. The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report.

Password Management 144

Password Management Passwords Malware Software 144

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. The password chosen by this user was “ 1232.” Image: spur.us. Image: Darkbeast/Ke-la.com.

Malware 295

Malware Passwords Accountability Advertising 295

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. I look at this and think, would I be more likely to type my password into a box or more likely to click a button that says ‘okay’?”

Phishing 291

Phishing Passwords Accountability Authentication 291

eSecurity Planet

NOVEMBER 6, 2024

Though cookies themselves don’t steal passwords, they can be hijacked to access sensitive data. Attackers can steal your cookies through phishing, malware, and MITM attacks, leading to data theft, financial loss, and identity theft. First-party cookies store info for one site, while third-party cookies track across sites.

Identity Theft 110

Identity Theft Passwords Phishing Accountability 110

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. Rather, this group uses the phony bank domains in conjunction with malicious software that is already secretly installed on a victim’s computer.

Malware 332

Malware Banking Phishing DDOS 332

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware 318

Malware Cybercrime Internet Internet 318

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. So take special care when downloading software to ensure that you are in fact getting the program from the original, legitimate source whenever possible.

Cybercrime 340

Cybercrime Passwords Authentication Malware 340

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. frequently relied on the somewhat unique password, “ plk139t51z.”

Malware 274

Malware Antivirus Cybercrime Hacking 274

Krebs on Security

SEPTEMBER 6, 2021

Six years later, a review of the social media postings from this group shows they are prospering, while rather poorly hiding their activities behind a software development firm in Lahore that has secretly enabled an entire generation of spammers and scammers. One of several current Fudtools sites run by The Manipulaters.

Software 299

Software Phishing Cybercrime Accountability 299

Malwarebytes

FEBRUARY 19, 2025

The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. These findings come from the 2025 State of Malware report. By 2018, TrickBot was the largest threat to businesses.

Malware 123

Malware Software Passwords Cryptocurrency 123

Malwarebytes

MARCH 18, 2025

One of the common lures is a cracked software version of the popular trading platform TradingView. These two malware families have wreaked havoc, pillaging victims’ personal data and enabling their distributors to make substantial gains, mostly by taking over cryptocurrency wallets.

Cryptocurrency 111

Cryptocurrency Malware Scams Antivirus 111

Security Boulevard

SEPTEMBER 20, 2024

million stolen VPN passwords have been compromised by malware in the past year, highlighting a growing risk for unauthorized access to secure networks, according to a Specops Software report. The post More Than Two Million Stolen VPN Passwords Discovered appeared first on Security Boulevard. More than 2.1

VPN 138

VPN Passwords Malware Software 138

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware 120

Malware Advertising Antivirus Cybercrime 120

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107

Security Affairs

OCTOBER 11, 2024

Attackers also used it for code debugging assistance. “The tasks the CyberAv3ngers asked our models in some cases focused on asking for default username and password combinations for various PLCs. This included working on malware that was still in development, and looking for information on potential targets.”

Malware 136

Malware Social Engineering Engineering Hacking 136

Malwarebytes

NOVEMBER 5, 2024

And perhaps most worrying of all, once an attacker is in your email account they can reset your passwords to your other accounts and login as you there too. However, session cookies are usually stolen by malware on the your device. Cybercriminals could use your account to spread spam and phishing emails to your contacts.

Accountability 145

Accountability Authentication Malware Banking 145

SecureList

MARCH 11, 2025

Since the beginning of the year, we’ve been tracking in our telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service (MaaS) model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting the C2 servers.

Passwords 88

Passwords Malware Advertising Software 88

Schneier on Security

FEBRUARY 3, 2021

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot , was deployed in September 2019, at the time hackers breached SolarWinds’ internal network.

Computers and Electronics 363

Computers and Electronics Malware Software Government 363

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. Gen Digital observed phishing campaigns distributing the Glove Stealer.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116

Krebs on Security

APRIL 20, 2023

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Image: Mandiant.

Malware 330

Malware Software Technology Accountability 330

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Automatic Logins Using Lastpass.

Risk 345

Risk Passwords Password Management Accountability 345

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 351

Accountability Advertising Passwords Phishing 351

Troy Hunt

APRIL 5, 2023

In its simplest form, the illegal data marketplace has long involved the exchange of currency for personal records containing attributes such as email addresses, passwords, names, etc. We block known breached passwords. So, we (the good guys) adapt and build better defences. We implement two factor authentication. It was that simple.

Marketing 355

Marketing Passwords Authentication Accountability 355

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 237

Malware VPN Internet Internet 237

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 107

Architecture Internet Internet Malware 107

Hacker's King

DECEMBER 25, 2024

Tools designed for password cracking often exploit weak security practices, but understanding these methods is vital for safeguarding your account. This guide explores Snapchat password-cracking tools while focusing on ethical ways to enhance security. Weak or simple passwords are particularly vulnerable.

Passwords 52

Passwords Social Engineering Accountability Scams 52

SecureWorld News

OCTOBER 31, 2024

Vampire malware: draining systems dry This malware creeps in undetected, draining resources and stealing data in the dark. Like vampires, malware strains can operate quietly, leeching data or encrypting files without warning, making ransomware and spyware infections incredibly haunting.

IoT 119

IoT Phishing DDOS Backups 119