Schneier on Security

JANUARY 10, 2023

I don’t know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. Another part used a hard-coded password to encrypt system files using the Blowfish and Twofish algorithms.

Malware 66

Malware Encryption Cybercrime Passwords 66

SecureList

NOVEMBER 6, 2024

It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device. GitHub payloads After that, the malware resolves the IP address behind the ankjdans[.]xyz

Software 123

Software Cryptocurrency Malware DNS 123

Krebs on Security

NOVEMBER 12, 2024

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. ” McCarthy also pointed to CVE-2024-43498 , a remote code execution flaw in.NET and Visual Studio that could be used to install malware. This bug has earned a CVSS severity rating of 9.8 (10 10 is the worst).

Authentication 261

Authentication Engineering Malware Passwords 261

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Security Affairs

NOVEMBER 19, 2024

Volexity researchers discovered a vulnerability in Fortinet’s Windows VPN client that China-linked threat actor BrazenBamboo abused in their DEEPDATA malware. BrazenBamboo is known to be the author of other malware families, including LIGHTSPY , DEEPDATA, and DEEPPOST.

VPN 117

VPN Malware Spyware Passwords 117

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The investigation into the makers and buyers of this phishing software has not yet been completed with the seizure of the servers and domains.”

Phishing 254

Phishing Cybercrime Advertising Malware 254

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. MacOS computers include X-Protect , Apple’s built-in antivirus technology.

Malware 326

Malware Cryptocurrency Software Phishing 326

Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware 85

Malware Phishing Telecommunications Retail 85

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. “Antivirus software trusts signed programs more. For some types of software, a digital signature is mandatory.”

Malware 302

Malware Cybercrime Software Accountability 302

The Hacker News

SEPTEMBER 27, 2023

A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager. The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report.

Password Management 143

Password Management Passwords Malware Software 143

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. The password chosen by this user was “ 1232.” Image: spur.us. Image: Darkbeast/Ke-la.com.

Malware 293

Malware Passwords Accountability Advertising 293

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. I look at this and think, would I be more likely to type my password into a box or more likely to click a button that says ‘okay’?”

Phishing 288

Phishing Passwords Accountability Authentication 288

eSecurity Planet

NOVEMBER 6, 2024

Though cookies themselves don’t steal passwords, they can be hijacked to access sensitive data. Attackers can steal your cookies through phishing, malware, and MITM attacks, leading to data theft, financial loss, and identity theft. First-party cookies store info for one site, while third-party cookies track across sites.

Identity Theft 110

Identity Theft Passwords Phishing Accountability 110

Security Affairs

APRIL 22, 2025

. “There has been a sharp increase in the number of cases of unauthorized access and unauthorized trading (trading by third parties) on Internet trading services using stolen customer information (login IDs, passwords, etc.) Avoid password reuse, choose complex passwords, and check account activity often.

Financial Services 119

Financial Services Passwords Accountability Antivirus 119

Malwarebytes

APRIL 16, 2025

Bots (software programs that interact with web sites) have been ubiquitous for years. This is where a bot takes a password and email address that has been stolen and leaked online, and then tries those credentials across a myriad of services in the hope that its owner will have reused the password elsewhere. Protect your PC.

Internet 144

Internet Internet Passwords Artificial Intelligence 144

Malwarebytes

FEBRUARY 19, 2025

The latest, major threats to Mac computers can steal passwords and credit card details with delicate precision, targeting victims across the internet based on their device, location, and operating system. These findings come from the 2025 State of Malware report. By 2018, TrickBot was the largest threat to businesses.

Malware 136

Malware Software Passwords Cryptocurrency 136

Krebs on Security

NOVEMBER 16, 2022

The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites. Rather, this group uses the phony bank domains in conjunction with malicious software that is already secretly installed on a victim’s computer.

Malware 330

Malware Banking Phishing DDOS 330

Krebs on Security

AUGUST 2, 2022

Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers. com , a malware-based proxy network that has been in existence since at least 2010. Last week, a seven-year-old proxy service called 911[.]re

Malware 315

Malware Cybercrime Internet Internet 315

Webroot

APRIL 30, 2025

In todays digital world, passwords have become a necessary part of life. May 1, 2025, is World Password Day , a reminder that passwords are the unsung heroes of cybersecurity, the first line of defense for all your sensitive personal data. World Password Day is more relevant than ever in todays evolving threat landscape.

Passwords 62

Passwords Password Management Malware Accountability 62

Krebs on Security

SEPTEMBER 13, 2023

USDoD claimed they grabbed the data by using passwords stolen from a Turkish airline employee who had third-party access to Airbus’ systems. So take special care when downloading software to ensure that you are in fact getting the program from the original, legitimate source whenever possible.

Cybercrime 338

Cybercrime Passwords Authentication Malware 338

Malwarebytes

MARCH 18, 2025

One of the common lures is a cracked software version of the popular trading platform TradingView. These two malware families have wreaked havoc, pillaging victims’ personal data and enabling their distributors to make substantial gains, mostly by taking over cryptocurrency wallets.

Cryptocurrency 128

Cryptocurrency Malware Scams Antivirus 128

Krebs on Security

SEPTEMBER 6, 2021

Six years later, a review of the social media postings from this group shows they are prospering, while rather poorly hiding their activities behind a software development firm in Lahore that has secretly enabled an entire generation of spammers and scammers. One of several current Fudtools sites run by The Manipulaters.

Software 299

Software Phishing Cybercrime Accountability 299

Security Boulevard

SEPTEMBER 20, 2024

million stolen VPN passwords have been compromised by malware in the past year, highlighting a growing risk for unauthorized access to secure networks, according to a Specops Software report. The post More Than Two Million Stolen VPN Passwords Discovered appeared first on Security Boulevard. More than 2.1

VPN 138

VPN Passwords Malware Software 138

Malwarebytes

APRIL 9, 2025

This software monitors what a user types on a keyboard without their knowledge, relaying it back to the keylogger’s owner. Keep your software up to date. Some spies manually install keyloggers on target computers, but others use malware to install it remotely. They exploit these security holes to install their malware.

Accountability 102

Accountability Spyware Passwords Password Management 102

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware 120

Malware Advertising Antivirus Cybercrime 120

Security Affairs

OCTOBER 11, 2024

Attackers also used it for code debugging assistance. “The tasks the CyberAv3ngers asked our models in some cases focused on asking for default username and password combinations for various PLCs. This included working on malware that was still in development, and looking for information on potential targets.”

Malware 136

Malware Social Engineering Engineering Hacking 136

Malwarebytes

NOVEMBER 5, 2024

And perhaps most worrying of all, once an attacker is in your email account they can reset your passwords to your other accounts and login as you there too. However, session cookies are usually stolen by malware on the your device. Cybercriminals could use your account to spread spam and phishing emails to your contacts.

Accountability 145

Accountability Authentication Malware Banking 145

Schneier on Security

FEBRUARY 3, 2021

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot , was deployed in September 2019, at the time hackers breached SolarWinds’ internal network.

Computers and Electronics 363

Computers and Electronics Malware Software Government 363

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. Gen Digital observed phishing campaigns distributing the Glove Stealer.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116

Krebs on Security

APRIL 20, 2023

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Image: Mandiant.

Malware 326

Malware Software Technology Accountability 326

SecureList

MARCH 11, 2025

Since the beginning of the year, we’ve been tracking in our telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service (MaaS) model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting the C2 servers.

Passwords 97

Passwords Malware Advertising Software 97

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Automatic Logins Using Lastpass.

Risk 345

Risk Passwords Password Management Accountability 345

Troy Hunt

APRIL 5, 2023

In its simplest form, the illegal data marketplace has long involved the exchange of currency for personal records containing attributes such as email addresses, passwords, names, etc. We block known breached passwords. So, we (the good guys) adapt and build better defences. We implement two factor authentication. It was that simple.

Marketing 355

Marketing Passwords Authentication Accountability 355

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 240

Malware VPN Internet Internet 240

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 347

Accountability Advertising Passwords Phishing 347

Malwarebytes

MAY 1, 2025

These messages frequently warn recipients about a problem with their accounts, like a password that needs to be updated, a policy change that requires a login, or a delayed package that has to be approved. In reality, those usernames and passwords are delivered directly to cybercriminals on the other side of the website.

Small Business 82

Small Business Cybersecurity Passwords Scams 82

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107