Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying…
Category: malware
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet Predator Still Active, with New Client and Corporate Links Identified Threat Group Targets Companies in Taiwan Feeling Blue(Noroff): Inside a Sophisticated DPRK Web3 Intrusion Anubis: A…
Breaking News, cyber crime, Cybercrime, Global Security News, malware, Mobile
Godfather Android trojan uses virtualization to hijack banking and crypto apps
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s…
Global Security News, malware, Threat Intelligence
Counterfeit Minecraft mods deliver malware
Security Affairs reports that malicious cheat tool-impersonating Java or .NET stealers spread through the Stargazers distribution-as-a-service network have been compromising Minecraft players with multi-stage malware since March.
Global Security News, identity, malware, Threat Intelligence
Updated Masslogger stealer spread via VBScript files
Threat actors have deployed a more advanced fileless version of the Masslogger credential-stealing malware as part of a new campaign aimed at French users, Cyber Security News reports.
Global Security News, malware, Threat Intelligence
Thousands of Android devices compromised with AntiDot malware
More than 3,775 Android devices have been infected with the AntiDot Android malware-as-a-service botnet across 273 attack campaigns, reports The Hacker News.
Exploits, Global Security News, malware, Threat Intelligence
More advanced ACR Stealer-based malware examined
Attacks with the more sophisticated ACR Stealer-based Amatera Stealer malware have been launched as part of ClearFake web injection campaigns involving EtherHiding, Binance Smart Chain contract, and ClickFix exploitation between April and May, according to GBHackers News.
Global Security News, malware, Threat Intelligence
Novel Banana Squad campaign taps GitHub repos for malware distribution
Hacking operation Banana Squad has harnessed 67 now-removed GitHub repositories with trojanized hacking tools to compromise developers with malware as part of a new attack campaign, Infosecurity Magazine reports.
ClickFix, cyber attack, Cybersecurity, Global Security News, malware, Security
New Mocha Manakin Malware Deploys NodeInitRAT via Clickfix Attack
Red Canary uncovers ‘Mocha Manakin,’ a new threat using paste and runs to deliver custom NodeInitRAT malware, potentially leading to ransomware. Learn to protect your systems.
Global Security News, Guest blog, malware, Qilin, Ransomware
Qilin offers “Call a lawyer” button for affiliates attempting to extort ransoms from victims who won’t pay
Imagine for one moment that you are a cybercriminal. You have compromised an organisation’s network, you have stolen their data, you have encrypted their network, and you are now knee-deep in the ransomware negotiation. However, there’s a problem. Your target is stalling for time. Who can you, as the perpetrator of the crime rather than…
Breaking News, cyber crime, data breach, Exploits, Global Security News, hacking, malware
Researchers discovered the largest data breach ever, exposing 16 billion login credentials
Researchers discovered the largest data breach ever, exposing 16 billion login credentials, likely due to multiple infostealers. Researchers announced the discovery of what appears to be the largest data breach ever recorded, with an astonishing 16 billion login credentials exposed. The ongoing investigation, which began earlier this year, suggests that the credentials were collected through…
Banana Squad, Cybersecurity, GitHub, Global Security News, malware, Security
Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data.
Global Security News, malware
North Korea’s BlueNoroff uses AI deepfakes to push Mac malware in fake Zoom calls
In a novel social engineering campaign, North Korea’s BlueNoroff is tricking company executives into downloading fake Zoom extensions that install a custom-built Mac malware suite. According to the findings by cybersecurity outfit Huntress, the infamous APT group (aka TA444, Sapphire Sleet, and COPERNICIUM) is using deep fakes of the victims’ own leadership to sell the…
blockchain, CryptoCurrency, Global Security News, malware, Scams and Fraud, Security
N. Korean Hackers Use PylangGhost Malware in Fake Cryp
North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.
blockchain, CryptoCurrency, Global Security News, malware, Scams and Fraud, Security
N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam
North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools.
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, hacking, malware
Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers
Java-based malware targets Minecraft users via fake cheat tools, utilizing the Stargazers Ghost Network distribution-as-a-service (DaaS). Check Point researchers found a multi-stage malware on GitHub targeting Minecraft users via Stargazers DaaS, using Java/.NET stealers disguised as cheat tools. Minecraft, one of the world’s most popular games with over 200 million monthly players and 300 million…
Global Security News, malware, phishing
ClickFix attacks surge as exploits see drop in popularity
Threat actors have been increasingly relying on social engineering tactics such as ClickFix scams to lure victims into infecting their systems with malware
Global Security News, Guest blog, Law & order, malware, Ransomware
Ransomware gang busted in Thailand hotel raid
In a dramatic raid at a hotel in central Pattaya this week, Thai police have unearthed a criminal gang that was operating a ransomware and illicit gambling operation. Read more in my article on the Hot for Security blog.
Android, Apps, Banking, Global Security News, malware, Security
GodFather Android Malware Runs Real Apps in a Sandbox to Steal Data
Zimperium zLabs reveals GodFather malware’s advanced virtualization that hijacks mobile banking and crypto apps. Learn how it steals data on your phone.
Application Security, endpointdevice-security, Global Security News, malware
GodFather banking malware creates virtual environment on victim devices
Malware observed targeting Turkish banks and scanning nearly 500 apps globally.
Emerging Tech, Global Security News, malware, phishing, Threat Intelligence
Report: Phishing, infostealers top mobile security threats
Jamfs newly released Security 360 Report underscores the growing complexity of cybersecurity risks across mobile and Mac devices used in enterprise environments, with phishing, infostealers, and unpatched vulnerabilities emerging as top concerns, according to IT Brief Australia.
Exploits, Global Security News, malware, Threat Intelligence
More sophisticated KimJongRAT stealer variants emerge
Weaponized Windows LNK files have been exploited by a pair of new advanced variants of the KimJongRAT information-stealing malware to facilitate multi-stage compromise of cryptocurrency wallets, browser credentials, and system information, GBHackers News reports.
Global Security News, malware, Threat Intelligence
SuperCard malware intrusions hit Russia
SuperCard malware intrusions hit Russia Android users across Russia have been initially subjected to intrusions involving the NFCGate-based SuperCard malware last month, reports The Record, a news site by cybersecurity firm Recorded Future.
Global Security News, malware, phishing
Cybercriminals use SEO tricks to push phishing pages
Search Engine Optimization (SEO) has become the latest tool for attackers looking to lure in targets for phishing attacks
Breaking News, cyber crime, Exploits, Flodrix botnet, Global Security News, hacking, malware
News Flodrix botnet targets vulnerable Langflow servers
Attackers exploit CVE-2025-3248 in Langflow servers to deliver Flodrix botnet via downloader scripts, Trend Research reports. Trend Research uncovered an ongoing campaign exploiting the vulnerability CVE-2025-3248 to deliver the Flodrix botnet. Attackers exploit the flaw to run scripts on Langflow servers, downloading and installing Flodrix malware. “If the vulnerability is successfully exploited, threat actors behind…
Exploits, Global Security News, malware, Threat Intelligence
HijackLoader, DeerStealer spread via ClickFix intrusion
Malicious actors have exploited the ClickFix attack technique to facilitate the deployment of the HijackLoader and DeerStealer payloads as part of a new campaign, Infosecurity Magazine reports.
Global Security News, malware, phishing, Threat Intelligence
FIN7-linked threat group impersonates 7-Zip, software updates
GrayAlpha uses custom loaders to deploy the NetSupport RAT backdoor.
DevOps, Global Security News, malware
PyPI repositories targeted by malicious ‘Chimera-Sandbox Extensions’
Bad package takes aim at AI apps that contain MacOS data, CI/CD pipelines, and AWS tokens.
Anubis, Anubis RaaS, Breaking News, cyber crime, Emerging Tech, Global Security News, malware
New Anubis RaaS includes a wiper module
Anubis RaaS now includes a wiper module, permanently deleting files. Active since Dec 2024, it launched an affiliate program in Feb 2025. Anubis is a new RaaS that combines file encryption capability with a rare “wipe mode,” permanently deleting files and preventing recovery even after ransom payment. Anubis operates a flexible affiliate program that has…
Global Security News, hacking, hacking news, intelligence, malware, North America, Security
New Predator spyware infrastructure revealed activity in Mozambique for the first time
Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged. Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and identified a new customer in Mozambique,…
Breaking News, data breach, Global Security News, hacking, malware, Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote System Wipe AMOS Variant Distributed…
Breaking News, Cybercrime, Exploits, Fog ransomware, Global Security News, malware, Security
Unusual toolset used in recent Fog Ransomware attack
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec researchers warn. In May 2025, attackers hit an Asian financial firm with Fog ransomware, using rare tools like Syteca monitoring software and pentesting tools GC2, Adaptix, and Stowaway. Symantec researchers pointed out that the use of these tools is unusual…
Global Security News, Guest blog, Law & order, malware, phishing, Security threats
Dutch police identify users as young as 11-year-old on Cracked.io hacking forum
Dutch police have announced that they have identified 126 individuals linked to the now dismantled Cracked.io cybercrime forum. Read more in my article on the Hot for Security blog.
data breach, Data loss, Global Security News, Guest blog, malware, Ransomware
Bert ransomware: what you need to know
Bert is a recently-discovered strain of ransomware that encrypts victims’ files and demands a payment for the decryption key. Read more in my article on the Fortra blog.
Breaking News, Cybercrime, Exploits, Global Security News, hacking, malware, Mobile
Apple confirmed that Messages app flaw was actively exploited in the wild
Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. The IT giant addressed the flaw…
Global Security News, Guest blog, malware, Ransomware
Empty shelves after US’s largest natural and organic food distributor suffers cyber attack
The spate of cyber attacks impacting the retail industry continues, with the latest victim being United Natural Foods (UNFI), which supplies organic produce to Whole Foods, Amazon, Target, and Walmart, amongst many others. Read more in my article on the Hot for Security blog.
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, malware
Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown
INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied to 69 info-stealers. Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. With support from 26 countries and partners like Group-IB, Kaspersky, and Trend…
Global Security News, malware, Threat Intelligence
Vulnerability exposes Danabot malware operators
Malware-as-a-service platform Danabot had operational information over the past three years exposed by a command-and-control infrastructure vulnerability, potentially aiding in its disruption as part of the ongoing international law enforcement effort Operation Endgame, according to Cyber Security News.
Global Security News, malware
Counterfeit gaming sites tapped for Myth Stealer malware delivery
Newly identified information-stealing malware Myth Stealer has been spread through fake gaming websites, reports The Hacker News.
cyber crime, Global Security News, Group-IB, infostealer, malware, Security
Operation Secure: INTERPOL Disrupts 20,000 Infostealer Domains, 32 Arrested
INTERPOL disrupts 20,000 infostealer domains in major cybercrime crackdown across Asia-Pacific, 32 arrested, 216K victims notified in Operation Secure.
Botnet, cyber attack, Cybersecurity, Exploits, Global Security News, malware, Security
Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw
Akamai’s latest report reveals two Mirai botnets exploiting the critical CVE-2025-24016 flaw in Wazuh. Learn about these fast-spreading IoT threats and urgent patching advice.
cyber attack, Cybersecurity, Global Security News, malware, Phishing Scam, Security
20 Top-Level Domain Names Abused by Hackers in Phishing Attacks
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
Breaking News, cyber crime, Cybercrime, Exploits, Global Security News, internet of things, malware
Mirai botnets exploit Wazuh RCE, Akamai warned
Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai warned. Akamai researchers warn that multiple Mirai botnets exploit the critical remote code execution vulnerability CVE-2025-24016 (CVSS score of 9.9) affecting Wazuh servers. Wazuh is an open-source security platform used for threat detection, intrusion detection, log data analysis, and compliance…
APT, Asia Pacific, Breaking News, Global Security News, hacking, intelligence, malware
China-linked threat actor targeted +70 orgs worldwide, SentinelOne warns
China-linked threat actor targeted over 70 global organizations, including governments and media, in cyber-espionage attacks from July 2024 to March 2025. In April 2025, cybersecurity firm SentinelOne warned that a China-linked threat actor, tracked as PurpleHaze, attempted to conduct reconnaissance on its infrastructure and high-value clients. The activity suggests targeted cyberespionage efforts aimed at gathering…
encryption, Global Security News, malware, Threat Intelligence
Complex npm attack uses 7-plus layers of obfuscation to spread Pulsar RAT
The package uses Japanese Unicode characters, hex encoding, Base64 and more to hide its actions.
backdoor, cyber attack, cyber attacks, Global Security News, malware, Security
Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems
Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api.
APT, Cisco Talos, cyber attacks, Global Security News, malware, Security
New PathWiper Malware Strikes Ukraine’s Critical Infrastructure
Cisco Talos discovers PathWiper, a destructive new malware targeting critical infrastructure in Ukraine, highlighting ongoing cyber threats amidst the Russia-Ukraine conflict.
Botnet, Breaking News, Exploits, Global Security News, internet of things, malware, Security
New Mirai botnet targets TBK DVRs by exploiting CVE-2024-3721
A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of the Mirai botnet that exploits a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216 digital video recording devices. During a review of the logs in…
Asia Pacific, BadBox 2.0, Breaking News, cyber crime, Global Security News, internet of things, malware
BadBox 2.0 botnet infects millions of IoT devices worldwide, FBI warns
BadBox 2.0 malware has infected millions of IoT devices globally, creating a botnet used for cyber criminal activities, the FBI warns. The FBI published a Public Service Announcement (PSA) to warn that cybercriminals are using the BADBOX 2.0 botnet to exploit IoT devices on home networks, like streaming devices, projectors, and infotainment systems, mostly made…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, malware
Over 950K weekly downloads at risk in ongoing supply chain attack on Gluestack packages
A supply chain attack hit NPM, threat actors compromised 16 popular Gluestack packages, affecting 950K+ weekly downloads. Researchers from Aikido Security discovered a new supply chain attack targeted NPM, compromising 16 popular Gluestack ‘react-native-aria’ packages with over 950K weekly downloads. Our Malware Intelligence team has detected an active and on-going attack against packages on npm…
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, malware
Over 950K weekly downloads at risk in ongoing supply chain attack on Gluestack packages
A supply chain attack hit NPM, threat actors compromised 16 popular Gluestack packages, affecting 950K+ weekly downloads. Researchers from Aikido Security discovered a new supply chain attack targeted NPM, compromising 16 popular Gluestack ‘react-native-aria’ packages with over 950K weekly downloads. Our Malware Intelligence team has detected an active and on-going attack against packages on npm…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, hacking news, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 48
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One Attacker exploits misconfigured AI tool to run AI-generated payload Crocodilus Mobile Malware: Evolving Fast, Going Global How Threat Actors Exploit Human Trust: A Breakdown of the…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, hacking news, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 48
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One Attacker exploits misconfigured AI tool to run AI-generated payload Crocodilus Mobile Malware: Evolving Fast, Going Global How Threat Actors Exploit Human Trust: A Breakdown of the…
Breaking News, cyber crime, Exploits, Global Security News, hacking, malware, Security
Attackers exploit Fortinet flaws to deploy Qilin ransomware
Qilin ransomware now exploits Fortinet vulnerabilities to achieve remote code execution on impacted devices. Threat intelligence firm PRODAFT warned that Qilin ransomware (aka Phantom Mantis) group targeted multiple organizations between May and June 2025 by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762, and CVE-2024-55591. “Phantom Mantis recently launched a coordinated intrusion campaign targeting multiple organizations between…
Application Security, Global Security News, malware, supply chain, Threat Intelligence
Fake npm utilities remotely delete entire app directories
The malicious packages create backdoor endpoints and act as wipers when activated.
APT, Breaking News, Cyber warfare, Global Security News, ICS-SCADA, malware
Russia-linked threat actors targets Ukraine with PathWiper wiper
A Russia-linked threat actor targeted a critical infrastructure organization in Ukraine with a new destructive malware dubbed PathWiper. Russia-linked threat actor targeted Ukraine’s critical infrastructure with a new wiper named PathWiper. Cisco Talos researchers reported that attackers utilized a legitimate endpoint administration tool, indicating they had access to the administrative console, then used it to…
data breach, DragonForce, Global Security News, Guest blog, malware, Ransomware
Marks & Spencer’s ransomware nightmare – more details emerge
Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty, shut down online ordering, some staff unable to clock in and out, and caused some of its major suppliers to resort to pen and paper. In a gloating abuse-filled email to…
Global Security News, malware, Threat Intelligence
More sophisticated ViperSoftX malware variant emerges
GBHackers News reports that updates to the ViperSoftX information-stealing malware have bolstered its modularity, covertness, and persistence.
Breaking News, cyber crime, Cybercrime, Global Security News, hacking, malware, North America
U.S. Offers $10M bounty for info on RedLine malware creator and state hackers
The U.S. offers up to $10M for info on state hackers linked to RedLine malware and its creator, Maxim Rudometov, tied to attacks on U.S. infrastructure. The U.S. Department of State offers a reward of up to $10 million for information nation-state actors linked to the RedLine infostealer and its alleged author, Russian national Maxim…
Global Security News, Guest blog, Law & order, malware, RedLine
US offers $10 million reward for tips about state-linked RedLine hackers
How would you like to earn yourself millions of dollars? Well, it may just be possible – if you have information which could help expose the identities of cybercriminals involved with the notorious RedLine information-stealing malware. Read more in my article on the Tripwire State of Security blog.
Breaking News, cyber crime, Exploits, Global Security News, hacking, hacking news, malware
Play ransomware group hit 900 organizations since 2022
A joint advisory from the US and Australian authorities states that Play ransomware has hit approximately 900 organizations over the past three years. A joint advisory from the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) states that Play ransomware has hit…
Global Security News, Incident Response, malware, Vulnerability Management
Updating & Protecting Linux Systems – PSW #877
Breaking News, Chaos RAT, cyber crime, Cybercrime, Emerging Tech, Global Security News, malware
New versions of Chaos RAT target Windows and Linux systems
Acronis researchers reported that new Chaos RAT variants were employed in 2025 attacks against Linux and Windows systems. Acronis TRU researchers discovered new Chaos RAT variants targeting Linux and Windows in recent attacks. Originally seen in 2022, Chaos RAT evolved in 2024, with fresh samples emerging in 2025. TRU also discovered a critical flaw in…
critical-infrastructure-security, Global Security News, malware
Ramnit malware compromise in industrial orgs spikes
SecurityWeek reports that the industrial sector has been primarily infected with the Win32.Worm.Ramnit, Trojan.scar/shyape, Trojan.lokibot/stealer, and Win32.Worm.Sohanad malware between October 2024 and March 2025.
critical-infrastructure-security, Global Security News, malware
Ramnit malware compromise in industrial orgs spikes
SecurityWeek reports that the industrial sector has been primarily infected with the Win32.Worm.Ramnit, Trojan.scar/shyape, Trojan.lokibot/stealer, and Win32.Worm.Sohanad malware between October 2024 and March 2025.
booking.com, ClickFix, cyber attack, Global Security News, malware, Security
ClickFix Email Scam Alert: Fake Booking.com Emails Deliver Malware
Cofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…
AI, Cloud Security, Cybersecurity, Data Privacy, Data Security, Europe, Featured, Global Security News, Governance, Risk & Compliance, Incident Response, malware, Microsoft cybersecurity, Mobile Security, Network Security, News, Ransomware, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, Threats & Breaches
Microsoft Launches Free Security Program for European Governments
Microsoft is offering European countries a new cybersecurity program for free to help them defend against threats from nation-states like China and Russia, ransomware gangs, and AI-powered cyber threats through greater intelligence sharing, investments, and partnerships. The post Microsoft Launches Free Security Program for European Governments appeared first on Security Boulevard.
AI, Cloud Security, Cybersecurity, Data Privacy, Data Security, Europe, Featured, Global Security News, Governance, Risk & Compliance, Incident Response, malware, Microsoft cybersecurity, Mobile Security, Network Security, News, Ransomware, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, Threats & Breaches
Microsoft Launches Free Security Program for European Governments
Microsoft is offering European countries a new cybersecurity program for free to help them defend against threats from nation-states like China and Russia, ransomware gangs, and AI-powered cyber threats through greater intelligence sharing, investments, and partnerships. The post Microsoft Launches Free Security Program for European Governments appeared first on Security Boulevard.
AI, Cloud Security, Cybersecurity, Data Privacy, Data Security, Europe, Featured, Global Security News, Governance, Risk & Compliance, Incident Response, malware, Microsoft cybersecurity, Mobile Security, Network Security, News, Ransomware, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, Threats & Breaches
Microsoft Launches Free Security Program for European Governments
Microsoft is offering European countries a new cybersecurity program for free to help them defend against threats from nation-states like China and Russia, ransomware gangs, and AI-powered cyber threats through greater intelligence sharing, investments, and partnerships. The post Microsoft Launches Free Security Program for European Governments appeared first on Security Boulevard.
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis
Cyber Attacks on Government Agencies: Detect and Investigate with ANY.RUN for Fast Response
Government institutions worldwide face a growing number of sophisticated cyberattacks. This case study examines how ANY.RUN’s solutions can be leveraged to detect, analyze, and mitigate cyber threats targeting government organizations. By analyzing real-world threats, we demonstrate how ANY.RUN’s Threat Intelligence Lookup, Interactive Sandbox, and YARA Search assist cybersecurity teams in identifying attack vectors, tracking malicious…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
Android, Breaking News, cyber crime, Global Security News, malware, Mobile
Android banking trojan Crocodilus rapidly evolves and goes global
A new Android banking trojan called Crocodilus is being used in a growing number of campaigns targeting users in Europe and South America. Crocodilus is a recently discovered Android banking trojan that is quickly gaining ground. What began as small test campaigns has now grown into full-blown attacks targeting users across Europe and South America.…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
ANYRUN, Cybersecurity, Global Security News, malware, Malware Analysis
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
Editor’s note: The current article is authored by Mauro Eldritch, offensive security expert and threat intelligence analyst. You can find Mauro on X. What looks like a simple freelance bug fix turns out to be a full-blown malware infection. OtterCookie, a new tool from the Lazarus Group APT, hides behind clean code and fake job offers, then…
antivirus, counter antivirus, Cybercrime, Cybersecurity, Department of Justice (DOJ), fbi, Federal Bureau of Investigation (FBI), Global Security News, Government, Justice Department, malware, Ransomware, Secret Service
Top counter antivirus service disrupted in global takedown
AVCheck, a large-scale service that cybercriminals use to check if their malware can be detected by various antivirus tools, was seized and taken offline Tuesday by a globally coordinated law enforcement action. Officials on Thursday said they seized four domains and a server associated with the online software crypting syndicate. The site for the counter…
Global Security News, Guest blog, malware, MOD, Russia
Damascened Peacock: Russian hackers targeted UK Ministry of Defence
The UK’s Ministry of Defence has revealed that it was the target of a sophisticated cyber attack that saw Russia-linked hackers pose as journalists. Read more in my article on the Hot for Security blog.
ClickFix, data breach, Global Security News, Guest blog, Interlock, malware, Ransomware
Interlock ransomware: what you need to know
“We don’t just want payment; we want accountability.” The malicious hackers behind the Interlock ransomware try to justify their attacks. Learn more about what you need to know about Interlock in my article on the Tripwire State of Security blog.
CIA, Global Security News, Law & order, malware, Meta, Podcast, Romance baiting, Smashing Security, Star Wars, vulnerability, WhatsApp
Smashing Security podcast #419: Star Wars, the CIA, and a WhatsApp malware mirage
Why is a cute Star Wars fan website now redirecting to the CIA? How come Cambodia has become the world’s hotspot for scam call centres? And can a WhatsApp image really drain your bank account with a single download, or is it just a load of hacker hokum? All this and much more is discussed…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
ANYRUN, Cybersecurity, Exploits, Global Security News, Instructions on ANY.RUN, malware, Malware Analysis
How to Analyze Node.js, Python, Android, and Linux Malware with ANY.RUN
Malware doesn’t stick to one platform or play fair. One day it’s a Python stealer. The next, it’s an Android RAT or a Node.js backdoor quietly pinging its C2. Then it hits Linux, flooding your network with suspicious connections. Modern threats are unpredictable. They move across systems and languages, often slipping past tools that weren’t…
Botnet, Cloud Security, Cybersecurity, DanaBot, Data Privacy, Data Security, Endpoint, Featured, Global Security News, Identity & Access, malware, Network Security, News, Operation Endgame Cybercrime, Russia, Security Boulevard (Original), Spotlight, Threats & Breaches
U.S. Authorities Seize DanaBot Malware Operation, Indict 16
U.S. authorities seized the infrastructure of the DanaBot malware and charged 16 people in an action that is part of the larger Operation Endgame, a multinational initiative launched last year to disrupt and take apart global cybercriminals operations. The post U.S. Authorities Seize DanaBot Malware Operation, Indict 16 appeared first on Security Boulevard.
3am, data breach, Data loss, Exploits, Global Security News, Guest blog, malware, Ransomware, vishing
3AM ransomware attack poses as a call from IT support to compromise networks
Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. Find out how they do it in my article on the Tripwire State of Security blog.
botnets, Cybercrime, Cybersecurity, DanaBot, Department of Justice (DOJ), espionage, Global Security News, Government, indictment, Information stealing malware, infostealers, malware, Russia, Threats
DanaBot malware operation seized in global takedown
A global collection of private defenders and law enforcement agencies notched another win against a core facilitator for cybercrime, initiating coordinated seizures and takedowns of DanaBot’s command and control servers, disrupting the malware-as-a-service’s operations, the Justice Department said Thursday. Federal officials also unsealed a grand jury indictment and criminal complaint charging 16 individuals for their…
cyberattack, Cybersecurity, Global Security News, Justice Department, malware, Microsoft, Security
Microsoft says Lumma password stealer malware found on 394,000 Windows PCs
Microsoft and law enforcement announced a coordinated takedown of the Lumma pasword-stealing malware.
Cloud Security, Cyber Attacks Microsoft, Cybersecurity, Data Privacy, Data Security, eset, Featured, Global Security News, Identity & Access, infostealer, Lumma Stealer, malware, Mobile Security, Network Security, News, Ransomware, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threat Intelligence
Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer
International law enforcement agencies and cybersecurity vendors seized thousands of domains used to run the MaaS operations of the widely popular Lumma Stealer malware, which was used to facilitate ransomware, malvertising, and phishing attacks around the globa. The post Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer appeared first on Security Boulevard.
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…
ANYRUN, Cybersecurity, Exploits, Global Security News, malware, Malware Analysis, News
DBatLoader Delivers Remcos via .pif Files and UAC Bypass in New Phishing Campaign
A new phishing campaign is spreading the Remcos Remote Access Trojan (RAT) through DBatLoader. It employs User Account Control (UAC) bypass, obfuscated scripts, Living Off the Land Binaries (LOLBAS) abuse, and persistence mechanisms. Here’s an analysis of the infection chain, key techniques, and detection tips. How the Attack Works To see how the attack unfolds,…