Lucene search
K

42 matches found

The Hacker News
The Hacker News
added 2020/07/28 6:48 a.m.7 views

QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices

Cybersecurity agencies in the US and UK yesterday issued a joint advisory about a massive ongoing malware threat infecting Taiwanese company QNAP's network-attached storage NAS appliances. Called QSnatch or Derek, the data-stealing malware is said to have compromised 62,000 devices since reports...

5.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/03/11 12:29 p.m.11 views

Necurs Botnet in Crosshairs of Global Takedown Offensive

A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure. The move came after Microsoft and partners across 3...

7.6AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/03/11 12:29 p.m.33 views

Necurs Botnet in Crosshairs of Global Takedown Offensive

A New York State court issued an order this week giving Microsoft control of the U.S.-based infrastructure used by the notorious Necurs botnet in an effort to stop the world’s most prolific and globally dispersed spam and malware infrastructure. The move came after Microsoft and partners across 3...

7.6AI score
Exploits0References8
The Hacker News
The Hacker News
added 2020/03/10 7:1 p.m.3 views

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide

Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure. The latest botnet takedown was the result of a coordinated operation involving...

5.9AI score
Exploits0
CNVD
CNVD
added 2017/08/14 12:0 a.m.4 views

Backdoor in the nssock2.dll module of several products including NetSarang Xmanager and Xshell

NetSarang is a company that provides secure link solutions and Xshell is a terminal emulation software. The related nssock2.dll module, a component used for network communication, in the installation directories of Xshell, Xlpd, Xmanager, and Xftp has been found to contain backdoor-type code samp...

6.7AI score
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2017/08/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-20202

Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script. The fetched script conditionally loaded follow-on modules that performed extensive ad substitution and malvertising, displayed fake “repair” alerts that redirected users to...

9.3CVSS5.9AI score0.00499EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2015/11/04 12:0 p.m.9 views

Tinba Variant Spotted Targeting Russian, Japanese Banks

Cybercriminals behind the Tinba banking Trojan have been homing in on some of the larger banks in Russia and Japan, experts claim. According to researchers with Dell SecureWorks, who looked at an instance of the malware last month, configuration files in one variant are targeting one of the...

1.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2015/08/31 11:31 a.m.12 views

CoreBot Credential-Stealing Malware

A new piece of data-stealing malware has a real thirst for credentials—and the potential for worse trouble down the line. IBM today published a report on CoreBot, generic information-stealing malware designed with enough flexibility to soon ramp up its capabilities to exfiltrate data in real time...

0.8AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/08/06 1:46 p.m.10 views

Updated DGA Changer Malware Generates Fake Domain Stream

LAS VEGAS — The group behind the DGA Changer downloader has been pretty adept in modifying the malware to elude sandbox detection in particular. Researchers at Seculert today published a report on the latest twist to DGA Changer, which now is able to generate a fake stream of domains if it detect...

0.8AI score
Exploits0References4
ThreatPost
ThreatPost
added 2014/11/18 10:33 a.m.13 views

Matsnu Botnet DGA Builds Domains From List of Nouns, Verbs

Domain generation algorithms have been botmasters’ favorite tool for keeping malware up and running—and for frustrating security researchers and detection technologies. Like malware, DGAs evolve, thus complicating an already tricky cat-and-mouse game between criminals and white hats. The latest i...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/10/09 2:17 p.m.10 views

Rovnix Variant Surfaces With New DGA

Researchers have unearthed a new version of the Rovnix malware that has a couple of additional features, including a new domain generation algorithm and a secure transmission channel for communicating with the command-and-control servers. Rovnix is a malware variant that often has been distribute...

1.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/08/14 4:58 p.m.9 views

NewGOZ Gameover Zeus Botnet Rebuilds

It didn’t take long for an updated version of GameOver Zeus to make some headway in rebuilding itself. Research published today from Arbor Networks demonstrates that cybercriminals behind GameOver Zeus, which was taken down by law enforcement in early June, have renewed the botnet with at least...

0.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/07/31 12:22 p.m.11 views

New GameOver Zeus Botnet Malware Variant Surfaces

The GameOver Zeus takedown was trumpeted as a victory against cybercrime, and for all its success, even those involved understood it was likely a temporary win. Researchers at Seculert have spotted a new variant of GameOver Zeus that has spurned previous versions’ peer-to-peer communication...

1.3AI score
Exploits0References4
The Hacker News
The Hacker News
added 2014/07/17 6:4 a.m.10 views

New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours

One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/07/11 1:55 p.m.12 views

Possible New Version of GameOver Zeus Malware Emerges

It’s only been a little more than a month since the FBI and Europol took down the GameOver Zeus botnet, taking control of its command-and-control infrastructure and effectively cutting off the malware’s head. But researchers say that there are some indications that a new strain of the malware may...

0.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/11/06 1:28 p.m.19 views

US-CERT Warns of More CryptoLocker Ransomware Infections

CryptoLocker is a devious evolution of now-familiar ransomware schemes in which the malware encrypts files it finds on a number of network resources and demands a ransom for the decryption key. US-CERT issued an advisory today warning businesses and consumers of the risks presented by CryptoLocke...

0.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2013/09/18 3:23 p.m.15 views

Shylock/Caphaw Banking Malware Infections on the Rise

Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/08/28 3:30 p.m.17 views

Kelihos P2P Botnet Leveraging Composite Blocking Lists

Kelihos, the peer-to-peer botnet with nine lives, keeps popping up with new capabilities that enable it to sustain itself and make money for its keepers by pushing spam, harvesting credentials and even stealing Bitcoins. According to a number of sources, Kelihos is now leveraging legitimate and...

1.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/05/17 12:25 p.m.13 views

PushDo Malware DGA Now Generates .KZ Domains

For every punch a hacker throws, there is a counter from a security company, and then, inevitably, the hacker adjusts again. That’s what’s happening right now with the PushDo malware. This week, Dell SecureWorks, Damballa Lab and Georgia Tech University combined on a research report exposing the...

7.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/05/15 4:6 p.m.12 views

PushDo Malware Returns with Domain Generation Algorithm

Four times since 2008, authorities and technology companies have taken the prolific PushDo malware and Cutwail spam botnet offline. Yet much like the Energizer Bunny, it keeps coming back for more. In early March, researchers at Damballa discovered a new version of the malware that had adopted a...

0.3AI score
Exploits0References2
Rows per page
Query Builder