U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation

A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that their malicious software stayed undetected from security software. To that effect, the U.S. Department of Justice DoJ said it seized four...

MAL-2025-1077 Malicious code in com.unity.services.core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 570e09325b7eeead7439db1cd6a223b5de2ddab48982af7bb43957a6c48d9069 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7340 Malicious code in @zitterorg/quasi-quidem (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 20f6a4592f0557258ab1a57552b4a83fbe1cf605de22c693c05db453403fddd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1593 Malicious code in ato-z-web-identity-components-app-cdk-adp-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c33c62d31d74de8fa6a7a3911507ce9a8d513bccb45ff1b51b7fbb9068920d3e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6987 Malicious code in vtpzfdicergkhjsm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f12b8baceceea3cd62951534c2c177a91ac2efc22215bd9bc855ac34b27487b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1302 Malicious code in azure-communication-network-traversal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f7a0cec00dbd776206a45492d115fdad30ccb30649387fcb23e928778c431a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2632 Malicious code in dx-osc-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8cd2b7845745d96a64e8582c8a27cda79f92322c2353e175a41f2268163f3a89 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-375 Malicious code in @kaspersky/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 353c3be162a0520ec9a4097a45b0b3df2fc85b4ac6993fc40cca5a13708e3e4d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview twilio-npm opened a reverse shell to a remote server as a postinstall script. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different compute...

Windows Malicious Software Removal Tool - November 2019 (KB890830)

After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software including Blaster, Sasser, and Mydoom and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you sta...

Windows Malicious Software Removal Tool - June 2019 (KB890830)

After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software including Blaster, Sasser, and Mydoom and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you sta...

Threat Outbreak Alert RuleID31694: Email Messages Distributing Malicious Software on December 22, 2017

Medium Alert ID: 56325 First Published: 2017 December 22 16:48 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID31694 may contain the following files: Name |...

Cisco Firepower Management Center Malicious Software Detection Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be...

Threat Outbreak Alert RuleID8337KVR: Email Messages Distributing Malicious Software on April 5, 2016

Medium Alert ID: 42938 First Published: 2016 January 8 14:01 GMT Last Updated: 2016 April 7 11:38 GMT Version: 25 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID8337 and...

Threat Outbreak Alert RuleID10593: Email Messages Distributing Malicious Software on July 8, 2014

Medium Alert ID: 34870 First Published: 2014 July 8 15:02 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID10593 may contain the following files: Name | Size...

Rootkit Hunter - Rootkit scanning tool

Rootkit Hunter - Rootkit scanning tool Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like: - MD5 hash compare - Look for default files used by rootkits - Wrong file...

Reports of a new vulnerability in Microsoft Excel

Reports of a new vulnerability in Microsoft Excel Hi everyone, Mike Reavey here. We've received a single report from a customer being impacted by an attack using a new vulnerability in Microsoft Excel. Here's what we know: In order for this attack to be carried out, a user must first open a...