Lucene search
K

17 matches found

HackRead
HackRead
added 2025/07/22 9:50 p.m.16 views

Coyote Trojan First to Use Microsoft UI Automation in Bank Attacks

Coyote Trojan becomes first malware to abuse Microsoft’s UI Automation in real attacks, targeting banks and crypto platforms with stealthy tactics...

7.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/07/22 12:0 a.m.7 views

Back to Business: Lumma Stealer Returns with Stealthier Methods

Lumma Stealer has re-emerged shortly after its takedown. This time, the cybergroup behind this malware appears to be intent on employing more covert tactics while steadily expanding its reach. This article shares the latest methods used to propagate this threat...

7.2AI score
Exploits0
Securelist
Securelist
added 2025/07/21 8:0 a.m.21 views

The SOC files: Rumble in the jungle or APT41’s new target in Africa

Introduction Some time ago, Kaspersky MDR analysts detected a targeted attack against government IT services in the African region. The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware. One of the C2s was a captive SharePoint serve...

7.1AI score
Exploits0
Securelist
Securelist
added 2024/12/19 10:0 a.m.23 views

Lazarus group evolves its infection chain with old and new malware

Over the past few years, the Lazarus group has been distributing its malicious software by exploiting fake job opportunities targeting employees in various industries, including defense, aerospace, cryptocurrency, and other global sectors. This attack campaign is called the DeathNote campaign and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/25 12:10 p.m.46 views

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control UAC bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/07/10 6:9 a.m.17 views

Charming Kitten’s Latest Malware Arsenal and Targeting Strategies

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Charming Kitten, an adaptable threat actor, has shifted to new malware tactics and targets by employing LNK infection chains and utilizing cloud hosting providers. This evolution in their approach poses ...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/02 11:28 a.m.90 views

Inside Raccoon Stealer V2

Raccoon Stealer is back on the news again. US officials arrested Mark Sokolovsky, one of the malware actors behind this program. In July 2022, after several months of the shutdown, a Raccoon Stealer V2 went viral. Last week, the Department of Justice's press release stated that the malware...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/07 10:45 p.m.42 views

Evasive Shikitega Linux malware drops Monero cryptominer

Researchers from the AT&T Alien Labs Resarch have discovered a new and stealthy Linux malware it's dubbed Shikitega. Once it's on a machine or device, Shitega executes a "multistage infection chain" involving small files, a couple of vulnerabilities, and the use of Mettle, a portable Metasploit...

7.2CVSS1.2AI score0.94921EPSS
Exploits179
The Hacker News
The Hacker News
added 2022/07/19 6:38 a.m.32 views

Several New Play Store Apps Spotted Distributing Joker, Facestealer and Coper Malware — The Hacker News

Google has taken steps to ax dozens of fraudulent apps from the official Play Store that were spotted propagating Joker, Facestealer, and Coper malware families through the virtual marketplace. While the Android storefront is considered to be a trusted source for discovering and installing apps,...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/03 1:54 p.m.30 views

Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments

A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes' latest findings...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/10/15 6:5 p.m.427 views

TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

The cybercriminals behind the infamous TrickBot trojan have signed two additional distribution affiliates, dubbed Hive0106 aka TA551 and Hive0107 by IBM X-Force. The result? Escalating ransomware hits on corporations, especially using the Conti ransomware. The development also speaks to the...

9CVSS9.1AI score0.99759EPSS
Exploits41References13
ThreatPost
ThreatPost
added 2020/10/29 9:15 p.m.46 views

Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to Hospitals

The boozy names might sound like the kind of thing conjured up in a frat-house common room, but malware families Kegtap, Singlemalt and Winekey are being used to gain initial network access in potentially lethal ransomware attacks on healthcare organizations in the midst of a global pandemic,...

0.2AI score
Exploits0References14
ThreatPost
ThreatPost
added 2017/08/01 10:14 a.m.12 views

Pharmaceutical Giant Still Feeling NotPetya's Sting

NotPetya was massive shift in malware tactics as what was initially believed to be another global ransomware attack on par with WannaCry was instead a wiper in disguise. It claimed thousands of victims worldwide, including some of the highest profile manufacturers, critical infrastructure provide...

0.8AI score
Exploits0References6
ThreatPost
ThreatPost
added 2017/05/02 5:52 p.m.16 views

Shamoon Collaborator Greenbug Adopts New Communication Tool

Researchers have identified a possible new collaborator in the continued Shamoon attacks against Saudi organizations. Called Greenbug, this group is believed to be instrumental in helping Shamoon steal user credentials of targets ahead of Shamoon’s destructive attacks. However, researchers know...

1.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2016/05/25 2:58 p.m.80 views

Wekby APT Gang Seen Using DNS Tunneling for Command and Control

Palo Alto Networks is reporting a shift in malware tactics used by the APT group Wekby that has added a rare but effective new tool to its bag of tricks. The security firm reported on Tuesday that over the past week, Wekby attackers are turning to the technique known as DNS tunneling in lieu of...

10CVSS9.9AI score0.99344EPSS
Exploits6References6
ThreatPost
ThreatPost
added 2015/07/06 1:59 p.m.11 views

Ad Fraud Malware Updating Flash on Infected PCs

Ad fraud malware is one of the more profitable specialties in the cybercrime world, and the attackers who use it often have to adapt their tactics in order to keep the money rolling in. One of the tactics that they have adopted in recent months is that of updating the version of Flash that’s...

1.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2010/10/15 3:9 p.m.26 views

New Malware Murofet Following Conficker's Lead

It’s been a blissful few months since Conficker last reared its over-hyped head, but now there’s a new piece of malware that is adopting some of the tactics that Conficker used. The malware, known as Murofet, is using Conficker’s technique of generating thousands of new domains for updates every...

0.3AI score
Exploits0References3
Rows per page
Query Builder