Malicious code in absent_swordtail_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 676325c5ffd199c791aa15a7a5bd8384166e0f84c33ea343715a5d4e8cd0ef39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant

This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of...

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

Trend Micro Research observed the resurgence of the Cuba ransomware group that launched a new malware variant using different infection techniques compared to past iterations. We discuss our initial findings in this report...

It’s business as usual for REvil ransomware

After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang appears to be back. We say "appears" because its still unclear whether the groups operations have indeed restarted. To the trained eye, REvils movements seem out of sorts. When REvils o...

New variant of Joker malware found in Android apps on Play Store

By Sudais Asif The original Joker malware was identified on Play Store back in September 2019. This is a post from HackRead.com Read the original post: New variant of Joker malware found in Android apps on Play Store...

SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks

This post was written by Vitor Ventura Introduction Talos has been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been observed across multiple industries including Government, Healthcare and ICS. These attacks do...

Citadel Banking Malaware Variant Delivers Localized Content

With builders for the Citadel Trojan freely available on any number of underground criminal forums, it’s no surprise to see some legs left in the malware despite a takedown of more than 1,400 Citadel botnets less than a month ago by U.S. law enforcement and Microsoft. A new variant has popped up ...

Kelihos Returns: Same Botnet or New Version?

The twice-shut-down Kelihos botnet remains active and continues spamming with a new variant, despite yesterday’s efforts by Kaspersky Lab and CrowdStrike that knocked offline and sinkholed the most recent version of the botnet. According to a Seculert report, the indomitable botnet is using a...

New Storm Variant Merely a Spambot, Experts Say

The new piece of malware that surfaced this week and has been hailed as a return of the Storm worm, is in fact simply the worm’s original spam engine with some new components wrapped around it, researchers say, and not a rebirth of the botnet itself. Storm was a major botnet threat during its...

Experts Say New Storm Variant of Poor Design

A new variant of the Storm worm has emerged, but it does not appear to be as well-designed as its older relative, according to computer security researchers. Read the full article. IDG News Service...