malware

During the implementation of operational search activities of the Federal Security Service of Russia in the Samara region, a resident of the region was identified who was involved in the creation, use and distribution of malicious software in order to neutralize anti-virus protection tools. It...

Now the tool is available not only for the government, but also for private companies. CISA has announced the launch of a new malware analysis system, Malware Next — Gen, which allows organizations to analyze malware samples and other suspicious artifacts. The service is now available for...

Who were the mysterious "Gods" and "Bignosa", and how did the researchers manage to calculate them? A recent comprehensive study conducted by Check Point sheds light on the dark side of cyberspace, revealing the activities and identities of attackers using the Agent Tesla malware. Agent Tesla...

File sharing sites are becoming a new attack vector on Israeli companies. The information security company Proofpoint has discovered a new phishing campaign of the Iranian group MuddyWater, during which legitimate software for remote monitoring and management of Atera is distributed among...

How the ambassadors who decide to participate in the tasting, please in the clutches of spies. An unknown hacker group, dubbed SPIKEDWINE, attacks ambassadors from a number of European countries where Indian diplomatic missions operate. To achieve their goals, attackers use a new malicious...

The Chinese company Acemagic admitted that some of its products were delivered with pre-installed malware. The company explains that they just wanted to reduce the download time and made changes to the Microsoft source code for this purpose. In early February 2024, youtuber The Net Guy...

AI forces you to rethink your defense strategies. A Los Alamos National Laboratory research team has made a significant breakthrough in cybersecurity, using artificial intelligence to improve malware analysis on a large scale. The developed approach made it possible to significantly advance in...

The new generation of malware is aimed not at bypassing detection, but at completely destroying the protection of enterprises. Over the past year, the number of incidents aimed at disabling corporate protection has significantly increased in cyberspace. This is stated in the annual report Red...

Even the most inexperienced users can no longer be afraid of scammers. Google launching a new pilot program to combat financial fraud, which aims to block the installation of external APKs that request access to risky permissions. APK or Android Package is a file format used for distributing...

FBI officials said they were able to eliminate the KV botnet used by hackers from the Chinese group Volt Typhoon (aka Bronze Silhouette, DEV-0391, Insidious Taurus and Vanguard Panda) to evade detection during attacks that target critical US infrastructure. It is reported that Volt Typhoon used...

Phishing attacks in Russia are reaching a new level of sophistication. F. A. C. C. T warns of a new wave of targeted phishing attacks on users of state-owned online services in Russia. The attackers send fake emails allegedly from the Ministry of Digital Development of Russia with a request to...

Why should you be careful when installing PyPI packages? The Fortinet FortiGuard Labs team found malicious packages in the Python Package Index (PyPI) repository that deliver the WhiteSnake Stealer infostiler to Windows systems. Packages containing malware are called nigpal, figflix, telerer...

Attackers bypass antivirus programs and permanently gain a foothold in their victims systems. The Slovak company ESET discovered the activities of a previously unknown group of hackers associated with China, and assigned it the code name Blackwood. The group has been active since 2018 and...

Attackers bypass antivirus programs and permanently gain a foothold in their victims ' systems. The Slovak company ESET discovered the activities of a previously unknown group of hackers associated with China, and assigned it the code name Blackwood. The group has been active since 2018 and...

Исследователи кибербезопасности пролили свет на командно-контрольный сервер (C2) известного семейства вредоносных программ под названием SystemBC. "SystemBC можно приобрести на подпольных торговых площадках и поставляется в архиве, содержащем имплантат, сервер командования и управления (C2) и...

What does the band have in common with the legendary BlackMatter? Cybersecurity company Trend Micro has discovered that in 2023, the Kasseika ransomware group joined an increasing number of cybercrime groups using the BYOVD (Bring Your Own Vulnerable Driver) tactic, which allows attackers to...

A resident of Voronovo is accused of developing malicious computer programs. The details were reported by the telegram channel “102. Neman" Department of Internal Affairs of the Grodno Regional Executive Committee. It was established that a 35-year-old Belarusian received an order via the...

Experts attribute this activity to the termination of QakBot in August. Trend Micro has recorded an active distribution of the PikaBot malware by the Water Curupira group. Operations began in the first quarter of 2023 and continued until the end of June, before resuming in September. PikaBot...

In the new iteration, the banking Trojan has received qualitatively new attack capabilities. Cybersecurity researchers discovered a new version of the Android Trojan for Android called Chameleon, which is aimed primarily at European users of banking applications. The new version of the mobile...

Attackers are testing a new version with some changes. QakBot malware is once again being used in phishing campaigns, despite the successful operation of law enforcement agencies "Duck Hunt" to eliminate the QakBot infrastructure. QakBot (Qbot) started out as a banking Trojan in 2008. Malware...