Malware & Threats Archives - Page 3 of 103

UK Intelligence Agency Warns of Mounting AI Cyberthreat

Issued by: DataBreach Today

Generative artificial intelligence-enabled ransomware and nation-state hacks in the United Kingdom are “almost certainly” likely to surge after this year, the National Cyber Security Center warned. And British lawmakers called on the government to roll out measures to prevent AI scams. In a report evaluating the cyber risk posed by artificial intelligence, the NCSC evaluated…

Malware & Threats

Medusa group steps up ransomware activities

Issued by: CSO Online

A fast rising ransomware outfit is escalating its activities and has launched a new blog offering victims a variety of payoff options, according to a report released Thursday by Palo Alto Networks’ Unit 42. The new Medusa Blog is used by the group to post stolen data with the threat of exposing the data if…

Malware & Threats

Turkish APT ‘Sea Turtle’ Resurfaces to Spy on Kurdish Opposition

Issued by: Dark Reading

A group aligned with the interests of the government of Turkey has been turning up its politically motivated cyber espionage lately, targeting Kurdish opposition groups through high-value supply chain targets in Europe, the Middle East, and North Africa. Following some years out of the limelight, Sea Turtle (aka Teal Kurma, Marbled Dust, Silicon, or Cosmic…

Malware & Threats

North Korea Debuts ‘SpectralBlur’ Malware Amid macOS Onslaught

Issued by: Dark Reading

The prolific North Korean state-backed threat actor known as TA444 is back with shiny new malware for targeting macOS users, dubbed “SpectralBlur.” The custom tool is the latest in a string of proprietary malware that the advanced persistent threat (APT) group has been consistently generating — a trait that sets it apart from other DPRK-sponsored…

Malware & Threats

Microsoft disables online Windows App Installer after attackers abuse it

Issued by: CSO Online

Microsoft has disabled the App Installer functionality that allowed Windows 10 apps to be installed directly from a web page by clicking on a link that used the ms-appinstaller URI scheme. This functionality has been heavily abused in recent months by different threat actors to deploy ransomware and other malicious implants. “Threat actors have likely…

Malware & Threats

New Rugmi Malware Loader Surges with Hundreds of Daily Detections

Issued by: The Hacker News

A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. “This malware is a loader with three types of components: a downloader…

Malware & Threats

Chameleon Android Malware Can Bypass Biometric Security

Issued by: SecurityWeek

Active since early 2023, the malware initially targeted mobile banking applications in Australia and Poland, but has since expanded its reach to the UK and Italy. When initially uncovered, ThreatFabric explains, Chameleon used multiple loggers, had limited malicious functionality, and contained various unused commands, suggesting that it was still under development. Employing a proxy feature…

Malware & Threats

Chinese ‘Volt Typhoon’ hackers take aim at US critical infrastructure

Issued by: Panda Security

Hackers allegedly connected to the People’s Liberation Army in China are responsible for a series of recent attacks on critical infrastructure in the USA, according to a report first published in the Washington Post. The attacks on tens of sensitive sites were on locations of extreme importance. Locations such as Hawaii, Guam, the West Coast,…