malware Archives - Page 14 of 57 - Cyber Security Minute

Alleged Ukrainian Hacker in US Court After Extradition From Poland

Issued by: Security Week

Yaroslav Vasinskyi, 22, was extradited to the United States from Poland on March 3, the Justice Department said, and made an initial appearance in a court in the Northern District of Texas. Vasinskyi was arrested in Poland in October as part of a global operation against ransomware attacks. The arrests were linked to the Russian-based…

Malware & Threats

U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool

Issued by: Security Week

In a blog post published on Tuesday, cybersecurity research and incident response company Mandiant said it became aware of the campaign in May 2021, when it was called in to investigate an attack on a U.S. state government network. An analysis revealed that the attack had likely been carried out by a Chinese state-sponsored threat…

Malware & Threats

Mobile Malware Attacks Dropped in 2021 but Sophistication Increased

Issued by: Security Week

The cybersecurity firm’s products detected nearly 3.5 million malicious installation packages on mobile devices in 2021, far less than the 5.7 million detected in the previous year. However, it’s worth noting that the number recorded in 2021 is almost exactly the same as in 2019. A majority of these infection attempts targeted users in Asian…

Vulnerabilities

Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network

Issued by: Trend Micro Blog

Coinminers are one of the more profitable types of malware for malicious actors, and they require little maintenance once installed on a victim’s device. The malicious actor can have a coinminer masquerade itself as a legitimate app, trick susceptible users into running it on their systems, and just wait for the profits to roll in….

Application Security

Darktrace Artificial Intelligence Stops Cyberattack at Italian Electronics Distributor

Issued by: Dark Reading

Darktrace, a global leader in cyber security AI, today announced that its Autonomous Response technology, Antigena, successfully took action to stop a cyber-attack exploiting a GitLab vulnerability for the purposes of running crypto-mining malware at a major Italian electronics distributor. The GitLab vulnerability, which has been well reported, allows attackers to run arbitrary commands, including…

Malware & Threats

FBI Warns of BlackByte Ransomware Attacks on Critical Infrastructure

Issued by: Security Week

Available as a Ransomware-as-a-Service (RaaS), BlackByte has been used in attacks against US and foreign businesses, including in critical infrastructure sectors such as government, financial, and food and agriculture, the FBI and USSS warn. BlackByte operators recently claimed to have obtained financial data from the San Francisco 49ers as a result of an attack that…

Vulnerabilities

Mac Malware-Dropping Adware Gets More Dangerous

Issued by: Dark Reading

The latest version of a Mac Trojan called UpdateAgent, aka WizardUpdate, provides fresh evidence of the growing effort that some threat actors are putting into targeting Apple technologies. The malware, which impersonates legitimate software, such as support agents and video software, first surfaced in September 2020. It is commonly distributed via drive-by downloads or pop-ups…

Malware & Threats

TianySpy Malware Uses Smishing Disguised as Message From Telco

Issued by: Trend Micro Blog

It has been some time since SMS or text messaging has become a means to spread mobile malware. In September 2021, Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The chain is triggered by a smishing message that appears to be sent from a telecommunications company. It is…

Malware & Threats

Ukraine Attack: Hackers Had Access for Months Before Causing Damage

Issued by: Security Week

Tens of Ukrainian government websites were hacked earlier this month, many of them defaced with messages suggesting the attack was in response to the country’s pro-Western stance. Ukraine has blamed Russia for the attack, but the Kremlin has denied the accusations. The attack involved a new and destructive piece of malware that has been named…

Malware & Threats

Multi-Factor Authentication Bypass Led to Box Account Takeover

Issued by: Security Week

Because of the vulnerability – which was addressed in November 2021 – an attacker only needed stolen credentials to access an organization’s Box account and steal sensitive data, provided that the account has SMS-based MFA enabled (which has long been proven insecure). Box, which claims that close to 100,000 companies use its platform, allows users…