Tag: Malware

CISA Unveils Ransomware Notification Initiative
News

CISA Unveils Ransomware Notification Initiative

A new initiative to help businesses swiftly patch vulnerabilities targeted by ransomware attackers has been revealed by the Joint Cyber Defense Collaboration (JCDC) and the US Cybersecurity and Infrastructure Security Agency (CISA). Businesses might potentially drive out threat actors by receiving early alerts from the Pre-Ransomware Notification Initiative before they can encrypt data and systems and demand a ransom in exchange for access. Since January 2023, CISA has alerted more than 60 institutions about early-stage ransomware incursions using its proactive cyber protection capacity read more CISA Unveils Ransomware Notification Initiative. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threa...
Google flags apps made by popular Chinese e-commerce giant as malware
News

Google flags apps made by popular Chinese e-commerce giant as malware

Google revealed on Monday that it has classified a number of apps developed by a major Chinese e-commerce company as potentially harmful, informed users who had them installed, and suspended the firm's main app. Pinduoduo, a burgeoning e-commerce behemoth with around 800 million active users, has been accused by numerous Chinese security researchers of creating Android apps that contain malware intended to monitor users. The off-Play versions of this program that have been discovered to contain malware have been enforced on via Google Play Protect read more Google flags apps made by popular Chinese e-commerce giant as malware. Stay up-to-date with the latest cybersecurity news and increase your cybersecurity awareness through ReconBee.com‘s in-depth coverage of the newest threats...
Chinese SilkLoader Malware Sold to Russian Cyber Criminals
News

Chinese SilkLoader Malware Sold to Russian Cyber Criminals

A piece of malware designed to load Cobalt Strike beacons onto victim machines has been traced back to both Chinese and Russian threat actors. Finnish security vendor WithSecure claimed in a new report that it detected “SilkLoader” in several human-operated intrusions that were likely the precursor to a ransomware attack. The malware uses DLL sideloading to load the beacons, which are commonly used in such attacks read more Chinese SilkLoader Malware Sold to Russian Cyber Criminals. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
FakeCalls Android Malware Targets Financial Firms in South Korea
News

FakeCalls Android Malware Targets Financial Firms in South Korea

A new Android voice phishing (vishing) malware tool has been discovered that targets victims in South Korea by pretending to be 20 of the country's top financial institutions. The software, dubbed "FakeCalls" by the Check Point Research (CPR) team, lures victims with false loans and asks them to confirm their credit card information so that their information can be taken. "FakeCalls malware boasts the functionality of a Swiss army knife, able not only to conduct its primary purpose but also to take private data read more Fake Calls Android Malware Targets Financial Firms in South Korea. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Hadoken Security Group Upgrades Xenomorph Mobile Malware
Risk, Security

Hadoken Security Group Upgrades Xenomorph Mobile Malware

A fresh version of the Xenomorph Security experts at ThreatFabric have identified an Android banking virus and dubbed it Xenomorph. C. According to a business alert released earlier today, the variant, created by the threat actor known as Hadoken Security Group, represents a significant improvement over the malware previously seen by ThreatFabric. According to the technical report, "This new version of the malware adds many new capabilities to an already feature-rich Android Banker, most notably the introduction of a very extensive runtime engine powered by Accessibility services, which is used by actors to implement a complete ATS read more Hadoken Security Group Upgrades Xenomorph Mobile Malware. Stay informed with the best cybersecurity news and raise your cybersecurity awaren...
Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks
Resources, Risk, Security

Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

For the first time since December 2022, the Remcos Trojan is back on Check Point Software's top ten list of the most desired malware (in position 8). The most recent report, which the business released earlier today, claims that threat actors utilized Remcos extensively in February to conduct phishing operations against Ukrainian government agencies. The research report makes clear that, generally, there were 44% fewer weekly attacks on Ukraine between October 2022 and February 2023 read more Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
GoDaddy Announces Source Code Stolen and Malware Installed in Breach
Resources, Risk, Security

GoDaddy Announces Source Code Stolen and Malware Installed in Breach

GoDaddy, a web hosting firm, has disclosed that malware was planted on its servers by an unauthorized person, resulting in the sporadic redirection of client websites. The business stated in a blog post on Thursday that it began receiving a small number of customer complaints about its websites being intermittently rerouted in early December 2022. "After the intrusion was confirmed, we remedied the situation and put security measures in place to try to stop further infections." GoDaddy continued by saying that after consulting with law authorities read more GoDaddy Announces Source Code Stolen and Malware Installed in Breach. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news. ...
Lokibot AgentTesla Grow in January 2023’s Most Wanted Malware List
Risk, Security

Lokibot AgentTesla Grow in January 2023’s Most Wanted Malware List

According to Check Point's Global Threat Index report for January 2023, AgentTesla is back in the top three spots on the list of the Most Wanted Malware for January 2023 after falling to ninth place in December 2022. The Lokibot info stealer has also advanced significantly, moving up the ranking from not even making the top 10 to second. Furthermore, the data-stealer Vidar, which was seen spreading through phony domains purporting to be connected with remote desktop software provider AnyDesk, has re-entered the top 10 list following an upsurge in incidents of "brandjacking." To drive users to a single IP address posing as the legitimate AnyDesk website, the malware employed URL jacking for a number of well-known applications Check Point read more Lokibot AgentTesla Grow in January ...
Israel’s Technion university targeted with ransomware
Risk, Security

Israel’s Technion university targeted with ransomware

Technion University, the leading technology university in Israel, was attacked by a ransomware group going by the name of DarkBit. Technion - Israel Institute of Technology, the nation's foremost center for technical research, was attacked by the previously unheard-of group DarkBit. Attackers are requesting 80 bitcoins (more than $1.7 million) from the university in order to return stolen data. Researchers at vx-underground and CyberIL were able to retrieve a ransom note that suggests the attackers may have political motivations given the message's references to the university's alleged offenses. When this article was written, the university's website was down. The university confirmed the incident and stated that Technion experts read the complete article Israel’s Technion unive...
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
Risk, Security

New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool

The threat actors have responded with an upgraded version of ESXiArgs ransomware that encrypts more data after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a decryptor for affected victims to recover from ESXiArgs ransomware attacks. A system administrator posted information on the new variant on an online forum where another user said that files greater than 128 MB will have 50% of their data encrypted, making the recovery process more difficult. Another significant modification is the removal of the Bitcoin address from the ransom message read the complete article New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool. Stay informed and stay ahead of the game with the latest cybersecurity news and trends at ReconBee.com.