Category: malware

Auto Added by WPeMatico

Malware Hidden in Call of Duty Cheating Software

Posted on By infossl
games, hacking, malware, privilege escalation, Security technology, social engineering, Uncategorized

News article: Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.) While the report doesn’t mention which forum they were posted … Read More “Malware Hidden in Call of Duty Cheating Software” »

System Update: New Android Malware

Posted on By infossl
android, cyberweapons, gps, malware, Security technology, Uncategorized

Researchers have discovered a new Android app called “System Update” that is a sophisticated Remote-Access Trojan (RAT). From a news article: The broad range of data that this sneaky little bastard is capable of stealing is pretty horrifying. It includes: instant messenger messages and database files; call logs and phone contacts; Whatsapp messages and databases; … Read More “System Update: New Android Malware” »

On Not Fixing Old Vulnerabilities

Posted on By infossl
malware, patching, Security technology, Uncategorized, vulnerabilities

How is this even possible? …26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 2013­2017, which indicates a lack of recent software updates,” the reported stated. 26%!? One in four networks? … Read More “On Not Fixing Old Vulnerabilities” »

Mysterious Macintosh Malware

Posted on By infossl
apple, computer security, malware, Security technology, Uncategorized

This is weird: Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload on any of the infected 30,000 machines, leaving the malware’s ultimate goal unknown. The lack … Read More “Mysterious Macintosh Malware” »

Twelve-Year-Old Vulnerability Found in Windows Defender

Posted on By infossl
malware, microsoft, patching, Security technology, Uncategorized, vulnerabilities, windows

Researchers found, and Microsoft has patched, a vulnerability in Windows Defender that has been around for twelve years. There is no evidence that anyone has used the vulnerability during that time. The flaw, discovered by researchers at the security firm SentinelOne, showed up in a driver that Windows Defender — renamed Microsoft Defender last year … Read More “Twelve-Year-Old Vulnerability Found in Windows Defender” »

Dependency Confusion: Another Supply-Chain Vulnerability

Posted on By infossl
malware, Security technology, supply chain, Uncategorized, vulnerabilities

Alex Birsan writes about being able to install malware into proprietary corporate software by naming the code files to be identical to internal corporate code files. From a ZDNet article: Today, developers at small or large companies use package managers to download and import libraries that are then assembled together using build tools to create … Read More “Dependency Confusion: Another Supply-Chain Vulnerability” »

Malicious Barcode Scanner App

Posted on By infossl
android, malware, Security technology, ukraine, Uncategorized

Interesting story about a barcode scanner app that has been pushing malware on to Android phones. The app is called Barcode Scanner. It’s been around since 2017 and is owned by the Ukrainian company Lavabird Ldt. But a December 2020 update included some new features: However, a rash of malicious activity was recently traced back … Read More “Malicious Barcode Scanner App” »

Vaccine for Emotet Malware

Posted on By infossl
cybersecurity, malware, Security technology

Interesting story of a vaccine for the Emotet malware: Through trial and error and thanks to subsequent Emotet updates that refined how the new persistence mechanism worked, Quinn was able to put together a tiny PowerShell script that exploited the registry key mechanism to crash Emotet itself. The script, cleverly named EmoCrash, effectively scanned a … Read More “Vaccine for Emotet Malware” »

Business Email Compromise (BEC) Criminal Ring

Posted on By infossl
cybercrime, email, hacking, malware, phishing, russia, Security technology

A criminal group called Cosmic Lynx seems to be based in Russia: Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior executives at large organizations and corporations in 46 countries. Cosmic Lynx specializes in topical, tailored … Read More “Business Email Compromise (BEC) Criminal Ring” »