Android threats rise sharply, with mobile malware jumping by 151% since start of year
自2025年初以来,我们已经在Android威胁中看到了几个尖峰。这是保护自己的方法。
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 51
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control Dissecting a Python Ransomware distributed through GitHub repositories SparkKitty, SparkCat’s little brother: A new
Russia-linked APT28 use Signal chats to target Ukraine official with malware
与俄罗斯链接的组APT28使用信号聊天作为攻击向量,以给乌克兰官员提供新的恶意软件菌株。通过俄罗斯与俄罗斯链接的网络行动集团APT28针对乌克兰政府官员,使用信号聊天来提供两种新型的恶意软件,这些恶意软件被跟踪为胡须和苗条。虽然信号本身仍然安全,但攻击者正在利用其在官方[…]
ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
自2025年3月以来,使用有效签名的连接样品的感染和虚假应用已显着增加。我们揭示签约惯例如何使威胁参与者滥用此合法软件来构建和分发自己的签名恶意软件以及安全供应商可以采取什么措施来检测它们。
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet Predator Still Active, with New Client and Corporate Links Identified Thr
Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware
网络钓鱼,Python和Rats,Oh Mya偷偷摸摸的恶意软件活动通过Cloudflare Tunnel subdomains涂上覆盖物,以执行内存的恶意代码,并使未知的攻击者长期访问PWNED机器。
Minecraft cheaters never win ... but they may get malware
冒充作为流行作弊工具的臭素质家正在Githubtrojanized Minecraft作弊工具上播种,该工具秘密安装了偷窃器,当玩家执行时,siphon凭证,加密钱包和其他敏感数据。
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive
DeepSeek installer or just malware in disguise? Click around and find out
'Browservenom'是纯粹的Poisonsussuspped网络犯罪分子为中国AI型号DeepSeek-R1创建了一个假装安装程序,并用以前未知的恶意软件“ Browservenom”加载了它。
Hire me! To drop malware on your computer
fin6从销售点折衷移动到网络招聘人员中的骗局,将脚本翻转为假的IT工人计划,网络犯罪分子在LinkedIn上担任求职者,而实际上是针对招聘人员的招聘者 - 一个小组讨厌的小组比数字骗子稍小一些 - 在Phony Remume Remume Portfolio网站上托管了恶意软件。
44% of people encounter a mobile scam every single day, Malwarebytes finds
新的Malwarebytes Research显示,一个移动骗局至少每周至少发现一次大多数人。财务和情感后果是可怕的。
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 48
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One Attacker exploits misconfigured AI tool to run AI-generated payload Crocodilus Mobile Malware: Evol
U.S. Offers $10M bounty for info on RedLine malware creator and state hackers
美国提供了与Redline恶意软件及其创建者Maxim Rudometov链接的州黑客的最多1000万美元的信息,该信息与对美国基础设施的攻击有关。美国国务院为与红线InfoStealer及其所谓的俄罗斯国家马克西姆[…]
More than a hundred backdoored malware repos traced to single GitHub user
有人竭尽全力捕食下一代Cybercrookssophos,认为一个名为“ Ischhfd83”的人或团体背后有一百多个针对新手网络犯罪分子和视频游戏调销的人,希望获得恶意代码。
Scammers are constantly changing the game, but so are we. Introducing Malwarebytes Scam Guard
随着诈骗者开发利用毫无戒心的用户的新方法,恶意软件正在引入骗局后卫来应对这一新的威胁浪潮。
OtterCookie: Analysis of Lazarus Group Malware Targeting Finance and Tech Professionals
编辑注:当前文章由进攻安全专家兼威胁情报分析师Mauro Eldritch撰写。您可以在X上找到Mauro。看起来像一个简单的自由错误修复是一种成熟的恶意软件感染。 Lazarus Group APT的新工具OtterCookie隐藏了干净的代码和虚假工作报价,然后[...] OtterCookie Post OtterCookie:Lazarus Group Group altake Tagital taginaling Finance and Tech Professionals的分析首先出现在任何.run的网络安全博客上。
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 47
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents Inside a V
China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware
Google说,通过Google日历,通过Google Calendar通过黑客网站针对政府进行了与中国联系的APT41控制恶意软件。 Google警告说,中国链接的APT41用Google日历将ToughProgress恶意软件用作C2,通过折衷的网站针对各种政府实体。 ” 2024年10月下旬,GTIG发现了一个被剥削的政府网站,该网站托管了用于针对多个[…]
