malware

Ransomware-as-a – Service (RaaS, ransomware as a service) is a distribution model for specialized malware that includes all stages: from development to retail implementation via the Darknet and other sales channels. Cryptographers that are used in RaaS can completely paralyze the company's work...

How did the authors of the "resurrected" downloader surprise researchers this time? The developers of the ZLoader malware, which recently resumed its activity after a two-year hiatus, have implemented a number of new features inspired by the Zeus banking Trojan. Santiago Vicente, a researcher...

As part of the recent AgentTesla malware distribution campaign, which was reviewed in detail by SonicWall specialists, attackers used VBA macros in Word documents to conduct a file-less injection attack, in which the malicious load is loaded directly into the computer's RAM. The malicious...

Unit42 Palo Alto Network has discovered a new version of PlugX, which is able to infect and spread via USB devices, replacing ANDROMEDA and Raspberry Robin. Malicious files are hidden using a new technique that works even in the latest Windows OS. The user will not know that their USB device is...

The cybercrime group Fancy Bear, which in the West is associated with Russia, took advantage of a vulnerability in the Windows print service component to load a previously unknown malware into the system — goosegg. This malware has been active since June 2020 and uses an already fixed bug that...

A resident of the capital faces up to five years in prison. The Federal Security Service of Russia has stopped the activities of a Muscovite who distributed malicious software using the Telegram messenger. According to the special services, a Muscovite born in 1990 was detained, who was...

During the implementation of operational search activities of the Federal Security Service of Russia in the Samara region, a resident of the region was identified who was involved in the creation, use and distribution of malicious software in order to neutralize anti-virus protection tools. It...

Now the tool is available not only for the government, but also for private companies. CISA has announced the launch of a new malware analysis system, Malware Next — Gen, which allows organizations to analyze malware samples and other suspicious artifacts. The service is now available for...

Who were the mysterious "Gods" and "Bignosa", and how did the researchers manage to calculate them? A recent comprehensive study conducted by Check Point sheds light on the dark side of cyberspace, revealing the activities and identities of attackers using the Agent Tesla malware. Agent Tesla...

File sharing sites are becoming a new attack vector on Israeli companies. The information security company Proofpoint has discovered a new phishing campaign of the Iranian group MuddyWater, during which legitimate software for remote monitoring and management of Atera is distributed among...

How the ambassadors who decide to participate in the tasting, please in the clutches of spies. An unknown hacker group, dubbed SPIKEDWINE, attacks ambassadors from a number of European countries where Indian diplomatic missions operate. To achieve their goals, attackers use a new malicious...

The Chinese company Acemagic admitted that some of its products were delivered with pre-installed malware. The company explains that they just wanted to reduce the download time and made changes to the Microsoft source code for this purpose. In early February 2024, youtuber The Net Guy...

AI forces you to rethink your defense strategies. A Los Alamos National Laboratory research team has made a significant breakthrough in cybersecurity, using artificial intelligence to improve malware analysis on a large scale. The developed approach made it possible to significantly advance in...

The new generation of malware is aimed not at bypassing detection, but at completely destroying the protection of enterprises. Over the past year, the number of incidents aimed at disabling corporate protection has significantly increased in cyberspace. This is stated in the annual report Red...

Even the most inexperienced users can no longer be afraid of scammers. Google launching a new pilot program to combat financial fraud, which aims to block the installation of external APKs that request access to risky permissions. APK or Android Package is a file format used for distributing...

FBI officials said they were able to eliminate the KV botnet used by hackers from the Chinese group Volt Typhoon (aka Bronze Silhouette, DEV-0391, Insidious Taurus and Vanguard Panda) to evade detection during attacks that target critical US infrastructure. It is reported that Volt Typhoon used...

Phishing attacks in Russia are reaching a new level of sophistication. F. A. C. C. T warns of a new wave of targeted phishing attacks on users of state-owned online services in Russia. The attackers send fake emails allegedly from the Ministry of Digital Development of Russia with a request to...

Why should you be careful when installing PyPI packages? The Fortinet FortiGuard Labs team found malicious packages in the Python Package Index (PyPI) repository that deliver the WhiteSnake Stealer infostiler to Windows systems. Packages containing malware are called nigpal, figflix, telerer...

Attackers bypass antivirus programs and permanently gain a foothold in their victims systems. The Slovak company ESET discovered the activities of a previously unknown group of hackers associated with China, and assigned it the code name Blackwood. The group has been active since 2018 and...

Attackers bypass antivirus programs and permanently gain a foothold in their victims ' systems. The Slovak company ESET discovered the activities of a previously unknown group of hackers associated with China, and assigned it the code name Blackwood. The group has been active since 2018 and...