A naukri.com initiative
Malware News
Neuways
1M
163
Image Credit: Neuways
The Microsoft Digital Defence Report: Facing Increasing Cyber Threats
- The Microsoft Digital Defence Report reveals that over 600 million cyber attacks are launched daily against organizations, critical infrastructure, and individuals worldwide.
- Password-based attacks and MFA evasion remain concerning, with identity-related attacks dominating the landscape.
- Nation-state actors and cybercriminal groups are forming alliances, making critical infrastructure more vulnerable to state-sponsored attacks.
- Ransomware continues to be a major threat, with human-operated attacks surging and becoming a potent political weapon.
Read Full Article
9 Likes
Securityaffairs
1M
199
Image Credit: Securityaffairs
Veeam Backup & Replication exploit reused in new Frag ransomware attack
- A critical flaw, CVE-2024-40711, in Veeam Backup & Replication has been exploited to deploy Frag ransomware.
- Sophos researchers warned about the exploitation of the vulnerability, which allowed the creation of rogue accounts and malware deployment.
- Veeam released security updates in September 2024, fixing 18 high and critical severity flaws. The most severe one was the CVE-2024-40711 impacting Veeam Backup & Replication.
- Threat actors exploited the Veeam vulnerability to spawn net.exe and create a local account named 'point' to deploy ransomware such as Fog and Akira. Sophos recently found instances of Frag ransomware being deployed through the same exploit.
Read Full Article
11 Likes
TechJuice
1M
262
Image Credit: TechJuice
Effective Ways to Detect and Eliminate Malware from Your Android Device
- Detecting and removing malware promptly is essential to maintaining the health and security of your device.
- Identifying and eliminating malware while providing preventive measures can keep your Android device safe.
- Methods to detect malware on Android include checking for software updates, identifying sideloaded apps, looking for suspicious apps, and monitoring your phone’s temperature and data usage.
- You need to beware of pop-ups and ads, as frequent pop-ups or redirects typically indicate the presence of malware.
- Monitoring battery usage and checking for administrative privileges can also help you detect malware.
- Scanning with antivirus apps such as Google Play Protect and removing malware manually by booting into safe mode, disabling administrative privileges and uninstalling infected apps can help eliminate malware.
- Preventive measures to avoid malware infections include downloading apps only from trusted sources, avoiding clicking suspicious ads, installing a trusted antivirus app, and using a VPN for Android.
- Consistently monitoring the behavior of your phone and adhering to sound security practices, you can guarantee the security of your device and achieve a sense of tranquility.
Read Full Article
15 Likes
Securityaffairs
1M
163
Image Credit: Securityaffairs
Texas oilfield supplier Newpark Resources suffered a ransomware attack
- Texas oilfield supplier Newpark Resources suffered a ransomware attack.
- The attack disrupted access to information systems and business applications.
- The company activated its cybersecurity response plan and launched an investigation.
- Manufacturing and field operations remain largely unaffected.
Read Full Article
9 Likes
Cybersecurity-Insiders
1M
231
Image Credit: Cybersecurity-Insiders
American Oilfield supplier Newpark Resources hit by ransomware attack
- Newpark Resources, a Texas-based company providing essential tools and services to the oil and gas industry, as well as the construction sector, was recently targeted in a ransomware attack that disrupted its financial and operational analytics systems.
- The attack, which occurred on October 29, 2024, partially crippled the company’s internal systems for a period, affecting its ability to function at full capacity.
- Newpark Resources acted swiftly to mitigate the impact. The company immediately notified the U.S. Securities and Exchange Commission (SEC) of the incident and activated its incident response team, which took prompt action to neutralize the threat and contain the damage.
- Newpark Resources reassured its stakeholders that the ransomware incident had been contained and that recovery efforts were ongoing.
- The timing of the attack especially raised concerns among cybersecurity experts as it occurred just one week before the 2024 U.S. elections, a period when many companies, including Newpark Resources, experience reduced staff levels due to the approaching holiday season, making businesses more vulnerable to cyber threats.
- Many high-profile ransomware attacks have impacted major players in recent years, endorsing the increasing sophistication of cybercriminals and evolving tactics they employ to infiltrate businesses.
- While no specific ransomware group has yet claimed responsibility for the Newpark Resources attack, cybersecurity experts are speculating that the Rhysida ransomware gang may be behind it.
- Investigators are continuing to gather evidence, and the full scope of the attack, as well as the identity of the perpetrators, remains unclear.
- The attack on Newpark Resources is a stark reminder of the ever-present threat of ransomware and the vulnerabilities that can exist in even the most well-established companies.
- Businesses must remain vigilant and ensure they have robust security measures in place to protect against such threats. Proactive cybersecurity measures are essential in mitigating the risks posed by modern cyber threats.
Read Full Article
13 Likes
Securityintelligence
1M
108
Image Credit: Securityintelligence
SpyAgent malware targets crypto wallets by stealing screenshots
- A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes
- The malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.
- Heatbleed affected servers still vulnerable, two years on.
- Users receive text messages prompting them to download seemingly legitimate apps.
- The SpyAgent malware gets to work once users take the bait and install the app.
- These phrases are too long to easily remember, users often take screenshots for future reference.
- The malware has been making the rounds in South Korea, with more than 280 APKs affected.
- There are also indications that attackers may be preparing to expand into the United Kingdom.
- While cryptocurrency recovery phrases are the top priority for SpyAgent, using OCR tech means that any picture is up for grabs.
- The message here is simple: If it’s on your phone, it’s never entirely safe.
Read Full Article
6 Likes
Cybersecurity-Insiders
1M
358
Image Credit: Cybersecurity-Insiders
New Malware “ToxicPanda” Targets Android Devices to Steal Banking Information
- ToxicPanda, a newly discovered malware, is specifically designed to steal sensitive financial information from Android phone users. It disguises itself as legitimate applications, making it difficult for users to detect. It has been found in the Google Play Store under popular apps like Chrome and WhatsApp. ToxicPanda primarily targets users with older versions of the Android operating system.
- Once installed, ToxicPanda can monitor a user’s actions on the device, steal sensitive information, and intercept SMS messages and one-time passcodes that are commonly used in online banking security.
- Security experts predict an uptick in ToxicPanda attacks during the busy holiday season. Attackers may deceive more users into downloading malicious software by masquerading as legitimate shopping apps or holiday-themed services.
- Google’s protections have robust features, yet ToxicPanda has still managed to infect over 1,500 Android devices so far. However, security experts advise that users should keep their devices up to date and download apps from trusted sources only to avoid major security risks like sideloading.
- Other steps that users can take to lower the risk of encountering ToxicPanda or other types of malware include avoiding suspicious links and prompts, enabling Multi-Factor Authentication (MFA), and monitoring financial accounts regularly.
- The rise of malware like ToxicPanda serves as a reminder of the importance of cybersecurity vigilance in the mobile ecosystem.
- As always, if you suspect your Android device has been compromised, take immediate action to remove suspicious apps and change login credentials. Staying informed and proactive is the best defense against these ever-evolving digital threats.
Read Full Article
21 Likes
BGR
1M
267
Image Credit: BGR
One of the scariest malware threats is now targeting Windows gamers
- Windows gamers are the latest target in the Winos4.0 campaign.
- The malware is hiding within gaming-related applications, such as speed boosters.
- Winos4.0 can take over the computer, giving hackers full control of the system.
- To avoid Winos4.0, be cautious of the source of your downloads.
Read Full Article
16 Likes
Securityaffairs
1M
68
Image Credit: Securityaffairs
DPRK-linked BlueNoroff used macOS malware with novel persistence
- SentinelLabs observed North Korea-linked threat actor BlueNoroff targeting businesses in the crypto industry with a new multi-stage macOS malware called 'Hidden Risk.'
- The attackers used fake cryptocurrency news emails and a malicious app disguised as a PDF document to initiate the attack.
- The malware exploits a novel persistence method through the zshenv configuration file, bypassing macOS notifications and enhancing its stealthiness.
- The campaign is attributed to BlueNoroff, known for targeting the crypto and Web3 sectors, and demonstrates their adaptability and refinement in attack methods.
Read Full Article
4 Likes
Securityaffairs
1M
395
Image Credit: Securityaffairs
Memorial Hospital and Manor suffered a ransomware attack
- A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, disrupting access to its Electronic Health Record system.
- The hospital identified the attack after antivirus software flagged potential risks and launched an internal investigation.
- Operations were unaffected, but staff had to switch to pen and paper for patient information recording.
- The Embargo ransomware gang claimed responsibility for the attack, stealing 1.15 terabytes of data.
Read Full Article
23 Likes
Cybersecurity-Insiders
1M
331
Image Credit: Cybersecurity-Insiders
Schneider Electric ransomware attack to cost $125k and more in Baguettes
- A cybercriminal group known as Hellcat ransomware has attacked Schneider Electric, a French energy management company.
- The group claims to have stolen approximately 60GB of data and is demanding a ransom of $125,000 in the cryptocurrency Baguettes.
- Initial investigations suggest that the stolen data may be outdated and less valuable to the company.
- The Hellcat ransomware group is known for targeting high-profile organizations and using double extortion tactics.
Read Full Article
19 Likes
Siliconangle
1M
9
Image Credit: Siliconangle
Ransomware gang demands ransom payment in Schneider Electric data breach: baguettes
- French multinational firm Schneider Electric SE has been breached and data stolen.
- The ransomware gang Hellcat is demanding a payment of $62,500 USD in baguettes.
- Schneider Electric confirmed the breach and is investigating the cybersecurity incident.
- If the ransom is not paid by November 7th, Hellcat threatens to release the stolen data.
Read Full Article
Like
Securityaffairs
1M
63
Image Credit: Securityaffairs
ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy
- The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions.
- ToxicPanda has infected thousands of devices across Italy, Portugal, Spain, and Latin America, targeting 16 banks.
- The malware uses On-Device Fraud (ODF) techniques to bypass bank security measures and initiate account takeovers.
- Experts speculate that Chinese-speaking individuals may be behind the malware campaign, indicating a potential shift or expansion in their operational focus.
Read Full Article
3 Likes
Socprime
1M
291
Image Credit: Socprime
Stealthy Strela Stealer Detection: Info-Stealing Malware Resurfaces with Enhanced Capabilities to Target Central and Southwestern Europe
- Security researchers have discovered a stealthy campaign targeting users in Central and Southwestern Europe with a credential stealer called Strela.
- The malware, deployed via phishing emails, uses obfuscated JavaScript and WebDAV to evade detection.
- Strela Stealer has enhanced its capabilities over the past two years, enabling it to covertly steal sensitive data from unsuspecting users.
- Mitigation measures include strict access controls on WebDAV servers and restricted execution of PowerShell and other scripts.
Read Full Article
17 Likes
Siliconangle
1M
200
Image Credit: Siliconangle
City of Columbus acknowledges data theft after lawsuit against security researcher
- The City of Columbus, Ohio, has acknowledged that the details of over 500,000 individuals were stolen in a cyberattack.
- The cyberattack occurred after the city was targeted by the Rhysida ransomware gang, who claimed responsibility for the attack and stole 6.4 terabytes of data.
- Initially, the city claimed the leaked data was encrypted, but a security researcher disputed this claim and shared unencrypted examples of the leaked data.
- The city filed a lawsuit against the security researcher, but later dropped the case after acknowledging the data breach and reaching an agreement with the researcher.
Read Full Article
12 Likes
For uninterrupted reading, download the app