Search cyberveille.decio.ch

Found 39 bookmarks

Custom sorting

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail

A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro.

#thehackernews #EN #2024 #GitHub #FileZilla #AMOS #impersonating #software #1Password #fake

·thehackernews.com·May 25, 2024

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting

In mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as APK, EXE and Inno setup installer that includes Spy and Stealer capabilities. Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices from cyber-attacks. The hosted websites made to look legitimate are listed below.

#trellix #EN #2024 #fake #antivirus #AV #malicious #research

·trellix.com·May 25, 2024

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting

New Go loader pushes Rhadamanthys stealer

A malicious ad for the popular admin tool PuTTY leads victims to a fake site that downloads malware.

#malwarebytes #EN #2024 #PuTTY #malicious #fake #Go #Rhadamanthys

·malwarebytes.com·Mar 25, 2024

New Go loader pushes Rhadamanthys stealer

RATs Distributed Through Skype, Zoom, & Google Meet Lures

Threat actors are creating and using fake Skype, Zoom, and Google Meet pages to spread RATs.

#zscaler #EN #2024 #fake #Skype #Zoom #meet #RAT #Lures

·zscaler.com·Mar 6, 2024

RATs Distributed Through Skype, Zoom, & Google Meet Lures

Fake LastPass App Sneaks Past Apple's Review Team

Popular password management app LastPass is warning customers about a fraudulent app that uses a similar name and icon to attempt to trick LastPass...

#macrumors #EN #2024 #App-Store #LastPass #fake #fraudulent

·macrumors.com·Feb 12, 2024

Fake LastPass App Sneaks Past Apple's Review Team

X is being flooded with graphic Taylor Swift AI images

Fake sexually explicit images of Taylor Swift have been circulating on X over the last day in the latest example of the proliferation of AI-generated pornography.

#theverge #EN #2024 #Taylor-Swift #X #fake #deepfake #pornography

·theverge.com·Jan 26, 2024

X is being flooded with graphic Taylor Swift AI images

Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware

Arctic Wolf Labs has investigated several cases where ransomware victims are being targeted for follow-on extortion attempts by threat actors who are aware of ransom attack details.

#arcticwolf #2024 #Extortion #Campaign #fake #expert #ransomware #Akira #Royal

·arcticwolf.com·Jan 11, 2024

Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...

#proofpoint #EN #2023 #BattleRoyal #DarkGate #RAT #fake #fake-updates #RogueRaticate

·proofpoint.com·Dec 22, 2023

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

Amazon sues group that fakes returns so people can get free MacBooks - The Verge

Amazon sues REKK, which allegedly helped shoppers get other expensive items for free by hacking and bribing fulfillment center employees to approve fake returns.

#theverge #2023 #EN #Amazon #REKK #fake #MacBook

·theverge.com·Dec 11, 2023

Amazon sues group that fakes returns so people can get free MacBooks - The Verge

Jamf Threat Labs: Fake Lockdown Mode proof of concept

JTL security researchers discover how Lockdown Mode on iOS can be manipulated by a threat actor on compromised or jailbroken iPhones to trick users into believing that their device is protected by Lockdown Mode when in reality when in fact, it's not.

#jamf #EN #2023 #Lockdown #Mode #iOS #jailbroken #fake

·jamf.com·Dec 6, 2023

Jamf Threat Labs: Fake Lockdown Mode proof of concept

ClearFake Malware Analysis | malware-analysis

There are several malicious fake updates campaigns being run across thousands of compromised websites. Here I will walk through one with a pattern that doesn’t match with others I’ve been tracking. This campaign appears to have started around July 19th, 2023. Based on a search on PublicWWW of the injection base64 there are at least 434 infected sites. I’m calling this one ClearFake until I see a previously used name for it. The name is a reference to the majority of the Javascript being used without obfuscation. I say majority because base64 is used three times. That’s it. All the variable names are in the clear, no obfuscation on them. One noticeable difference from SocGholish is that there appears to be no tracking of visits by IP or cookies. As an analyst you can you go back to the compromised site over and over coming from the same IP and not clearing your browser cache. This also means the site owner is more likely to see the infection as well.

#rmceoin #EN #2023 #fake #updates #campaigns #browsers #ClearFake #analysis

·rmceoin.github.io·Nov 22, 2023

ClearFake Malware Analysis | malware-analysis

Atomic Stealer distributed to Mac users via fake browser updates | Malwarebytes

Compromised websites are being used to redirect to fake browser updates and deliver malware onto Mac users.

#malwarebytes #EN #2023 #macos #Stealer #fake #browser #updates

·malwarebytes.com·Nov 22, 2023

Atomic Stealer distributed to Mac users via fake browser updates | Malwarebytes

FakeUpdateRU Chrome Update Infection Spreads Trojan Malware

Learn about the fake Google Chrome update malware, a common form of website malware that tricks users into downloading a remote access trojan disguised as a browser update. Understand how it works, its impact on websites, and how to protect your site from such threats. Stay updated on the latest malware trends with Sucuri.

#sucuri #EN #2023 #Google #Chrome #update #malware #fake #analysis

·blog.sucuri.net·Oct 30, 2023

FakeUpdateRU Chrome Update Infection Spreads Trojan Malware

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code.

#unit42 #EN #2023 #PoC #fake #CVE-2023-40477 #VenomRAT #malicious

·unit42.paloaltonetworks.com·Sep 19, 2023

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

Fake Security Researcher GitHub Repositories Deliver Malicious Implant

VulnCheck discovers a network of fake security researcher accounts promoting hidden malware.

#vulncheck #EN #2023 #fake #researcher #malware #GitHub #Repositories #Implant

·vulncheck.com·Jun 15, 2023

Fake Security Researcher GitHub Repositories Deliver Malicious Implant

Russian Radio Stations Hacked, Fake Putin Message Announcing Invasion of Russia Broadcast

The voice, very similar to President Putin’s, also announced martial law, general mobilisation and the evacuation of civilians in three regions bordering Ukraine.

#kyivpost #EN #2023 #Radio #russia-ukraine-war #fake #Broadcast #Putin

·kyivpost.com·Jun 5, 2023

Russian Radio Stations Hacked, Fake Putin Message Announcing Invasion of Russia Broadcast

Review and analysis of fake Trezor cryptowallet

Fake hardware cryptowallet, and how bitcoins were stolen from it.

#kaspersky #EN #2023 #hardware-wallet #trezor #fake #scam #hardware #wallet

·kaspersky.com·May 15, 2023

Review and analysis of fake Trezor cryptowallet

AI deepfake 'news anchors' found in pro-China footage on social media, research firm says - Hong Kong Free Press HKFP

The “news broadcasters” appear stunningly real, but they are AI-generated deepfakes in first-of-their-kind propaganda videos that a research report published Tuesday attributed to Chinese state-aligned actors. The fake anchors — for a fictious news outlet called Wolf News — were created by artificial intelligence software and appeared in footage on social media that seemed to […]

#hongkongfp #EN #2023 #broadcasters #China #fake #WolfNews #AI-generated #deepfakes

·hongkongfp.com·Feb 9, 2023

AI deepfake 'news anchors' found in pro-China footage on social media, research firm says - Hong Kong Free Press HKFP

Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs

We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures.

#trendmicro #EN #2023 #malware #endpoints #research #Cryptocurrency #campaign #Fake #Jobs

·trendmicro.com·Feb 9, 2023

Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware

#SANS #EN #2023 #googleads #Fake #Notepad #Aurora #Stealer #malware

·isc.sans.edu·Jan 18, 2023

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots

Users of underground forums start sharing malware coded by OpenAI’s viral sensation and dating scammers are planning on creating convincing fake girls with the tool. Cyber prognosticators predict more malicious use of ChatGPT is to come.

#forbes #EN #2023 #Cybercriminals #Fake #Girl #Bots #deepweb #openAI #ChatGPT

·forbes.com·Jan 7, 2023

Armed With ChatGPT, Cybercriminals Build Malware And Plot Fake Girl Bots

Google ads lead to fake software pages pushing IcedID (Bokbot)

Fake sites for popular software have occasionally been used by cyber criminal groups to push malware. Campaigns pushing IcedID malware (also known as Bokbot) also use this method as a distribution technique (we also commonly see IcedID sent through email).

#SANS #EN #2022 #googleads #bokbot #fake #software #ads #abusing #delivery #IceID

·isc.sans.edu·Dec 18, 2022

Google ads lead to fake software pages pushing IcedID (Bokbot)

Fake Ransomware Infection Under widespread

Cyble Research and Intelligence Labs analyzes Fake ransomware, a destructive malware capable of wiping out system drives.

#cyble #EN #2022 #Fake #Ransomware #dell.exe #Analysis

·blog.cyble.com·Oct 10, 2022

Fake Ransomware Infection Under widespread

Fake CISO Profiles on LinkedIn Target Fortune 500s

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may…

#krebsonsecurity #2022 #EN #CISO #LinkedIn #fake #profiles

·krebsonsecurity.com·Oct 8, 2022

Fake CISO Profiles on LinkedIn Target Fortune 500s

Sharkbot is back in Google Play

Authored by Alberto Segura (main author) and Mike Stokkel (co-author) Introduction After we discovered in February 2022 the SharkBotDropper in Google Play posing as a fake Android antivirus and cleaner, now we have detected a new version of this dropper active in the Google Play and dropping a new version of Sharkbot.This new dropper doesn't…

#fox-it #EN #2022 #sharkbot #SharkBotDropper #GooglePlay #antivirus #cleaner #fake

·blog.fox-it.com·Sep 5, 2022

Sharkbot is back in Google Play

Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads

We reveal how hackers have begun leveraging fake DDoS protection pages to trick users into downloading remote access trojans (RATs) onto their computers.

#sucuri #EN #2022 #fake #DDoS #protection #lure #Wordpress #RAT

·blog.sucuri.net·Aug 21, 2022

Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads

Fake sites stealing Steam credentials

Recently, the Zscaler ThreatLabZ team came across multiple fake Counter-Strike: Global Offensive (CS:GO) skin websites aimed at stealing Steam credentilsa.

#Zscaler #2020 #EN #stealing #BitB #Steam #Fake #credentials

·zscaler.com·Mar 28, 2022

Fake sites stealing Steam credentials

AI deepfake 'news anchors' found in pro-China footage on social media, research firm says - Hong Kong Free Press HKFP