Free Republic 2nd Qtr 2021 Fundraising Target: $88,000 Receipts & Pledges to-date: $85,538
Woo hoo!! And we’re now over 97%!! Less than $2.5k to go!! Thank you all very much!! God bless.

Keyword: malware

Brevity: Headers | « Text »
  • Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser data

    05/13/2021 7:22:23 AM PDT · by ShadowAce · 19 replies
    ZDNet ^ | 13 May 2021 | Liam Tung
    Microsoft has issued an alert over a remote access tool (RAT) dubbed RevengeRAT that it says has been used to target aerospace and travel sectors with spear-phishing emails. RevengeRAT, also known as AsyncRAT, is being distributed via carefully crafted email messages that prompt employees to open a file masquerading as an Adobe PDF file attachment that in fact downloads a malicious visual basic (VB) file. Security firm Morphisec recently flagged the two RATs as part of a sophisticated Crypter-as-a-Service that delivers multiple RAT families.SEE: Network security policy (TechRepublic Premium)According to Microsoft, the phishing emails distribute a loader that then delivers...
  • Stealthy Linux backdoor malware spotted after three years of minding your business

    04/30/2021 8:55:20 AM PDT · by ShadowAce · 34 replies
    The Register ^ | 29 April 2021 | Thomas Claburn
    Chinese security outfit Qihoo 360 Netlab on Wednesday said it has identified Linux backdoor malware that has remained undetected for a number of years.The firm said its bot monitoring system spotted on March 25 a suspicious ELF program that interacted with four command-and-control (C2) domains over the TCP HTTPS port 443 even though the protocol used isn't actually TLS/SSL."A close look at the sample revealed it to be a backdoor targeting Linux X64 systems, a family that has been around for at least three years," Netlab researchers Alex Turing and Hui Wang said in an advisory.An MD5 signature for the...
  • WikiLeaks Vault 7 Marble: Latest Leaks Show CIA Ability To Hide Origins Of Attack

    03/31/2017 4:55:39 PM PDT · by markomalley · 9 replies
    International Business Times ^ | 3/31/17 | AJ Dellinger
    WikiLeaks continued its ongoing release of documents from the CIA Friday with a collection of files detailing the agency’s ability to obscure its activities and make it difficult for investigators to attribute the origins of attacks and hacking.The latest release from what WikiLeaks calls Vault 7 is titled “ Marble ” and contains documentation of files that are purportedly part of the CIA Core Library of malware code. WikiLeaks describes Marble as part of the CIA’s “anti-forensics approach.” The name “Marble” refers to a specific algorithm that scrambles and unscrambles data.Marble is one of the more technical releases that WikiLeaks...
  • China Used Secret Microchip to Spy on US Computers

    02/15/2021 9:50:10 AM PST · by Navy Patriot · 48 replies
    NewsSmacks ^ | February 15, 2021
    In 2010, the U.S. Department of Defense found thousands of its computer servers sending military network data to China — the result of code hidden in chips that handled the machines’ startup process. In 2014, Intel Corp. discovered that an elite Chinese hacking group breached its network through a single server that downloaded malware from a supplier’s update site. And in 2015, the Federal Bureau of Investigation warned multiple companies that Chinese operatives had concealed an extra chip loaded with backdoor code in one manufacturer's servers.
  • FireEye Identifies Killswitch for SolarWinds Malware as Victims Scramble to Respond

    12/20/2020 2:00:33 PM PST · by ATOMIC_PUNK · 15 replies ^ | 12 16 2020 | Jai Vijayan
    White House National Security Council establishes unified group to coordinate response across federal agencies to the threat. FireEye, which last Sunday disclosed a compromise at network management software vendor SolarWinds that allowed an unknown attacker to distribute malware to potentially thousands of organizations, has identified a killswitch that it says would prevent the malware from operating on infected networks. But in networks where the attackers might have already deployed additional persistence mechanisms, the killswitch will not remove the threat from victim networks, according to the security vendor. FireEye on Sunday said that an investigation it was conducting into a breach...
  • Trickbot trojan found to now have the ability to modify a computer's UEFI

    12/04/2020 8:35:07 AM PST · by BenLurkin · 48 replies
    Tech Xplore ^ | 12/04/2020 | Bob Yirka
    A combined team of security experts from Advanced Intelligence and Eclypsium has announced that the Trickbot trojan malware now has the ability to modify a computer's Unified Extensible Firmware Interface—the interface between the firmware on a computer motherboard and the computer's operating system—in this case, Microsoft Windows. Trickbot has been in the news of late due to its advanced capabilities. It has a modular design and is notable for its ability to gain administrative capabilities on infected computers. The entities behind the creation of the trojan are believed to be criminals in Russia and North Korea, and they have used...
  • Justice Department And Indian Authorities Announce Enforcement Actions Against Technical-Support Fraud Scheme Targeting Seniors

    10/16/2020 10:07:48 AM PDT · by ransomnote · 11 replies ^ | October 15, 2020 | Department of Justice
    First Parallel Action by U.S. and Indian Governments Against Elder Fraud A federal court has ordered an individual and 5 companies to stop engaging in a technical-support fraud scheme that is alleged to have defrauded hundreds of elderly and vulnerable U.S. victims, the Department of Justice announced today. The temporary restraining order issued by the court follows the filing of a complaint by the United States, which seeks both preliminary and permanent injunctions to prevent the defendants from further victimizing U.S. consumers.  The complaint filed by the Civil Division’s Consumer Protection Branch and the U.S. Attorney’s Office for the Southern...
  • Report: U.S. Cyber Command Behind [countering] Trickbot Tricks

    10/13/2020 6:58:52 AM PDT · by daniel1212 · 8 replies ^ | Oct 10 | Krebson security.
    A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. On October 2, KrebsOnSecurity reported that twice in the preceding ten days, an unknown entity that had inside access to the Trickbot botnet sent all infected systems a command telling them to disconnect themselves from the Internet servers the Trickbot overlords used to control compromised Microsoft...
  • Why You Should Stop Using Other People’s iPhone Cables (Wow)

    09/22/2020 4:37:11 PM PDT · by cba123 · 66 replies
    Forbes ^ | A few days ago | Zak Doffman
    If, like many others, you think nothing of borrowing a friend or colleague’s charging cable, or plugging into a spare one in the office, or even asking for one from a hotel reception desk, then here’s something that might give you pause. How do you fancy an iPhone charging cable that looks like an Apple original and acts like one as well, but which will tap into a connected device and steal all its secrets, and which has its own radio transmitter to send all that stolen data over the air to a waiting attacker.
  • Garmin services and production go down after ransomware attack

    07/24/2020 10:55:04 AM PDT · by higgmeister · 20 replies
    ZDNet .com ^ | 7/23/20 | Catalin Cimpanu
    Smartwatch and wearables maker Garmin has shut down several of its services on July 23 to deal with a ransomware attack that has encrypted its internal network and some production systems. The company is currently planning a multi-day maintenance window to deal with the attack's aftermath, which includes shutting down its official website, the Garmin Connect user data-syncing service, Garmin's aviation database services, and even some production lines in Asia.
  • Here we go again – more than two dozen Android apps caught stealing your data

    07/07/2020 9:30:25 AM PDT · by BenLurkin · 20 replies
    BGR ^ | 07/07/2020 | Andy Meek
    Evina, a French cybersecurity firm, disclosed this news in recent weeks, with its report that a single threat group developed the batch of apps that were made to look like everything from wallpaper and flashlight apps to mobile games. However, all the apps had the same goal, as Evina explains in its report of the fraud. “When an application is launched on your phone, the malware queries the application name,” the company explains. “If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which...
  • A Multinational Tech Company Installed Software To Pay Taxes In China, Then Discovered Malware Inside

    06/25/2020 7:43:36 PM PDT · by SeekAndFind · 8 replies
    Hotair ^ | 06/25/2020 | John Sexton
    This report from NBC News never names the multinational corporation involved but it is not a Chinese company. However because it does do business in China, it was required to pay local taxes. A Chinese bank asked the company to install a piece of software to facilitate paying those taxes, but within hours the company’s entire system had been compromised with sophisticated software. The tax software was legitimate, but embedded inside it was a nasty surprise, according to a new report by a private security firm: A sophisticated piece of malware that gave attackers complete access to the company’s...
  • PSA: Terrible people are running a phishing campaign with fake Covid-19 stats

    05/24/2020 8:08:58 AM PDT · by BenLurkin · 1 replies
    PCGamer ^ | 22 May 2020 | By Paul Lilly
    Security researchers at Microsoft say they have seen a "steady increase" in unsolicited email attachments containing malicious Excel 4.0 macros. It is part of a "massive campaign" to infect PCs with malware under the guise of providing current statistics related to Covid-19. Phishing scams are nothing new by any stretch, but according to Microsoft (via ZDNet), this latest campaign only started around a week ago "and has so far used several hundreds of unique attachments." "The emails purport to come from Johns Hopkins Center bearing 'WHO COVID-19 SITUATION REPORT'. The Excel files open w/ security warning & show a graph...
  • Hackers posed as Egyptian oil contractor in apparent spy campaign ahead of OPEC meeting

    04/23/2020 1:29:32 PM PDT · by nickcarraway · 1 replies
    Cyberscoop ^ | APR 21, 2020 | Jeff Stone
    Hackers are trying to infect organizations throughout the world with a popular strain of malware by sending emails that appear to be from an Egyptian oil company. In research published Tuesday, Romanian antivirus company BitDefender noted a surge in attempted phishing attacks that try to trick users into downloading malware by masquerading as Enppi, an oil company owned by the Egyptian government. The malware, known as Agent Tesla, is a spyware tool which enables hackers to monitor keystrokes, steal data about file downloads and collect username and password credentials from internet browsers, among other capabilities. The number of attacks spiked...
  • Microsoft uses its expertise in malware to help with fileless attack detection on Linux

    02/25/2020 8:32:01 AM PST · by dayglored · 34 replies
    The Register ^ | Feb 25, 2020 | Richard Speed
    Aw, how generous Hey, Linux fans! Microsoft has got your back over fileless threats. Assuming you've bought into the whole Azure Security Center thing.Hot on the heels of a similar release for Windows (if by "hot" you mean "nearly 18 months after") comes a preview aimed at detecting that breed of malware that inserts itself into memory before attempting to hide its tracks.A fileless attack tends to hit via a software vulnerability, inject a stinky payload into an otherwise fragrant system process and then lurk in memory. The malware also attempts to remove any trace of itself on disk, which...
  • what to scan PC with

    02/03/2020 6:32:51 AM PST · by conservativesister · 38 replies
    In the past I've always used Malwarebytes and SpyBot to scan my computer. Recently Malwarebytes doesn't pickup anything, probably because I use the free. Looking to replace Malwarebytes.....any suggestions. THX
  • Chinese woman caught at Mar-a-Lago with malware was apparently asked to target Clintons: docs

    10/03/2019 11:17:34 PM PDT · by knighthawk · 14 replies
    Fox News ^ | October 03 2019 | Vandana Rambaran
    A Chinese businesswoman who was convicted of trespassing at President Trump's Mar-a-Lago resort in Florida earlier this year had been urged by her handler to target other famous figures including the Clintons and billionaire businessman Warren Buffett, court documents say. Yujing Zhang, 33, who is scheduled to be sentenced on Nov. 22, was caught by Secret Service agents with troves of technology embedded with malware and thousands of dollars in cash after she claimed that she was at Trump's prestigious club to attend a “United Nations friendship event” that had apparently been canceled. Her bizarre behavior and backstory led to...
  • Am I Screwed If I Don't Upgrade Windows 7 by January 15? (*Spoiler*: Well, it depends...)

    01/13/2020 9:11:43 AM PST · by dayglored · 79 replies
    LifeHacker ^ | Jan 10, 2020 | David Murphy
    Deadlines are scary. I know. And Microsoft has thrown Windows 7 users a big one: Update to a more modern operating system by January 15, 2020, or you’ll never receive security updates ever again. Eventually, Microsoft will even start disabling key Windows 7 services—like Internet Backgammon and Internet Checkers—throughout the year. I’m being a little lighthearted about this, but Microsoft’s abandonment of Windows 7 is a cause of concern for many. Lifehacker reader Douglas recently wrote in with this question: “I was reading your writeup regarding Windows 7 and I really cannot afford to upgrade at this exact moment. Is...
  • Five Endpoint Attacks Your Antivirus Won’t Catch

    11/18/2019 4:16:44 PM PST · by fireman15 · 17 replies
    Harvard University ^ | 11-13-2019 | Harvard Blockchain Lab
    Fileless attacks allow sophisticated hackers to evade antivirus programs and hide inside legitimate applications and operating systems. According to 2019 Endpoint Security Survey, fileless attacks on endpoints are the biggest concern of security experts. In addition, about 53% of organization experience an increase in endpoint security risks. Endpoints are the access point into your data, credentials, environment, and probably your entire organization. Vulnerable endpoints allow attackers to steal data, access your network, and execute ransomware attacks. This article explains how attackers have improved their strategies to bypass traditional antivirus, putting your system at risk. 1. Cryptomining Malware Cryptomining tools convert...
  • Symantec antivirus crashes something again. This time Chrome 78 browsers

    10/26/2019 1:09:05 PM PDT · by dayglored · 33 replies
    ZDNet ^ | Oct 24, 2019 | Catalin Cimpanu
    Fourth time in three months when Symantec's antivirus crashes something. For the fourth time in three months, a Symantec security product is crashing user apps, and this time it's the latest Chrome release, v78, which rolled out earlier this week, on Tuesday, October 22.According to reports on Reddit [1, 2] the Google support forums [1, 2], and in comments on the official Google Chrome blog, Symantec Endpoint Protection 14 is crashing Chrome 78 instances with an "Aw, Snap! Something went wrong while displaying this webpage." error, as seen in the screenshot above.Users have been unable to use Chrome 78 at...