malware Archives - Heimdal Security Blog

Cybersecurity Basics | QUICK READ

What Is Malvertising?

How It Works and How to Protect Yourself.

Cybersecurity News | QUICK READ

Dridex Malware Installed With the Help of Log4j Vulnerability

The Log4j Vulnerability Is Apparently Being Used to Infect Windows Devices with the Dridex Trojan and Linux Devices with Meterpreter.

Cybersecurity News | QUICK READ

Credit Card Swipers Injected into WordPress Plugins

The New Trend Could Allow Hackers to Access the Websites.

Cybersecurity News | QUICK READ

Emotet Is Dropping Cobalt Strike

In this Way, the Malicious Actors Could Obtain Immediate Network Access.

Cybersecurity News | QUICK READ

Excel XLL Add-ins Are Pushing a Password-stealing Malware

RedLine Malware Is Able to steal Cookies, User Names, and Passwords, and Other Data Stored in Web Browsers.

Cybersecurity News | QUICK READ

Former Ubiquiti Employee Charged with Data Theft

The Former Developer Was Charged for Trying to Extort Ubiquity.

Cybersecurity News | QUICK READ

Fake Adobe Windows App Installer Packages Are Distributing the Emotet Malware

The Malicious Actors Are Infecting Systems by Using a Built-in Feature Called App Installer.

Cybersecurity News | QUICK READ

We Might Be Seeing Some New Scams This Black Friday

It Looks Like the Cybercriminals Adjusted Their Scams for Black Friday 2021.

Cybersecurity News | QUICK READ

A Microsoft MSHTML Exploited By Hackers

The Malicious Actors Are Using the Bug to Steal Google and Instagram Credentials.

Cybersecurity News | QUICK READ

US Securities and Exchange Commission Is Warning Investors

A Warning Was Issued About Possible Impersonation Attacks

Cybersecurity News | QUICK READ

Who Is Behind the Comeback of Emotet?

Conti Ransomware Gang Seems to Be Responsible for Emotet’s Rebirth.

Cybersecurity News | QUICK READ

Linux Malware and Web Skimmer Deployed on E-commerce Servers

The Attackers Are Deploying a Linux Backdoor on Compromised E-commerce Servers.

Cybersecurity News | QUICK READ

BrazKing Is Making a Comeback

The Android Malware Has Returned as a Banking Trojan.

Cybersecurity News | QUICK READ

Microsoft Exchange and Fortinet Vulnerabilities Exploited by Iranian APT

CISA Warns Regarding the Malicious Cyber Assault.

Cybersecurity News | QUICK READ

New Emotet Spam Campaigns Hard at Work

It Looks Like the Emotet Malware Is Making a Comeback.

Cybersecurity News | QUICK READ

Cryptomining Malware Targets Alibaba ECS Instances

Crytomining Malware Strikes Again.

Cybersecurity News | QUICK READ

Emotet Malware Appears to Be Back in Business

The Malware Is Apparently Rebuilding Its Botnet Through TrickBot.

Cybersecurity News | QUICK READ

Hackers Breached Aruba Central

The Hewlett Packard Enterprise Confirmed the Hack.

Cybersecurity News | QUICK READ

Hackers-for-hire from Void Balaur Are Selling Stolen Mails and Personal Information

The Hackers Are Using Russian Underground Forums in Order to Gain More Traction.

Cybersecurity News | QUICK READ

The Mekotio Banking Trojan Is Apparently Back in Business

The Banker Trojan, aka Metamorfo Is Back With a Tweaked Code and a Stealthy Campaign.

Cybersecurity News | QUICK READ

The 'Trojan Source' Attack Method Allows the Injection of Vulnerabilities Into Open-Source Code

A New Attack Method Is Apparently Allowing the Injecting of Vulnerabilities into the Source Code of a Software Project.

Cybersecurity News | QUICK READ

Snake Malware Used in Multiple Campaigns

The Malware Is Sold on Dark Web Forums for $25.

Cybersecurity News | QUICK READ

New Malware Dubbed AbstractEmu Goes Undetected

It Roots Android Devices and Has Detection Evasion Capabilities.

Cybersecurity News | QUICK READ

Personal Information Belonging to 400,000 German Students Exposed

Scoolio Users Had Sensitive Information Exposed Due to an API Flaw in the Platform.

Cybersecurity News | QUICK READ

Squirrelwaffle Malware Used to Drop Cobalt Strike

The New Malware Is Currently Spreading in the Wild.

Cybersecurity News | QUICK READ

Iranian Gas Stations Unable to Operate After Massive Cyberattack

The Cyberattack Affected the Entire Distribution Network.

Cybersecurity News | QUICK READ

A Well-Known NPM Library Was Hijacked

The UA-Parser-JS NPM Library Was Hijacked and Used to Install Password-stealers and Miners on Unsuspecting Users’ Terminals.

Cybersecurity News | QUICK READ

YouTube Used to Push Password-Stealing Malware

The Nefarious Attackers Are Creating YouTube Videos in an Attempt to Distribute Password-stealing Trojans.

Cybersecurity Basics | QUICK READ

Case Study: How Can Heimdal™'s Next-Gen Antivirus Help You Stay Safe?

What Can You Do to Stop Scammers from Infiltrating Your Network.

Cybersecurity News | QUICK READ

Malicious Accounts that Targeted Security Researches Were Suspended by Twitter

The Compromised Accounts Impersonated Also Security Researchers.

Cybersecurity News | QUICK READ

Harvester Malicious Group Is Going After Telcos

The State-Backed Hackers Use a Custom Malware.

Cybersecurity News | QUICK READ

Newly Discovered Malware Infects Linux Systems

FontOnLake Is a New Malware that Is Infecting Linux Systems by Making Use of the Trojanized Utilities.

Cybersecurity News | QUICK READ

ShellClient Malware Used against Aerospace and Telco Firms

This Malware is a Previously Undocumented Remote Access Trojan (RAT).

Cybersecurity News | QUICK READ

New Pegasus Scanner Used to Infect Windows

The Spyware Could be Used by the Threat Actors to Drop a Less-known Remote Access Tool Called Sarwent.

Cybersecurity News | QUICK READ

Windows Boot Manager Hijacked by FinFisher Malware

The Malware Can Now Infect Windows Devices Using a UEFI Bootkit.

Cybersecurity News | QUICK READ

Malware Developers Are Working on Tricking Windows Validation

The Developers Were Spotted While Creating Malformed Code Signatures.

Cybersecurity News | QUICK READ

$200M Lost in Illegal Phone Unlocking Scheme

A Pakistani Fraudster Received 12 Years in Prison After Coordinating a Seven-Year Scheme Causing AT&T to Lose $200M.

Cybersecurity News | QUICK READ

A Version of Linux Cobalt Strike Beacon Is Being Used in Ongoing Attacks

This Is an Unofficial Version Created by Unknown Threat Actors from Scratch.

Cybersecurity News | QUICK READ

Microsoft Fixed a Bug That Was Allowing Hackers to Take Over Azure Containers

The Vulnerability Found Allowed a Malicious Container to Take Over Other Containers.

Cybersecurity News | QUICK READ

The Ongoing Office 365 Zero-Day Attacks Have a Temporary Fix

The Fix Can Mitigate a Remote Code Execution Vulnerability that Exists in Windows.

Cybersecurity News | QUICK READ

Alleged TrickBot Developer Arrested

A Russian That Presumably Worked for the TrickBot Malware Gang Was Recently Arrested in South Korea.

Cybersecurity News | QUICK READ

Windows 11 Alpha-Themed Docs Are Used to Deliver a New Malware

The New Malware Uses a Windows 11 Theme to Lure Recipients Into Activating Malicious Code.

Cybersecurity News | QUICK READ

Software Company Autodesk Also Targeted by the Hackers Behind the SolarWinds Attack

Autodesk Confirmed They Were One of the Targeted Companies by the Russian State Hackers.

Cybersecurity News | QUICK READ

FTC Bans Spyfone From Surveillance Business

Spyfone Was Banned as It Failed to Protect Customers’ Devices From Hackers.

Cybersecurity News | QUICK READ

LockBit Leaked Data Belonging to Bangkok Airways

Bangkok Airways Confirmed Being a Victim of a Cyberattack that Compromised Personal Data of Passengers.

Cybersecurity News | QUICK READ

Boston Public Library Hit by Cyberattack

The Attack Caused a System-Wide Technical Outage.

Cybersecurity News | QUICK READ

A New AdLoad Malware Variant Could Go Unnoticed by Apple's XProtect Defenses

The AdLoad Malware Variant is Apparently Slipping Through Apple’s YARA Signature-Based XProtect Built-in Antivirus Tech.

Cybersecurity News | QUICK READ

Raccoon Malware Updated To Extract Cryptocurrency from Its Victim’s Computer

Raccoon Malware Can Collect Passwords, Cookies, and the “Autofill” Text for Websites, Including Credit Card Information.

Cybersecurity News | QUICK READ

A MacOS Malware Is Stealing Telegram Accounts and Google Chrome Data

It Seems That a MacOS Malware Strain Is Stealing Login Information From Multiple Apps.

Cybersecurity News | QUICK READ

Fake Windows 11 Installers Distribute Malware on Your Computer

Threat Actors Have Floated Several Malware-Riddled Fake Installers Disguised as Windows 11.

Cybersecurity News | QUICK READ

A Stealthy Malware Found on Hacked Pulse Secure Devices

CISA Released an Alert Regarding Multiple Malware Samples Found on Exploited Pulse Secure Devices.

Cybersecurity News | QUICK READ

MosaicLoader Malware Uses SEO Poisoning to Infect Software Pirates' Systems

This New Malware Evades Detection by Hiding in Windows Defender Exclusions.

Cybersecurity News | QUICK READ

Hancitor Is Using Well-Known Tricks to Spread Malware

Hancitor Has Been Using Cookies to Prevent URL Scraping.

Cybersecurity News | QUICK READ

WildPressure Campaign Goes On With One More Hit: Mac Malware Version Targets Mac OS Systems

Mac OS Systems Are Targeted by an Upgrade of Milum, the Trojan that Gained Popularity In the Middle East Oil & Gas Industry in 2019.

Cybersecurity News | QUICK READ

Bandidos Malware Targets Corporate Networks in Latin America

The Threat Actor’s Main Targets Are Corporate Networks in South America Spanning Across Manufacturing, Construction, Healthcare, Software Services, and Retail Sectors.

Cybersecurity News | QUICK READ

A Fake Kaseya Security Update Is 'Backdooring' Networks Using Cobalt Strike

The Malicious Actors Are Pushing Cobalt Strike Payloads Disguised as Kaseya VSA Security Updates.

Cybersecurity News | QUICK READ

A New Threat Advertises Malicious Privacy Tools as Security Enhancers

A New Threat Tries to Take Advantage of People by Using a Fake Website that Is Claiming To Provide Enhanced Security.

Cybersecurity News | QUICK READ

Netfilter Rootkit Malware Infiltrates Into Microsoft’s Security Systems: the Gaming Community Targeted

A Malignant Driver, Known as Netfilter Rootkit Malware, Affects the Gaming Industry. Microsoft Admitted Signing It by Mistake Because of System Security Issues.

Cybersecurity News | QUICK READ

Ransomware Attack Hits Foodservice Distributor Edward Don

The Attack Forced the Company to Shut Down Some of Its Operations to Prevent the Infection’s Spread.

Cybersecurity News | QUICK READ

Gelsemium Cyberspies Linked to NoxPlayer Supply-Chain Attack

Researchers Believe That Gelsemium Is Responsible for the Supply-Chain Attack Against Bignox, Previously Reported as Operation Nightscout.

Cybersecurity News | QUICK READ

FreakOut Malware Adds New Functionalities

Windows and Linux Devices Are Now Being Targeted by A Multi-Platform Python-Based Malware That Has Been Upgraded to Worm Its Way into Internet-Exposed VMware vCenter Servers.

Cybersecurity News | QUICK READ

Russian Hackers Are Using 4 New Malware Families

A Russian Hacking Group Has Used New Malware Families in Recent Phishing Attacks Impersonating the United States Agency for International Development (USAID).

Cybersecurity News | QUICK READ

Apple Fixes MacOS Vulnerability Exploited by XCSSET Malware

The Flaw Allows Threat Actors to Bypass Apple’s TCC Protections Which Safeguard Privacy.

Cybersecurity News | QUICK READ

Long-Lasting Malware Bot Phorpiex Adapts and Has New Ways of Deployment

As It Is Reaching More And More Victims Across the Globe, the Botnet With A Long-Lasting History Seems to Be Thriving.

Cybersecurity News | QUICK READ

Banking Trojan Bizarro Targets Customers with Spear-Phishing Campaigns

The Attackers Use Advanced Social Engineering Tricks to Lure the Victims into Providing Data Related to Their Online Banking Accounts.