Here you will find all the articles with the tag: malware.
The move intends to bypass Microsoft security restrictions and infect more targets. Emotet is a notorious malware botnet that has historically been distributed through Microsoft Word and Excel attachments that contain malicious macros. If a user opens the attachment and enables macros, a DLL w... Read more
7 days ago
Users of mobile devices are increasingly at risk of phishing when they scan fraudulent QR codes. There are also more and more compromised PDF, ZIP and IMG files in circulation and the number of malvertising campaigns is increasing. This is according to HP Wolf Security in a recent study. The stu... Read more
11 days ago
North Korean state hackers are behind a new phishing campaign targeting security researchers. This was discovered by researchers at Mandiant. According to the security provider, North Korean hackers UNC2970 have been conducting a campaign targeting security researchers since last June. With the ... Read more
14 days ago
Companies are often behind on device patch management. This is one of the findings from research by Jamf into the most important threats to devices in the workplace that occurred in the past year. A very important risk is that patch management on corporate (mobile) devices is not in order. A... Read more
14 days ago
The effort aims to stop attackers from abusing various Office document formats as an infection vector. The company has announced that Excel will block untrusted XLL add-ins by default in Microsoft 365 tenants worldwide. Excel XLL files are dynamic-link libraries (DLLs) that expand the functional... Read more
19 days ago
Business-grade DrayTek routers are under attack by the Hiatus malware campaign. The successfully attacked routers are transformed into "listening posts" that can intercept email and steal files. Security experts at Lumen note that the Hiatus malware campaign has been active since July 2022. The ... Read more
20 days ago
A recent mass infection of nearly 11,000 websites has been discovered by security firm Sucuri. The websites in question use WordPress as their CMS (Content Management System) and have a malicious script injected into legitimate files, including "index.php" and "wp-cron.php." This script acts as ... Read more
1 month ago
Security researchers warn that cybercriminals have started using OneNote attachments in phishing emails to infect victims with remote access malware, allowing attackers to steal passwords and even cryptocurrency wallets. The tactic isn't new, as attackers have been sending malware through malici... Read more
2 months ago
Researchers warn that hackers can use GitHub Codespaces to host and deliver malware. According to a new report from Trend Micro, threat actors can abuse the port forwarding feature in GitHub Codespaces to host and distribute malware and malicious scripts. GitHub Codespaces became widely avai... Read more
2 months ago
A threat actor has uploaded three malicious packages to the PyPI (Python Package Index) repository. The packages reportedly drop info-stealing malware on developers' systems. The threat is significant, according to BleepingComputer, as PyPI is the most widely used repository for Python package... Read more
2 months ago
