Security News
The number of devices infected with data-stealing malware in 2023 was 9.8 million, a sevenfold increase over the same figure for 2020, according to new research from Kaspersky Digital Footprint Intelligence. The data was obtained from log files that record the activities of "Infostealers." Infostealers are a type of malware that covertly extracts data from infected devices without encrypting it.
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents...
Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in...
A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. The method enables SoumniBot to evade standard security measures found in Android phones and perform info-stealing operations.
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot,...
The U.S. Cybersecurity and Infrastructure Security Agency has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA. Malware Next-Gen is a malware analysis platform that examines malware samples for suspicious artifacts. "The Cybersecurity and Infrastructure Security Agency announces today a new release of our malware analysis system, called Malware Next-Gen, which allows any organization to submit malware samples and other suspicious artifacts for analysis," reads the announcement.
A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot. Accessing the shortcut file triggered PowerShell to run a remote script.
Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024. "Historically, Raspberry...
Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The...
Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. Users downloading files from those repositories become infected with malware hidden within Visual Studio project files and stealthily executed during the project build.