Malware

Malware / News Briefs

Emergency Patch Issued for Samba, WannaCry-type Bug Exploitable with One Line of Code

The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability.

WikiLeaks Releases CIA Malware Implants Called Assassin and AfterMidnight

The recent heavy news coverage of WannaCry has overshadowed the latest WikiLeaks release of critical CIA malware documentation: user manuals for two hacking tools named AfterMidnight and Assassin.

WannaCry Ransomware Cyberattack Spreading to Countries Across the World, 45K Attacks Reported So Far

Security researchers are reporting a massive attack today, dubbed "WannaCry", which has reached 45,000 attacks in 74 countries around the world so far, mostly in Russia.

WikiLeaks Releases CIA Documents on Grasshopper Framework for Building Customized Malware Payloads

WikiLeaks on Friday released a new set of leaks -- Vault 7 "Grasshopper" -- containing 27 documents from the CIA's Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems.

‘Avalanche’ Network Dismantled in an International Cyber Operation Including Europol and the FBI

After over four years of investigation, the international criminal infrastructure platform known as 'Avalanche' is reported to have been dismantled via a collaborative effort involving Public Prosecutor's Office Verden and the Lüneburg Police (Germany) in close cooperation with the United States Attorney's Office for the Western District of Pennsylvania, the Department of Justice and the FBI, Europol, Eurojust and global partners.

Germany’s Leading ISP Deutsche Telekom Under Cyberattack, Close to 900K Customers Affected

Close to a million Deutsche Telekom customers have had trouble getting online since Sunday afternoon which the company on Monday confirmed to be the result of an "outside" attack.

Several Models of Android Devices Discovered Collecting and Transmitting Sensitive Personal Data

Several models of Android mobile devices discovered containing firmware that collect sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent.

There are Reports of Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks, NGOs

In the wake of the 2016 United States Presidential Election, not even six hours after Donald Trump became the nation's President-Elect, an advanced persistent threat (APT) group launched a series of coordinated and well-planned spear phishing campaigns.

U.S. Department of Transportation Issues Federal Cybersecurity Guidance to Automotive Industry

U.S. Department of Transportation issues Federal guidance to the automotive industry for improving motor vehicle cybersecurity. The guidance covers cybersecurity best practices for all motor vehicles, individuals and organizations manufacturing and designing vehicle systems and software.

Over 3.2 Million Debit Cards May Have Been Compromised, Says National Payment Corporation of India

A total of 3.2 million debit cards across 19 banks may have been compromised as a result of a suspected malware attack. The breach, possibly largest of its kind in India, was confirmed by the National Payment Corporation of India (NPCI) in a statement today.

New Trojan Used in High Level Financial Attacks, Multiple Banks Attacked

Since January 2016, discreet campaigns involving malware called Trojan.Odinaff have targeted a number of financial organizations worldwide, warned Symantec Security Response team on Tuesday.

IoT Botnet Source Code Responsible for Historic Attack Has Been Publicly Released

The source code for the IoT botnet 'Mirai' has been released," warns security expert Brian Krebs whose own website was targeted with the same botnet resulting in the historically large DDoS attack last month.

Clothing Retailer Eddie Bauer Confirms Point-Of-Sale Malware, All US, Canadian Stores Infected

In a press release yesterday evening, retailer Eddie Bauer confirmed a point-of-sale malware infection suspected by some sources as early as beginning of last month.

Reports Provide Details on ‘Project Sauron’ Malware, Highly Advanced, Remained Hidden for 5 Years

"Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state," reports Dan Goodin in Ars Technica.

Kazakhstan Using Malware Against Journalists, Political Activists, Lawyers

Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF).