Internet threat news

MetaStealer Targets Intel-Based Macs

Following the publication of new research by security firm Sentinel One, a new infostealer has been seen in the wild. Titled MetaStealer, not to be confused with another info-stealer, META, targets Intel-based MacOS systems.

Flax Typhoon Adopts Living-of-the-Land Binaries

According to a recent report published by Microsoft, a series of attack campaigns targeting organizations in Taiwan.

Security researchers at the Redmond tech giant have attributed the attacks to an advanced persistent threat actor tracked by Microsoft as Flax Typhoon.

BlackCat Ransomware Seen Dropping Impacket and RemCom

According to Microsoft’s Threat Intelligence Team, a new version of the BlackCat ransomware, also tracked as ALPHV, has been seen dropping the Impacket networking framework and the Remcom hacking tool during the infection process.

Both the framework and the hacking tool can be used by threat actors to better spread laterally across a compromised network.

Raccoon Stealer Returns With Even Stealthier Version

At PCRisk, we have closely followed the trials and tribulations associated with the Raccoon Stealer spyware, also often referred to as an info stealer. The last time we covered the topic was when Raccoon Stealer 2.0 emerged.

Russian Missile Manufacturer Breached By North Korean Hackers

Based on a recent report published by Sentinel Labs, it seems North Korean state-sponsored hackers are fine with targeting critical infrastructure within an ally's borders.

The report shows that the North Korean government is prepared to target allies supporting its contentious missile program, including a Russian missile manufacturer.

Russian APT Group Seen Targeting Victims Over Microsoft Teams

Microsoft's Threat Intelligence team detected a series of highly targeted credential theft phishing attacks that sent lures sent as Microsoft Teams chats.

Threat Actor Bahamut Uses Fake Android Chat App To Steal Signal, WhatsApp Data

According to a new report by security firm CYFIRMA, a known Indian threat group tracked as Bahamut is distributing a fake Android app called "Safe Chat" to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.

Further, the malware is capable of stealing data from other messaging apps, including WhatsApp, Telegram, Facebook Messenger, Signal and Viber.

NoEscape Ransomware Starts Where Avaddon Left Off

In June 2023, yet another new player was detected on the ransomware scene, dubbed NoEscape; it is now widely believed to be a successor to the previously shut-down Avaddon ransomware.

New Illicit Cryptocurrency Report A Mixed Bag - Ransomware Still Breaking Records

Every year, Chainalysis publishes its crypto crime report, which focuses on tracking illicit cryptocurrency flows associated with cybercrime. Every year it makes for exciting reading, and 2023 is no different.

European Government Agencies Targeted In SmugX Campaign

New research from security firm Check Point shows Chinese Threat Actors actively targeting European government agencies with a focus on embassies and foreign affairs ministries in a campaign used to distribute SmugX.

Free Akira Ransomware Decryptor Released To The Public

Security firm Avast has released a free decryptor for those impacted by the Akira ransomware. The decryptor can help victims recover their data without paying the ransom, and Avast has released decryptors for both 64-bit and 32-bit Windows operating systems.

DDoS Malware Distributed Through Compromised Linux SSH Servers

According to a recent report by AhnLab Security Emergency Response Center (ASEC), researchers discovered an attack campaign by an unknown threat actor using poorly managed Linux SSH servers to distribute Tsunami DDoS, a distributed-denial-of-service malware, along with several other malware strains to carry out different tasks on compromised machines.

Rhysida Ransomware Used In Attack On The Chilean Army

The threat actors behind one of the ransomware's newest kids on the block Rhysida have announced they will leak documents belonging to the Chilean Army. This comes after the Army confirmed that systems were impacted in a security incident detected over the weekend on May 27, 2023.

Pirated Windows 10 Downloads Used to Distribute Clipper Malware

According to a new report by Doctor Web, pirated versions of Windows 10 are being used to distribute clipper malware. Interestingly, the malware is hidden in EFI partitions to evade detection.


Page 1 of 51

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal