#jobs #incident #vulnerability #patch-management #security-tools #ai #detection-engineering #exploit #malware #cloud #breach #phishing #ransomware #zero-day #authentication
Articles tagged with: #malware Clear filter
Microsoft Warns of Hackers Abuse Teams Features and Capabilities to Deliver Malware

Microsoft Warns of Hackers Abuse Teams Features and Capabilities to Deliver Malware

Cyber Security News cybersecuritynews.com

Microsoft has issued a warning that both cybercriminals and state-sponsored threat actors are increasingly abusing the features and capabilities of Microsoft Teams throughout their attack chains. The platform's extensive adoption for collaboration makes it a high-value target, with its core functions for messaging, calls, and screen-sharing being weaponized for malicious purposes. The extensive collaboration features

#security-tools #incident #malware
Awareness toolkit for your friends and family that keep falling for fake captcha scams... (ClickFix malware delivery)

Awareness toolkit for your friends and family that keep falling for fake captcha scams... (ClickFix malware delivery)

cybersecurity www.reddit.com

I keep seeing posts about people falling for these "paste into win+r" captcha scams so I decided to make a resource with examples to help educate people about the risks of them, how to recognize them and what to do if you fall for one. The site also has demo environments and explanations of how these scams could look like in real life. clickfix-awareness.vercel.app hope this is useful to someone :) submitted by /u/Ordinary-Night9177 [link] [comments]

#malware
Ransomware Gangs Leverage Remote Access Tools to Gain Persistence and Evade Defenses

Ransomware Gangs Leverage Remote Access Tools to Gain Persistence and Evade Defenses

Cyber Security News cybersecuritynews.com

Ransomware operators have shifted from opportunistic malware distribution to highly targeted campaigns that exploit legitimate software for stealth and persistence. Emerging in early 2025, several ransomware families began abusing popular remote access tools - such as AnyDesk and Splashtop - to establish footholds within enterprise networks. By hijacking or silently installing these utilities, adversaries bypass security controls that traditionally

#incident #malware #exploit #ransomware
Researchers Reversed Asgard Malware Protector to Uncover it's Antivirus Bypass Techniques

Researchers Reversed Asgard Malware Protector to Uncover it's Antivirus Bypass Techniques

Cyber Security News cybersecuritynews.com

In recent months, security researchers have turned their attention to Asgard Protector, a sophisticated crypter employed by cybercriminals to obfuscate and deploy malicious payloads. First advertised on underground forums in late 2023, Asgard Protector has gained traction among threat actors for its seamless integration with popular C2 platforms such as LummaC2. By wrapping infostealers and

#malware
Threat Actors Behind WARMCOOKIE Malware Added New Features to It's Arsenal

Threat Actors Behind WARMCOOKIE Malware Added New Features to It's Arsenal

Cyber Security News cybersecuritynews.com

The WARMCOOKIE backdoor first surfaced in mid-2024, delivered primarily via recruiting-themed phishing campaigns that coaxed victims into executing malicious documents. Initially designed as a lightweight implant for remote command execution, its modular codebase enabled rapid adaptation to new objectives. Over the past year, targets have included enterprise networks across multiple regions, with operators exploiting malvertising

#phishing #malware
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

The Hacker News thehackernews.com

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. "XWorm's modular design is built around a core client and an array of specialized components known as plugins," Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis published last week. "These plugins are

#security-tools #malware
Cyber Warfare During Operation Sindoor: Malware Campaign Analysis and Detection Framework

Cyber Warfare During Operation Sindoor: Malware Campaign Analysis and Detection Framework

cs.CR updates on arXiv.org arxiv.org

arXiv:2510.04118v1 Announce Type: new Abstract: Rapid digitization of critical infrastructure has made cyberwarfare one of the important dimensions of modern conflicts. Attacking the critical infrastructure is an attractive pre-emptive proposition for adversaries as it can be done remotely without crossing borders. Such attacks disturb the support systems of the opponents to launch any offensive activities, crippling their fighting capabilities. Cyberattacks during cyberwarfare can not only be...

#security-tools #malware #detection-engineering
Does anyone know or follow someone who posts good cybersecurity project tutorials?

Does anyone know or follow someone who posts good cybersecurity project tutorials?

cybersecurity www.reddit.com

I'm trying to get more hands-on with cybersecurity and want to build out some projects to strengthen my skills. Do you guys follow any YouTubers, GitHub accounts, or blogs that walk through cybersecurity projects step-by-step (like SOC labs, network monitoring setups, malware analysis, etc.)? Looking for creators who actually explain the process, not just "type this command" but why they're doing it. Any recommendations would be appreciated! submitted by /u/hamzaaj13101 [link] [comments]

#malware
LLM-Generated Samples for Android Malware Detection

LLM-Generated Samples for Android Malware Detection

cs.CR updates on arXiv.org arxiv.org

arXiv:2510.02391v1 Announce Type: new Abstract: Android malware continues to evolve through obfuscation and polymorphism, posing challenges for both signature-based defenses and machine learning models trained on limited and imbalanced datasets. Synthetic data has been proposed as a remedy for scarcity, yet the role of large language models (LLMs) in generating effective malware data for detection tasks remains underexplored. In this study, we fine-tune GPT-4.1-mini to produce structured...

#malware #detection-engineering #ai
What is the "bot killer" function in malware?

What is the "bot killer" function in malware?

cybersecurity www.reddit.com

Hello, I heard about malware that had this capability. I received responses related to sandbox detection, but also other responses such as wiping out the competition, and I'm still not entirely sure. submitted by /u/No-Yogurtcloset-7420 [link] [comments]

#malware #detection-engineering
Tool for analyzing obfuscated JavaScript

Tool for analyzing obfuscated JavaScript

cybersecurity www.reddit.com

Complete and sophisticated tool for analyzing obfuscated JavaScript, looking for malware and malicious code. With various analysis techniques for maximum accuracy. Test and give your feedback it is important. submitted by /u/Cautious-Concert-344 [link] [comments]

#security-tools #malware
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

The Hacker News thehackernews.com

A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That's according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has been tracking Detour Dog since August 2023, when

#malware
WhatsApp Targeted By Fast-Spreading Malware Campaign

WhatsApp Targeted By Fast-Spreading Malware Campaign

cybersecurity www.reddit.com

A new malware campaign is using WhatsApp as both a lure and a launchpad. First seen in September 2025, the self-propagating malware known as SORVEPOTEL spreads through phishing messages that contain malicious ZIP files disguised as receipts or budgets. How it works: Victim opens the ZIP, which contains a hidden Windows shortcut. The shortcut executes an encoded PowerShell command. This downloads additional payloads, establishes persistence, and connects to attacker-controlled servers. The...

#phishing #malware
New AmCache EvilHunter Tool For Detecting Malicious Activities in Windows Systems

New AmCache EvilHunter Tool For Detecting Malicious Activities in Windows Systems

Cyber Security News cybersecuritynews.com

AmCache plays a vital role in identifying malicious activities in Windows systems. This tool allows the identification of both benign and malicious software execution on a machine. Managed by the operating system and virtually tamper-proof, AmCache data endures even when malware auto-deletes itself, making it indispensable in incident response. AmCache stores SHA-1 hashes of executed

#security-tools #incident #malware #incident-response
New XWorm V6 Variant Injects Malicious Code into a Legitimate Windows Program

New XWorm V6 Variant Injects Malicious Code into a Legitimate Windows Program

Cyber Security News cybersecuritynews.com

The resurgence of XWorm in mid-2025 marks a significant escalation in malware sophistication. After a lull following the abrupt discontinuation of official support for version 5.6 in late 2024, threat actors unveiled XWorm V6.0 on June 4, 2025. A post on hackforums.net by an account named XCoderTools first announced this release, claiming to patch a

#patch-management #malware
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

The Hacker News thehackernews.com

Brazilian users have emerged as the target of a new self-propagating malware that spreads via the popular messaging app WhatsApp. The campaign, codenamed SORVEPOTEL by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems, adding the attack is "engineered for speed and propagation" rather than data theft or ransomware. "SORVEPOTEL has been observed to

#security-tools #incident #malware #ransomware