Tag Archives: malware

10 malicious Python packages exposed in latest repository attack

Enlarge / Supply-chain attacks, like the latest PyPi discovery, insert malicious code into seemingly functional software packages used by developers. They’re becoming increasingly common. (credit: Getty Images) Researchers have discovered yet another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries. Those duped by the seemingly familiar… Read More: 10 malicious Python packages exposed in latest repository attack »

Hackers are targeting industrial systems with malware

Enlarge (credit: Getty Images) From the what-could-possibly-go-wrong files comes this: An industrial control engineer recently made a workstation part of a botnet after inadvertently installing malware advertising itself as a means for recovering lost passwords. Lost passwords happen in many organizations. A programmable logic controller—used to automate processes inside factories, electric plants, and other industrial… Read More: Hackers are targeting industrial systems with malware »

Vulnerabilities allowing permanent infections affect 70 Lenovo laptop models

Enlarge (credit: Lenovo) For owners of more than 70 Lenovo laptop models, it’s time once again to patch the UEFI firmware against critical vulnerabilities that attackers can exploit to install malware that’s nearly impossible to detect or remove. The laptop maker on Tuesday released updates for three vulnerabilities that researchers found in the UEFI firmware… Read More: Vulnerabilities allowing permanent infections affect 70 Lenovo laptop models »

I sent my yoga studio a web form, and all I got was this lousy malware attack

Enlarge (credit: Getty Images) On the last day of May, one of my inboxes began receiving emails, purportedly from one of the owners of the yoga studio I visit. It concerned a message I sent in January through the studio’s website that had been resolved the following day in an email sent by the co-owner.… Read More: I sent my yoga studio a web form, and all… »

Billing fraud apps can disable Android Wi-Fi and intercept text messages

Enlarge (credit: Aurich Lawson) Android malware developers are stepping up their billing fraud game with apps that disable Wi-Fi connections, surreptitiously subscribe users to pricey wireless services, and intercept text messages, all in a bid to collect hefty fees from unsuspecting users, Microsoft said on Friday. This threat class has been a fact of life… Read More: Billing fraud apps can disable Android Wi-Fi and intercept text… »

Microsoft Exchange servers worldwide hit by stealthy new backdoor

Enlarge (credit: Getty Images) Researchers have identified stealthy new malware that threat actors have been using for the past 15 months to backdoor Microsoft Exchange servers after they have been hacked. Dubbed SessionManager, the malicious software poses as a legitimate module for Internet Information Services (IIS), the web server installed by default on Exchange servers.… Read More: Microsoft Exchange servers worldwide hit by stealthy new backdoor »

YouTube content creator credentials are under siege by YTStealer malware

Enlarge (credit: Getty Images) In online crime forums, specialization is everything. Enter YTStealer, a new piece of malware that steals authentication credentials belonging to YouTube content creators. “What sets YTStealer aside from other stealers sold on the Dark Web market is that it is solely focused on harvesting credentials for one single service instead of… Read More: YouTube content creator credentials are under siege by YTStealer malware »

A wide range of routers are under attack by new, unusually sophisticated malware

Enlarge (credit: Getty Images) An unusually advanced hacking group has spent almost two years infecting a wide range of routers in North America and Europe with malware that takes full control of connected devices running Windows, macOS, and Linux, researchers reported on Tuesday. So far, researchers from Lumen Technologies’ Black Lotus Labs say they’ve identified… Read More: A wide range of routers are under attack by new,… »

US uncovers “Swiss Army knife” for hacking industrial control systems

cravetiger | Getty Images reader comments 10 with 9 posters participating Share this story Malware designed to target industrial control systems like power grids, factories, water utilities, and oil refineries represents a rare species of digital badness. So when the United States government warns of a piece of code built to target not just one… Read More: US uncovers “Swiss Army knife” for hacking industrial control systems »

Russia’s Sandworm hackers attempted a third blackout in Ukraine

Getty Images | Sundry Photography reader comments 54 with 32 posters participating Share this story More than half a decade has passed since the notorious Russian hackers known as Sandworm targeted an electrical transmission station north of Kyiv a week before Christmas in 2016, using a unique, automated piece of code to interact directly with… Read More: Russia’s Sandworm hackers attempted a third blackout in Ukraine »