Malware news & analysis | SC Media

Malware

Common bugs make anti-virus solutions vulnerable to exploitation

The very anti-malware solutions meant to protect organizations for things like increasing privilege can be exploited to do just that. The solutions “may unintentionally assist malware in gaining more privileges on the system,” according to a CyberArk blog post penned by Eron Shimony. “The vast number of affected machines is troublesome; probably every Windows machine…

Amid Iranian hacker crackdown, CISOs should prep for retaliation

The United States ran a full-court press against Iranian hackers last week, including indictments from the Department of Justice, the FBI identifying malware used in attacks, and the addition of government-aligned hackers to the sanctions list by Treasury. In theory, increasing pressure against a foreign group may cause a pause in operations. Alternately, sanctions can…

Apple notarization process, meant to protect, approved Shlayer malware

Apple appears to have inadvertently approved OSX.Shlayer malware as part of the security notarization process it has touted would boost user confidence that the Developer ID-signed software they distribute has the innovative tech giant’s seal of approval. “While it is unclear “what the Shlayer folks did to get their malware notarized,” essentially Apple’s process “allowed…

SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns

The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in the financial sector throughout Europe, Middle East, Asia and Latin America. Deathstalker’s tactics, techniques and procedures aren’t different from when it first emerged as a hacker-for-hire, according to Kaspersky, which tracked Deathstalker’s activities for the…

Apple OS developer supply chain threatened by ‘clever’ malware attack

In an attack described as a “clever” supply-chain threat, XCSSET malware is being injected undetected into programs created by unwitting Xcode Apple developers who share their projects on the GitHub repository. The “unusual infection” can pilfer infected users’ credentials, accounts and other vital data, according to a blog post from researchers at Trend Micro who…

U.S. urges Linux users to secure kernels from new Russian malware threat

Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems. Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of…

Next post in Malware