Operation SyncHole: Lazarus APT targets supply chains in South Korea – Source: securityaffairs.com https://ciso2ciso.com/operation-synchole-lazarus-apt-targets-supply-chains-in-south-korea-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #Intelligence #SecurityNews #hackingnews #hacking #Lazarus #Malware #APT

JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure – Source: securityaffairs.com https://ciso2ciso.com/jpcert-warns-of-dslogdrat-malware-deployed-in-ivanti-connect-secure-source-securityaffairs-com/ #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #DslogdRATmalware #SecurityAffairs #BreakingNews #SecurityNews #0CISO2CISO #hacking #Malware

#CEO of cybersecurity firm charged with installing #malware on hospital systems
https://securityaffairs.com/177020/cyber-crime/ceo-of-cybersecurity-firm-charged-with-installing-malware-on-hospital-systems.html
#securityaffairs #hacking

I just love steganography. I have an SVG and a PNG with malware I use to test file uploads.

https://isc.sans.edu/diary/rss/31892

New #Android #spyware is targeting #Russian #military personnel on the front lines

Russian military personnel are being targeted with recently discovered Android #malware that steals their contacts and #tracks their location.
#privacy #security

https://arstechnica.com/security/2025/04/russian-military-personnel-on-the-front-lines-targeted-with-new-android-spyware/

Novidades com ajuda de IA chegam ao Windows 11 em sistemas Copilot+
 https://tugatech.com.pt/t65775-novidades-com-ajuda-de-ia-chegam-ao-windows-11-em-sistemas-copilot

Mobile security risk: New Android malware "SuperCard X" enables contactless payment fraud via NFC relay attacks

Here’s how it works:
Victims are socially engineered through fake bank alerts (smishing + calls)
Tricked into installing a rogue app posing as “security software”
NFC data is intercepted from real debit/credit cards
Attackers relay stolen credentials to PoS terminals and ATMs for fraudulent cashouts

Why it matters:
• Attackers no longer need stolen physical cards — just proximity + deception
• Banking customers, payment providers, and card issuers are all at risk
• Google is working on Android protections — but vigilance is key now

Tip: Always scrutinize app installs, verify messages before acting, and keep Google Play Protect enabled.

#CyberSecurity #MobileSecurity #Malware #NFC #FinancialFraud #ThreatIntel #security #privacy #cloud #infosec

https://thehackernews.com/2025/04/supercard-x-android-malware-enables.html

#JPCERT warns of #DslogdRAT #malware deployed in #Ivanti Connect Secure
https://securityaffairs.com/177002/malware/jpcert-warns-of-dslogdrat-malware-deployed-in-ivanti-connect-secure.html
#securityaffairs #hacking

Unsichtbare #Rootkits:

"Blinder Fleck" bei #Kernel-Interface bedroht #Linux-Systeme.

Viele #Sicherheitstools überwachen System-Calls, um #Malware zu erkennen. Unter #Linux gibt es jedoch eine Alternative, die oft völlig missachtet wird.

#Forscher von #Armo haben ein #Sicherheitsproblem in Verbindung mit einer io_uring genannten Schnittstelle des #Linux-Kernels aufgedeckt.

https://www.golem.de/news/unsichtbare-rootkits-blinder-fleck-bei-kernel-interface-bedroht-linux-systeme-2504-195655.html

#Ransomware-Markt: Kommt es zur Bildung eines neuen Kartells? https://www.inside-it.ch/ransomware-markt-kommt-es-zur-bildung-eines-neuen-kartells-20250417 #Malware

#SAP #NetWeaver zero-day allegedly exploited by an initial access broker
https://securityaffairs.com/176983/hacking/sap-netweaver-zero-day-allegedly-exploited-by-an-initial-access-broker.html
#securityaffairs #hacking #malware

JPCERT/CC Eyes: DslogdRAT Malware Installed in Ivanti Connect Secure https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html

More:

The Hacker News: DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks https://thehackernews.com/2025/04/dslogdrat-malware-deployed-via-ivanti.html @thehackernews #cybersecurity #Infosec #Ivanti #zeroday #malware

#Linux '#io_uring' security blindspot allows stealthy #rootkit attacks

https://www.bleepingcomputer.com/news/security/linux-io-uring-security-blindspot-allows-stealthy-rootkit-attacks/

Food retail giant behind several major US supermarket brands confirms data stolen in major ransomware breach

Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company, operating some 7,910 stores across Europe, the United States, and Indonesia, and serving around 72 million customers weekly.

#AholdDelhaize #food #ransomware #malware #databreach #security #cybersecurity #hackers #hacking #hacked

https://www.techradar.com/pro/security/food-retail-giant-behind-several-major-us-supermarket-brands-confirms-data-stolen-in-major-ransomware-breach

Triada strikes back – Source: securelist.com https://ciso2ciso.com/triada-strikes-back-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #InstantMessengers #Cryptocurrencies #Financialthreats #GoogleAndroid #MobileMalware #Mobilethreats #securelistcom #backdoor #Facebook #Telegram #WhatsApp #Dropper #Malware #Trojan #Skype

Neu im Research-Blog: Rolling in the Deep (Web) - Lazarus Tsunami

Bei der Unterstützung eines Kunden konnte HiSolutions umfangreiche Teile des #Malware-Frameworks #Tsunami sicherstellen, analysieren und damit den Angriffsweg der laufenden „Contagious Interview“-Kampagne der Angreifergruppe #Lazarus rekonstruieren.

Für Betroffene enthält unser Artikel alle technischen Details inklusive YARA-Regeln und IoC zur Entdeckung einer Infektion sowie einer Abbildung der genutzten Tools und Techniken auf die #MITRE ATT&CK Matrix.

Zum Blog-Beitrag: https://research.hisolutions.com/2025/04/rolling-in-the-deepweb-lazarus-tsunami/

#cryptocurrency #NorthKorea #malware

'North Korean cyber spies created two businesses in the U.S., in violation of Treasury sanctions, to infect developers working in the cryptocurrency industry with malicious software, according to cybersecurity researchers and documents reviewed by Reuters.'

https://www.yahoo.com/news/north-korean-cyber-spies-created-192115484.html

Artículo largo pero muy interesante sobre actores estatales montando sociedades pantalla para lanzar malware dirigido a desarrolladores:

https://www.silentpush.com/blog/contagious-interview-front-companies/

New #Android #spyware is targeting #Russian #military personnel on the front lines - Ars Technica

#Trojanized #mapping app steals users' #locations , #contacts , and more.
#trojan #security #privacy #malware #russia

https://arstechnica.com/security/2025/04/russian-military-personnel-on-the-front-lines-targeted-with-new-android-spyware/

#Operation #SyncHole: #Lazarus #APT targets supply chains in South Korea
https://securityaffairs.com/176964/apt/operation-synchole-lazarus-apt-targets-supply-chains-in-south-korea.html
#securityaffairs #hacking #malware