Iran's 'Peach Sandstorm' Cyberattackers Target Global Defense Network
The FalseFont backdoor allows operators to remotely access an infected system and launch additional files.
Infection refers to malware entering a device or network, enabling unauthorized access, data theft, disruption, or further compromise.
Search across headline titles and summaries.
Background for this topic.
A malware infection occurs when malicious code executes on a device or enters an environment, enabling unauthorized actions such as persistence, data theft, encryption, or further compromise. The term commonly covers viruses, worms, trojans, spyware, and similar malware; an infection may begin through a malicious attachment, exploit, drive-by download, removable media, or stolen credentials. Its effects depend on the malware and the privileges of the affected account, and an infected host does not necessarily spread automatically.
For security practitioners, the key concerns are identifying affected hosts, determining the initial access and scope, and preventing lateral movement. Useful controls include timely vulnerability remediation, email and web filtering, application controls, least-privilege accounts, and endpoint monitoring for unusual processes, persistence, or network connections. When infection is suspected, isolate the system without destroying evidence, investigate related accounts and devices, revoke exposed credentials, remove or rebuild the malware, and validate that restored systems are clean.
The FalseFont backdoor allows operators to remotely access an infected system and launch additional files.
Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases. [...]
Three malicious Chrome extensions posing as VPN (Virtual Private Networks) infected were downloaded 1.5 million times, acting as browser hijackers, cashback hack tools, and data stealers. [...]
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer
A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla
Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla via socially engineered emails and an evasive infection method.