Tag: worm

Threats Actors Use Sophisticated Hacking Tools to Destroy Organizations Critical Infrastructure

Jul 14, 2025 11:40 AM

Tags: breach, control, cyber, data, exploit, hacking, infrastructure, malware, threat, tool, vulnerability, worm

Threat actors, ranging from state-sponsored organizations to non-state actors, are using sophisticated cyber weapons to breach and destroy vital infrastructure in a time when digital and physical security are becoming more intertwined. These tools, often manifesting as malware agents like worms, viruses, and advanced persistent threats (APTs), exploit vulnerabilities in supervisory control and data acquisition…
Phishing Scammers Push for Callbacks in Latest Innovation

Jul 3, 2025 6:34 PM

Tags: attack, cyber, defense, phishing, scam, social-engineering, worm

Telephone-Oriented Attack Delivery Social Engineering Tactic Thrives. The phishing industry is a never ending font of innovation. Cyber fraudsters are determined to worm their way into your inbox. Recent attacks involve callback phishing, a social engineering tactic designed to break down victims’ defenses by spurring them into calling the scammers themselves. First seen on govinfosecurity.com…
Threat Casting a Nation State Attack on Critical Infrastructure Scenario at CognectCon2025

Jun 23, 2025 6:35 AM

Tags: attack, conference, cyber, cyberattack, cybersecurity, data, disinformation, infrastructure, iran, malicious, middle-east, risk, threat, vulnerability, worm

During exercises at CognectCon2025 a number of cyberattack scenarios were discussed that highlighted the risks of cyber attackers leveraging cognitive vulnerabilities to cause major impacts to nation critical infrastructures. This video is a short report-out on one such possible scenario, before we began discussing how to prevent, detect, and respond to such an event. In…
6 rising malware trends every security pro should know

May 29, 2025 8:55 AM

Tags: adobe, ai, antivirus, apple, attack, awareness, backdoor, business, captcha, cloud, corporate, cybercrime, data, defense, detection, encryption, endpoint, exploit, extortion, framework, group, hacking, incident response, infrastructure, intelligence, Internet, law, leak, macOS, malicious, malware, network, password, phishing, powershell, programming, pypi, ransom, ransomware, service, social-engineering, software, supply-chain, tactics, theft, threat, tool, update, vulnerability, worm

Malicious packages targeting developer environments: Threat actors are systematically compromising the software supply chain by embedding malicious code within legitimate development tools, libraries, and frameworks that organizations use to build applications.”These supply chain attacks exploit the trust between developers and package repositories,” Immersive’s McCarthy tells CSO. “Malicious packages often mimic legitimate ones while running harmful…
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

May 27, 2025 7:54 PM

Tags: api, attack, container, crypto, data-breach, docker, malware, threat, worm

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet.The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and rope them into an ever-growing horde of mining bots.Kaspersky said it…
RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances

May 20, 2025 4:54 PM

Tags: cyber, exploit, linux, threat, vulnerability, worm

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed >>RedisRaider,
Sicherheit für Unternehmensdaten, Teil 4 – Storage-Security: Air-Gap, unveränderliche Backups & WORM-Funktion

May 5, 2025 12:49 PM

Tags: backup, worm

First seen on security-insider.de Jump to article: www.security-insider.de/storage-security-air-gap-unveraenderliche-backups-worm-funktion-a-83f05f859ab58765055440afd3ec4c40/
BlockyVeeam optimiert den BackupSchutz

Apr 8, 2025 3:42 PM

Tags: backup, data, ransomware, veeam, windows, worm

Grau Data stellt seine neueste Version des Backup-Ransomware-Schutzes vor. Blocky-for-Veeam ist einfach zu installieren und intuitiv in der Bedienung. Er ist derzeit der einzige Ransomware-Schutz für Backups, der direkt auf dem Veeam-Windows-Server aufsetzt und mit der erprobten Grau-Data-WORM (Write Once, Read Many)-Technologie einen unveränderlichen Schutzschild für Veeam-Backups erzeugt. Blocky-for-Veeam 3.5 bietet […] First seen on…
Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers

Apr 2, 2025 2:55 PM

Tags: attack, botnet, control, crypto, cybersecurity, group, linux, malware, worm

Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials.”Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems,” Elastic Security Labs said in a new analysis First…
New Outlaw Linux Malware Using SSH brute-forcing To Maintain Botnet Activities for long Time

Apr 2, 2025 11:55 AM

Tags: botnet, crypto, cyber, linux, malware, worm

A persistent Linux malware known as >>Outlaw
The Trump administration made an unprecedented security mistake you can avoid doing the same

Mar 29, 2025 5:13 AM

Tags: access, attack, business, communications, control, cybersecurity, data, defense, government, group, intelligence, international, malicious, military, mobile, network, office, resilience, risk, russia, social-engineering, technology, threat, ukraine, unauthorized, usa, vulnerability, worm

faux pas of senior administration personnel went from bad to worse to the gutter in the span of 24 hours. If you haven’t read The Atlantic writeup, you should (there are two pieces, the revelation from Goldberg and then the subsequent release of the contents of the Signal chat). There is no getting around it,…
Raspberry Robin: From Copy Shop Worm to Russian GRU Cyber Tool

Mar 27, 2025 1:33 AM

Tags: cyber, Hardware, russia, tool, worm

Raspberry Robin, also known as Roshtyak or Storm-0856, has evolved from a simple worm targeting copy shops to First seen on securityonline.info Jump to article: securityonline.info/raspberry-robin-from-copy-shop-worm-to-russian-gru-cyber-tool/
Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors

Mar 26, 2025 11:13 AM

Tags: access, control, cyber, cybersecurity, group, Hardware, infrastructure, threat, worm

In a significant development, cybersecurity firm Silent Push has identified nearly 200 unique command and control (C2) domains associated with the Raspberry Robin malware. This discovery sheds new light on the infrastructure used by this sophisticated threat actor group, which has evolved from a USB worm to a formidable initial access broker (IAB) for various…
Defending against USB drive attacks with Wazuh

Mar 5, 2025 4:34 PM

Tags: attack, breach, cybersecurity, data, finance, malware, network, risk, stuxnet, worm

USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization’s reputation. An example is the Stuxnet worm discovered in 2010, a malware…
The 2024 cyberwar playbook: Tricks used by nation-state actors

Dec 25, 2024 7:43 AM

Tags: access, ai, apt, at&t, attack, authentication, backdoor, blizzard, botnet, breach, china, cisa, cloud, control, credentials, cve, cvss, cyber, cybersecurity, data, ddos, defense, detection, email, espionage, exploit, flaw, fortinet, google, government, group, hacker, hacking, healthcare, india, infrastructure, iran, ivanti, linux, login, malicious, malware, mfa, microsoft, mobile, network, offense, office, open-source, password, phishing, powershell, remote-code-execution, router, russia, service, social-engineering, software, spear-phishing, spy, strategy, supply-chain, tactics, theft, threat, tool, unauthorized, update, vpn, vulnerability, warfare, windows, worm, zero-day

In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless, they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros.”There was definitely a continued and noted uptick in nation-state activity in…
DEF CON 32 Compromising Electronic Logger Creating Truck2Truck Worm

Dec 10, 2024 12:07 AM

Tags: conference, worm

Authors/Presenters: Jake Jepson, Rik Chatterjee Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/def-con-32-compromising-electronic-logger-creating-truck2truck-worm/
Mustang Panda Feeds Worm-Driven USB Attack Strategy

Sep 17, 2024 10:33 PM

Tags: attack, government, malware, phishing, spear-phishing, strategy, worm

A fresh wave of attacks on APAC government entities involves both self-propagating malware spreading via removable drives and a spear-phishing campaig… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/mustang-panda-worm-driven-usb-attack
New CMoon USB worm targets Russians in data theft attacks

Aug 9, 2024 4:36 PM

Tags: attack, credentials, data, russia, theft, worm

A new self-spreading worm named ‘CMoon,’ capable of stealing account credentials and other data, has been distributed in Russia since early July 2024 … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cmoon-usb-worm-targets-russians-in-data-theft-attacks/
Fujitsu Suffers Worm-Like Attack From Something That Wasn’t Ransomware

Jul 17, 2024 11:10 PM

Tags: attack, ransomware, worm

First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/fujitsu-suffers-worm-attack-not-ransomware
‘P2PInfect’ Worm Grows Teeth With Miner, Ransomware & Rootkit

Jul 2, 2024 3:47 PM

Tags: ransomware, worm

First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/p2pinfect-worm-miner-ransomware-rootkit
New P2Pinfect version delivers miners and ransomware on Redis servers

Jul 1, 2024 9:19 AM

Tags: crypto, ransomware, worm

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warn… First seen on securityaffairs.com Jump to article: securityaffairs.com/164968/malware/p2pinfect-delivers-miners-ransomware-on-redis.html
P2Pinfect Worm Now Dropping Ransomware on Redis Servers

Jun 26, 2024 8:42 PM

Tags: crypto, ransomware, worm

The P2Pinfect worm targeting Redis servers has been updated with ransomware and cryptocurrency mining payloads. The post nfect worm targeting Redis se… First seen on securityweek.com Jump to article: www.securityweek.com/p2pinfect-worm-now-dropping-ransomware-on-redis-servers/
Cloud-based worm now spews ransomware and cryptominer gloom

Jun 26, 2024 8:42 PM

Tags: cloud, ransomware, worm

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/p2pinfect-evolves-to-introduce-ransomware-and-cryptominer-payloads
Stuxnet, The Malware That Propagates To Air-Gapped Networks

Jun 20, 2024 4:03 PM

Tags: control, data, malware, network, stuxnet, worm

Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA) systems used in industrial facilities. By exploi… First seen on gbhackers.com Jump to article: gbhackers.com/stuxnet-malware-air-gapped-networks/
VirusTotal Celebrates 20th Anniversary, What’s Next?

Jun 3, 2024 1:03 PM

Tags: malicious, service, worm

VirusTotal, a leading online service for analyzing files and URLs for viruses, worms, trojans, and other malicious content, is celebrating its 20th an… First seen on gbhackers.com Jump to article: gbhackers.com/virustotal-celebrates-anniversary/
Millions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For Dead

May 3, 2024 3:40 PM

Tags: worm

First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35817/Millions-Of-IPs-Remain-Infected-By-USB-Worm-Years-After-Its-Creators-Left-It-For-Dead.html
Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses

Apr 29, 2024 6:40 PM

Tags: malware, worm

More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives. The post n 90,000 unique IPs are stil… First seen on securityweek.com Jump to article: www.securityweek.com/self-spreading-plugx-usb-drive-malware-plagues-over-90k-ip-addresses/
Infections with abandoned PlugX USB worm continue to be prevalent

Apr 28, 2024 9:40 PM

Tags: infection, worm

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/infections-with-abandoned-plugx-usb-worm-continue-to-be-prevalent
Trucktruck worm could infect and disrupt entire US commercial fleet

Apr 16, 2024 2:16 PM

Tags: worm

First seen on theregister.com Jump to article: www.theregister.com/2024/03/22/boffins_tucktotruck_worm/
Raspberry Robin Morphs, Now Spreads via Windows Script Files

Apr 12, 2024 10:01 PM

Tags: Hardware, malware, threat, windows, worm

Malware Platform Operators Taket Steps to Obfuscate Code. Threat actors behind malware distribution platform Raspberry Robin worm have shifted tactics… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/raspberry-robin-morphs-now-spreads-via-windows-script-files-a-24844