From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized
The fastest-growing personal AI agent ecosystem just became a new delivery channel for malware. Over the last few days, VirusTotal has detected hundreds of OpenClaw skills that are actively malicious. What started as an ecosystem for extending AI agents is rapidly becoming a new supply-chain attack surface, where attackers distribute droppers, backdoors, infostealers and remote […] more…VTPRACTITIONERS{ACRONIS}: Tracking FileFix, Shadow Vector, and SideWinder
Introduction We have recently started a new blog series called #VTPRACTITIONERS. This series aims to share with the community what other practitioners are able to research using VirusTotal from a technical point of view. Our first blog saw our colleagues at SEQRITE tracking UNG0002, Silent Lynx, and DragonClone. In this new post, Acronis Threat Research […] more…VTPRACTITIONERS{SEQRITE}: Tracking UNG0002, Silent Lynx and DragonClone
Introduction One of the best parts of being at VirusTotal (VT) is seeing all the amazing ways our community uses our tools to hunt down threats. We love hearing about your successes, and we think the rest of the community would too. That’s why we’re so excited to start a new blog series where we’ll […] more…COM Objects Hijacking
The COM Hijacking technique is often utilized by threat actors and various malware families to achieve both persistence and privilege escalation in target systems. It relies on manipulating Component Object Model (COM), exploiting the core architecture of Windows that enables communication between software components, by adding a new value on a specific registry key related […] more…Understanding Google’s Blacklist – Cleaning Your Hacked Website and Removing From Blacklist
Today we found an interesting case where Google was blacklisting a client’s site but not sharing the reason why. The fact they were sharing very little info should not be new, but what we found as we dove a little deeper should be. The idea is to provide you webmasters with the required insight to […] more…More information
- Android Is Helping Kill Passwords on a Billion Devices
- What is Google Panda and how to recover after Google Panda effect?
- Maritime Cyberattack Database Launched by Dutch University
- Apple patents clone-making technology to sabotage electronic profiling
- "Wire transfer canceled"? Watch out for spammed-out malware attack
- Panama Papers: a massive document leak reveals a global web of corruption and tax avoidance
- Microsoft Skype for Business and Lync CVE-2018-8311 Remote Code Execution Vulnerability
- Schneider Electric Floating License Manager ICSA-19-192-07 Multiple Security Vulnerabilities
- Queensland TAFE student data exposed in hack
- Need for cyber-insurance heats up, but the market remains immature