Antivirus, Hacking, Malware and Surveillance

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. The group targets entities in Europe and Central America with a surveillance tool dubbed Subzero. Confirm that Microsoft Defender Antivirus is updated to security intelligence update 1.371.503.0

Surveillance

Surveillance Malware Authentication DNS

How is information stored in cloud secure from hacks

CyberSecurity Insiders

MAY 14, 2023

So, how is information stored in the cloud secured from hacks? Cloud providers also employ security measures such as firewalls, intrusion detection systems, and antivirus software to prevent attacks. Antivirus software scans files for known viruses and malware.

Hacking

Hacking Antivirus Firewall Encryption

Candiru surveillance spyware DevilsTongue exploited Chrome Zero-Day to target journalists

Security Affairs

JULY 22, 2022

The spyware developed by Israeli surveillance firm Candiru exploited recently fixed CVE-2022-2294 Chrome zero-day in attacks on journalists. ” The zero-day was chained with a sandbox escape exploit, but experts were not able to recover it due to the protection implemented by the malware. SecurityAffairs – hacking, Candiru).

Spyware

Spyware Surveillance Antivirus Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Kaspersky discovers long time Malware based espionage campaign

CyberSecurity Insiders

JUNE 17, 2021

And information is out that the campaign could have started by a hacking group dubbed Ferocious Kitten that has been active since 2015 and was conducting spying through a highly sophisticated malware named MarkiRAT. . Why the malware spreading hackers are targeting only Persian-speaking people is yet to be revealed to the public.

Malware

Malware Surveillance Antivirus Software

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware

Malware Banking Healthcare Penetration Testing

Security Affairs newsletter Round 407 by Pierluigi Paganini

Security Affairs

FEBRUARY 19, 2023

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy discloses a new data breach Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb German airport websites hit by DDos attacks once again Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine CISA adds Cacti, Office, Windows (..)

DDOS

DDOS Data breaches Surveillance Ransomware

Russia-linked BlackEnergy backed new cyber attacks on Ukraine’s state bodies

Security Affairs

OCTOBER 15, 2018

The BlackEnergy malware is a threat improved to target SCADA systems, some variants include the KillDisk component developed to wipe the disks and make systems inoperable. According to the SBU, BlackEnergy hackers used new samples of malware in a recent series of attack. ” states the ukrinform.net. .

Cyber Attacks

Cyber Attacks Surveillance Telecommunications Advertising

FBI shuts down malware on hundreds of Exchange servers, opens Pandora’s box

Malwarebytes

APRIL 14, 2021

At the extreme end, the same goes for vigilante style takedown tactics / breaking into servers / deleting data or “hacking back” It might feel good to wipe large quantities of illegal content from a server you’ve taken control of which belongs to very bad people. This is done to slow down phishers by making their data worthless.

Malware

Malware Hacking Phishing Passwords

Reducing the Time to Discovery: How to Determine if You Have Been Hacked

Webroot

FEBRUARY 19, 2021

For most small businesses, the chances of falling prey to a long-term covert surveillance operation by well-resourced, likely state-backed actors are slim. This shows that stealthily surveilling a network is not a tactic exclusive to highly sophisticated threat actors targeting enterprise businesses.

Small Business

Small Business Hacking Passwords Surveillance

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The attack described by Microsoft begun with a phishing message that was opened by an internal employee, the malware infected its systems and made lateral movements infected other systems in the same network. The incident also affected the surveillance camera network of the company along with the finance department.

Antivirus

Antivirus Malware Phishing Advertising

The stealthy email stealer in the TA505 hacker group’s arsenal

Security Affairs

MAY 16, 2019

During the last month, our Threat Intelligence surveillance team spotted increasing evidence of an operation intensification against the Banking sector. The piece of malware under analysis were downloaded from “bullettruth[.com/out[.exe”, Figure 3: Malware Signature by SLON LTD. Figure 4: Malware suspicious entropy level.

Banking

Banking Malware Surveillance Retail

SHARED INTEL: Threat actors add a human touch to boost effectiveness of automated attacks

The Last Watchdog

OCTOBER 3, 2019

Related: How ransomware became a scourge Specialists get assigned to poke around, locate key servers and find stealthy paths to send in more malware. Once they were inside, they would turn off your antivirus software and the software responsible for online backups. “Once they’re in the front door, now the humans get involved.”

Encryption

Encryption Malware Ransomware Cyber Attacks

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

The cyber-offense ecosystem still appears to be shaken by the sudden demise of NSO Group; at the same time, these activities indicate to us that we’ve only seen the tip of the iceberg when it comes to commercial-grade mobile surveillance tooling. One glaring example is Iran, which faced a series of spectacular hacks and sabotages.

Firmware

Firmware Surveillance Mobile Telecommunications

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

Vulnerability in Medtronic insulin pumps allow hacking devices. Firefox finally addressed the Antivirus software TLS Errors. China installs a surveillance app on tourists phones while crossing in the Xinjiang. Cryptomining Campaign involves Golang malware to target Linux servers. Is Your Browser Secure?

Scams

Scams Spyware DNS Advertising

IT threat evolution Q1 2021

SecureList

MAY 31, 2021

Out of the 18,000 Orion IT customers affected by the malware, it seems that only a handful were of interest to the attackers. For example, before making the first internet connection to its C2s, the Sunburst malware lies dormant for up to two weeks, preventing easy detection of this behaviour in sandboxes.

Malware

Malware Adware Encryption Architecture

APT trends report Q1 2021

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware

Malware Spyware Government Social Engineering

Russian hackers exfiltrated data from Capita over a week before outage

DoublePulsar

APRIL 20, 2023

Here’s a writeup from Kroll on a typical Black Basta incident: Qakbot has been around for many years, and is under heavy surveillance by both commercial CTI providers and independent security researchers. It is a serious threat to all organisations which should be met with both a response by government, and businesses.

Ransomware

Ransomware Government Data breaches Media

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

Hackology

NOVEMBER 11, 2023

Kamran Spyware: An Overview The Kamran spyware can be summarized as a sophisticated Android malware targeting regional news website users. Additionally, implementing strong security measures, such as regularly updating software and using reliable antivirus software, can help detect and prevent the infiltration of Kamran spyware.

Spyware

Spyware Malware Risk Mobile

The state of stalkerware in 2020

SecureList

FEBRUARY 26, 2021

The Coalition Against Stalkerware warns that stalkerware “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.” They still need physical access to the phone to jailbreak it, so iPhone users who fear surveillance should always keep an eye on their device.

Mobile

Mobile Surveillance Software Passwords

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

It was for 1000s of compromised, Internet of Things, enabled devices, such as surveillance cameras, residential gateways, internet connected printers, and even in home baby monitors these devices themselves are often thought of as not having much in the way of resources, and really they don't have many computing resources.

IoT

IoT DDOS Malware Internet

Dangerous permissions detected in top Android health apps

Security Affairs

SEPTEMBER 15, 2023

Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Malware can use this permission to plant harmful files or steal sensitive information. antivirus) require this access, malicious apps could abuse it to take full control of your device.

Accountability

Accountability Mobile Surveillance Information Security

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

The course consists of four modules: Hackers Exposed: You will find out methods that stop hackers, block tracking, and prevent government surveillance. Endpoint Protection: Discover how to use antivirus software, learn about malware, encryption and application control. No hacking or programming experience is needed.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

Cyber Security Informer

European firm DSIRF behind the attacks with Subzero surveillance malware

How is information stored in cloud secure from hacks

Webinars

Trending Sources

Candiru surveillance spyware DevilsTongue exploited Chrome Zero-Day to target journalists

Webinars

Kaspersky discovers long time Malware based espionage campaign

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Top 10 Malware Strains of 2021

Security Affairs newsletter Round 407 by Pierluigi Paganini

Russia-linked BlackEnergy backed new cyber attacks on Ukraine’s state bodies

FBI shuts down malware on hundreds of Exchange servers, opens Pandora’s box

Reducing the Time to Discovery: How to Determine if You Have Been Hacked

Microsoft’s case study: Emotet took down an entire network in just 8 days

The stealthy email stealer in the TA505 hacker group’s arsenal

SHARED INTEL: Threat actors add a human touch to boost effectiveness of automated attacks

Advanced threat predictions for 2023

Security Affairs newsletter Round 221 – News of the week

IT threat evolution Q1 2021

APT trends report Q1 2021

Russian hackers exfiltrated data from Capita over a week before outage

Kamran Spyware Targets Gilgit Baltistan Users Through Hunza News

The state of stalkerware in 2020

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

Dangerous permissions detected in top Android health apps

7 Cyber Security Courses Online For Everybody

Stay Connected