Malware and Security Intelligence - Cyber Security Informer

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Penetration Testing

MARCH 31, 2024

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using to spread malware: they’re leveraging Google Ads tracking features to redirect unsuspecting users to malicious websites.

Penetration Testing

Penetration Testing Software Malware Security Intelligence

Attackers Exploit Construction Site Trust, Deliver TrollAgent Malware

Penetration Testing

FEBRUARY 22, 2024

Security experts at the AhnLab Security Intelligence Center (ASEC) have recently uncovered a malware distribution campaign targeting a Korean construction-related association website.

Penetration Testing

Penetration Testing Malware Security Intelligence Software

WogRAT Backdoor: The Stealthy Malware Lurking in Online Notepads

Penetration Testing

MARCH 4, 2024

A newly discovered backdoor malware dubbed ‘WogRAT’ is raising alarms for both Windows and Linux users.

Penetration Testing

Penetration Testing Malware Security Intelligence

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

The Hacker News

NOVEMBER 13, 2022

A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks.

DDOS

DDOS Malware Cryptocurrency Security Intelligence

Russian hackers use PowerShell USB malware to drop backdoors

Bleeping Computer

JUNE 15, 2023

The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [.]

Security Intelligence

Security Intelligence Malware Hacking

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

The Hacker News

JUNE 30, 2022

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence said in a series of tweets on Thursday.

Malware

Malware Security Intelligence

TargetCompany Ransomware Group Escalates Attacks: New Tools and Persistent Targeting of MS-SQL Servers

Penetration Testing

MAY 1, 2024

The world of cybersecurity is witnessing an alarming trend as ransomware groups intensify their attacks on Microsoft SQL (MS-SQL) servers, exploiting weak management practices to deploy devastating malware.

Penetration Testing

Penetration Testing Ransomware Security Intelligence Malware

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. The malware is able to redirect the user’s traffic and hijacking user search queries to popular search engines, including Google, Yahoo, and Bing. SecurityAffairs – hacking, malware).

Malware

Malware Adware Ransomware Security Intelligence

Anubis, a new info-stealing malware spreads in the wild

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Cybercrime

Hackers Weaponize Popular Software Framework for Stealthy Data Theft

Penetration Testing

APRIL 23, 2024

In a disturbing new development, cybersecurity experts at AhnLab Security Intelligence Center (ASEC) have revealed a growing trend of infostealer malware abusing the Electron framework.

Software

Software Penetration Testing Security Intelligence Malware

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

The Hacker News

SEPTEMBER 17, 2021

Cisco Talos dubbed the malware attacks "Operation Layover," building on previous research from the Microsoft Security Intelligence

Malware

Malware Security Intelligence Phishing

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware

The Hacker News

MAY 21, 2021

Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection.

Ransomware

Ransomware Malware Security Intelligence Encryption

Malware authors join forces and target organisations with Domino Backdoor

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members.

Malware

Malware Banking Ransomware Passwords

Crafty Infostealer Campaign Leverages Fake Adobe Reader Installer, Advanced Tricks to Evade Detection

Penetration Testing

MARCH 11, 2024

Security experts from AhnLab SEcurity intelligence Center (ASEC) have uncovered a sophisticated malware campaign where attackers are tricking users into downloading a dangerous infostealer disguised as a legitimate Adobe Reader installation file.

Penetration Testing

Penetration Testing Security Intelligence Malware

New STRRAT RAT Malware Convinces Believe They’ve Fallen Victim to Ransomware, Researchers Find

Hot for Security

MAY 21, 2021

Security researchers have discovered a new massive spam email campaign designed to push the latest version of STRRAT malware, according to data shared by Microsoft. It turns out that some malware only impersonates a ransomware attack, leaving the files untouched but scaring people with the possibility of a ransomware infection.

Ransomware

Ransomware Malware Security Intelligence Encryption

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption

Encryption Malware Ransomware Firewall

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs

APRIL 30, 2020

Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic. Crooks are attempting to take advantage of COVID-19 pandemic spreading malware via pirate streaming services and movie piracy sites during the COVID-19 outbreak, Microsoft warns. Pierluigi Paganini.

Malware

Malware Security Intelligence Adware Social Engineering

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware

Malware Security Intelligence Banking Phishing

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

APRIL 18, 2020

TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. Based on Office 365 ATP data, Trickbot is the most prolific malware operation using COVID-19 themed lures. This means we’re seeing a changing of lures, not a surge in attacks.”

Malware

Malware Advertising Security Intelligence Phishing

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Security Affairs

MAY 4, 2020

Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Pierluigi Paganini. SecurityAffairs – COVID-19, malspam).

Small Business

Small Business Malware Manufacturing Security Intelligence

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

Revenge RAT: Unveiling a Tool-Abusing, Fileless Attack

Penetration Testing

FEBRUARY 14, 2024

AhnLab Security Intelligence Center (ASEC) recently sounded the alarm over a cunning Revenge RAT malware campaign.

Penetration Testing

Penetration Testing Security Intelligence Malware

Online Ed is the New Corporate Threat Vector

Security Boulevard

APRIL 19, 2021

In the last 30 days, education was the most targeted sector, receiving more than 60% of all malware encounters, or more than 5 million incidents, according to Microsoft Security Intelligence. The post Online Ed is the New Corporate Threat Vector appeared first on Security Boulevard. Department of.

Education

Education Security Intelligence Government Malware

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The latest version of the Java-based STRRAT malware (1.5)

Ransomware

Ransomware Malware Encryption Security Intelligence

Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor

Penetration Testing

APRIL 10, 2024

Security experts at AhnLab Security Intelligence Center (ASEC) have sounded the alarm on a new wave of attacks targeting Redis servers.

Penetration Testing

Penetration Testing Security Intelligence Malware

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022.

Security Intelligence

Security Intelligence Malware Architecture Backups

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. “We observed notable updates to the long-running malware campaign targeting Linux systems by a group known as the 8220 gang.”

Security Intelligence

Security Intelligence Malware Hacking Information Security

LockBit Ransomware: The Hidden Threat in Resume Word Files

Penetration Testing

JANUARY 18, 2024

The AhnLab Security Intelligence Center has uncovered that the LockBit ransomware is being spread through malicious Word files disguised as resumes.

Penetration Testing

Penetration Testing Ransomware Security Intelligence Malware

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Security Affairs

MAY 18, 2022

pic.twitter.com/Tro0NfMD0j — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. pic.twitter.com/stXJMDMevc — Microsoft Security Intelligence (@MsftSecIntel) May 17, 2022. Then the attackers are able to perform other malicious actions, such as deploying malware.

Security Intelligence

Security Intelligence Hacking Accountability Malware

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks.

IoT

IoT DDOS Architecture Internet

New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks

Penetration Testing

JANUARY 29, 2024

AhnLab Security Intelligence Center (ASEC) has recently uncovered a concerning development in ransomware attacks. A new threat actor, previously known as Trigona ransomware, has been identified as installing Mimic ransomware.

Ransomware

Ransomware Penetration Testing Security Intelligence Malware

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

— Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Attacks showing up in commodity malware like those used by the threat actor CHIMBORAZO indicate broader exploitation in the near term.” states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Security Affairs

JUNE 14, 2021

— Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. The sites appear as a clone of Google Drive web pages used to serve the SolarMaker malware. pic.twitter.com/cBeTfteyGl — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021. ” state Microsoft. Pierluigi Paganini.

Antivirus

Antivirus Security Intelligence Malware Insurance

Chinese Cyber Threat to Indian Defense and Telecom Sector

CyberSecurity Insiders

JUNE 18, 2021

Recorded Future that offers Enterprise Security Intelligence to American companies has revealed that there has been a persistent cyber threat to Indian Defense and Telecom sector from Chinese Military Intelligence since 2014.

Cyber threats

Cyber threats Security Intelligence Media Malware

Sophisticated SmokeLoader Campaign Targets Ukrainian Sectors

Penetration Testing

JANUARY 21, 2024

In a recent investigation, researchers at AhnLab Security Intelligence Center (ASEC) have unearthed a sophisticated cyber-espionage campaign targeting various sectors within Ukraine, including the government, public institutions, and key industries.

Penetration Testing

Penetration Testing Security Intelligence Government Malware

Organizations in aerospace and travel sectors under attack, Microsoft warns

Security Affairs

MAY 13, 2021

Microsoft warns of a malware-based campaign that targeted organizations in the aerospace and travel sectors in the past months. Microsoft researchers revealed that organizations in the aerospace and travel sectors have been targeted in the past months in a malware-based campaign. com or similar sites.

Security Intelligence

Security Intelligence Phishing Malware Hacking

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware

Malware Passwords Advertising Cybercrime

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) and earlier. ” concludes the report.

Firmware

Firmware Wireless DDOS IoT

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS

DNS Penetration Testing Malware Hacking

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking

Banking Malware Security Intelligence Advertising

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

The group is suspected to have been running successful malware campaigns for more than five years. The attackers have used off-the-shelf malware since the beginning of their operations and have never developed their own malware. — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021.

Malware

Malware Phishing DNS Cybercrime

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. The InfectedSlurs is based on the JenX Mirai malware variant that in 2018 leveraged the Grand Theft Auto videogame community to infect devices.

DDOS

DDOS Wireless Security Intelligence Authentication

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. macros in malware campaigns.

Security Intelligence

Security Intelligence Advertising Phishing Malware

A week in security (June 28 – June 4)

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance

Cyber Insurance Social Engineering Scams Insurance

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Attackers Exploit Construction Site Trust, Deliver TrollAgent Malware

Trending Sources

WogRAT Backdoor: The Stealthy Malware Lurking in Online Notepads

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

Russian hackers use PowerShell USB malware to drop backdoors

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

TargetCompany Ransomware Group Escalates Attacks: New Tools and Persistent Targeting of MS-SQL Servers

IT giants warn of ongoing Chromeloader malware campaigns

Anubis, a new info-stealing malware spreads in the wild

Hackers Weaponize Popular Software Framework for Stealthy Data Theft

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware

Malware authors join forces and target organisations with Domino Backdoor

Crafty Infostealer Campaign Leverages Fake Adobe Reader Installer, Advanced Tricks to Evade Detection

New STRRAT RAT Malware Convinces Believe They’ve Fallen Victim to Ransomware, Researchers Find

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

Crooks spread malware via pirated movies during COVID-19 outbreak

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Trickbot is the most prolific malware operation using COVID-19 themed lures

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Purple Lambert, a new malware of CIA-linked Lambert APT group

Revenge RAT: Unveiling a Tool-Abusing, Fileless Attack

Online Ed is the New Corporate Threat Vector

STRRAT RAT spreads masquerading as ransomware

Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

LockBit Ransomware: The Hidden Threat in Resume Word Files

Microsoft warns of attacks targeting MSSQL servers using the tool sqlps

Updated Kmsdx botnet targets IoT devices

New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

SEO poisoning campaign aims at delivering RAT, Microsoft warns

Chinese Cyber Threat to Indian Defense and Telecom Sector

Sophisticated SmokeLoader Campaign Targets Ukrainian Sectors

Organizations in aerospace and travel sectors under attack, Microsoft warns

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

French Firms Rocked by Kasbah Hacker?

Emotet operators are running Halloween-themed campaigns

Threat actor has been targeting the aviation industry since at least 2018

New InfectedSlurs Mirai-based botnet exploits two zero-days

Microsoft warns of “massive campaign” using COVID-19 themed emails

A week in security (June 28 – June 4)

Stay Connected