2000 and Malware - Cyber Security Informer

Interview with the Author of the 2000 Love Bug Virus

Schneier on Security

SEPTEMBER 22, 2020

No real surprises, but we finally have the story. The story he went on to tell is strikingly straightforward. De Guzman was poor, and internet access was expensive. He felt that getting online was almost akin to a human right (a view that was ahead of its time).

Passwords

Passwords Internet Internet Malware

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. banking Trojan and was used to spread Zeus-like banking trojan (i.e. Zeus OpenSSL).

Malware

Malware Banking Software Cybercrime

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 p ercent in 2019 compared to 2018, and most of them involved the Echobot malware.

Advertising

Advertising Malware IoT Technology

Study shows connections between 2000 malware samples used by Russian APT groups

Security Affairs

SEPTEMBER 26, 2019

A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups.

Malware

Malware Hacking Advertising Ransomware

Google moves to keep public sector cybersecurity vulnerabilities leashed

Tech Republic Security

APRIL 21, 2023

The Center for Internet Security, founded in 2000 to address growing cyber threats and establish a set of cybersecurity protocols and standards like CIS Critical Security Controls and. Google Cloud and The Center for Internet Security, Inc.,

Cybersecurity

Cybersecurity Cyber threats Internet Internet

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications DNS Hacking Passwords

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

UK and US cybersecurity agencies linked Cyclops Blink malware to Russia’s Sandworm APT. US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. Pierluigi Paganini.

Malware

Malware Firmware Architecture Firewall

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

2000 Sydney. Nothing happened at the 2000 games, and it seems nothing happened at any earlier events either. All of a sudden we have infectious email attachments, and compromised third-party sites serving up malware. There is evidence of malware bouncing around though, in the form of Wiper malware targeting Japanese computers.

Scams

Scams Hacking Malware Mobile

Frequent VBA Macros used in Office Malware

Security Affairs

OCTOBER 1, 2019

The malware expert Marco Ramilli collected a small set of VBA Macros widely re-used to “weaponize” Maldoc (Malware Document) in cyber attacks. Here comes the idea to collect a small set of VBA Macros widely re-used to “weaponize” Maldoc (Malware Document) in contemporary cyber attacks. compatible; MSIE 6.0;

Malware

Malware Computers and Electronics Penetration Testing Cyber Attacks

Romanian energy supplier Electrica Group is facing a ransomware attack

Security Affairs

DECEMBER 9, 2024

Electrica Group was established in 1998 as a division of CONEL, Romania’s largest electricity distribution company, and became independent in 2000 after CONEL’s restructuring. The main activities of the Group are the distribution and supply of electricity to final customers. The company serves over 3.8

Ransomware

Ransomware Cyber Attacks Cybercrime Marketing

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware

Malware Telecommunications DNS Hacking

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2000-08-24 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile

Mobile Technology Manufacturing Malware

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Security Affairs

AUGUST 13, 2019

A new malware-as-a- service dubbed Cerberus has emerged in the threat landscape, it is an Android RAT developed from scratch that doesn’t borrow the code from other malware. The malware implements banking Trojan capabilities such as the use of overlay attacks, the ability to intercept SMS messages and access to the contact list.

Banking

Banking Malware Advertising Social Engineering

Rombertik: Old Dog

Doctor Chaos

FEBRUARY 16, 2022

I recently came across a classic malware which I thought was long gone and forgotten. Rombertik is a self-destructing malware that has been making a lot of news. This malware leverages vulnerabilities through a Web browser’s operation of collecting user data from sites being visited by the victim. Details of the Breach.

Social Engineering

Social Engineering Malware Technology Phishing

Synology Recently Noticed a Rise in Brute-force Attacks on NAS Devices

Heimadal Security

AUGUST 10, 2021

the Taiwanese organization that specializes in Network-attached storage (NAS) appliances, has recently informed its clients of the StealthWorker malware which is attempting to attack their NAS devices. Taiwan-based NAS maker Synology was founded in January 2000 and now its products are distributed worldwide and localized in several languages.

Malware

Malware Cybersecurity

Companies Failing to Protect Domain Registrations

Security Boulevard

OCTOBER 20, 2021

The study found the majority of Global 2000 companies continue to lag in the adoption of domain security. The post Companies Failing to Protect Domain Registrations appeared first on Security Boulevard.

Phishing

Phishing Ransomware DNS Malware

Security Affairs newsletter Round 251

Security Affairs

FEBRUARY 16, 2020

OT attacks increased by over 2000 percent in 2019, IBM reports. billion malware installs from Third-party stores in 2019. PoS malware infected systems at 71 locations operated by US store chain Rutters. US Govt agencies detail North Korea-linked HIDDEN COBRA malware. Netanyahus party Elector app exposes data on over 6.5M

Cyber Attacks

Cyber Attacks Banking Advertising Internet

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Ransomware

Ransomware Encryption Telecommunications Malware

Security Affairs newsletter Round 349

Security Affairs

JANUARY 16, 2022

Threat actors stole $18.7M Threat actors stole $18.7M Threat actors stole $18.7M US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns.

Surveillance

Surveillance Ransomware Hacking Malware

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

The nature of the targets, low detection rate, and sophisticated malware-supported features suggest that an APT group developed it. The malware masqueraded as a Microsoft Word Add-In (.wll) The malware has a multi-threaded implementation, utilizing event objects for thread synchronization and signaling.

Malware

Malware Ransomware Hacking Technology

8220 Gang Cloud Botnet infected 30,000 host globally

Security Affairs

JULY 21, 2022

This month, the experts noticed that the number of infected hosts passed from 2000 to around 30,000. “While the group has operated for years, by mid 2021, the botnet was observed operating with roughly 2000 hosts globally. .” IRC Botnet malware and miner download/configuration and remediation persistence.

Cryptocurrency

Cryptocurrency Malware Hacking Internet

Retired Malware Samples: Everything Old is New Again

Lenny Zeltser

JULY 27, 2018

Finding real-world malware samples that illustrate practical analysis techniques is tricky. When training professionals how to reverse-engineer malware , I’ve gone through lots of malicious programs for the purpose of educational examples. A Backdoor with a Backdoor. A good joke never gets old? Clipboard Manipulation.

Malware

Malware Engineering Education Advertising

FakeSG campaign, Akira ransomware and AMOS macOS stealer

SecureList

DECEMBER 13, 2023

Cybercriminals try to capitalize on their victims in every possible way by distributing various types of malware designed for different platforms. In recent months, we have written private reports on a wide range of topics, such as new cross-platform ransomware, macOS stealers and malware distribution campaigns.

Ransomware

Ransomware Malware Passwords Encryption

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft

Identity Theft VPN Malware Ransomware

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

Security Affairs

SEPTEMBER 9, 2021

The analysis of the sources of the attack revealed that they were devices with open ports 2000 and 5678 (2000 “Bandwidth test server” and port 5678 “Mikrotik Neighbor Discovery Protocol”), a combination that suggests the involvement of Mikrotik systems. ris botnet. million RPS.

DDOS

DDOS Internet Internet IoT

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Security Affairs

DECEMBER 16, 2020

Eu authorities pointed out that the rules were never revisioned since 2000, the new laws have been anticipated by commissioners Margrethe Vestager and Thierry Breton. ” “Our rules on digital services in Europe – the most coveted single market in the world – date back to 2000.

Marketing

Marketing Hacking Risk Information Security

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2000-08-24 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile

Mobile Technology Manufacturing Software

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Hacking Malware Phishing

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration (NNSA). . Department of Energy that was established by Congress in 2000.

Hacking

Hacking Software Malware Risk

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The #SwiftSlicer wiper is written in Go programing language.

Telecommunications

Telecommunications Malware Hacking Technology

Sectigo says that most of certificates reported by Chronicle analysis were already revoked

Security Affairs

MAY 26, 2019

According to Sectigo, most of the certificates used to sign the malware submitted to VirusTotal and issued by the company were expired and were already revoked. According to Sectigo, most of the certificates used to sign the malware submitted to VirusTotal and issued by the company were expired and were already revoked.

Malware

Malware Advertising Cybersecurity Information Security

Atomic Stealer rings in the new year with updated version

Malwarebytes

JANUARY 10, 2024

Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. From today until December 31, 2023, the price for a subscription to Atomic MacOs Stealer is only $2000. Happy New Year!

Passwords

Passwords Antivirus Malware Encryption

These are the 15 Top Cyber Threats Now

SecureWorld News

NOVEMBER 12, 2020

First, however, let's look at the top 15 cyber threats organizations face right now, according to the report: Malware. Trends in Malware attacks. We can't look at all of these categories, but let's talk about the number one cyber attack threat of malware. 46,5%_of all malware in e-mail messages found in ‘.docx’

Cyber threats

Cyber threats Insurance Cyber Insurance Ransomware

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

Attackers used “super-aged” domains, usually registered before the year 2000, to avoid DNS blocklists and blending in with old malware at the same time The attackers manipulate MX (Mail Exchange) records by injecting fake responses through China’s Great Firewall.

DNS

DNS Firewall DDOS Hacking

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. Other malware employed in the attacks linked to TA428 are nccTrojan, Logtu, Cotx, and DNSep, and previously undetected malware named CotSam.

Encryption

Encryption Antivirus Malware Hacking

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack. The investigation revealed that the malware-based attack was powered by GCHQ and code-named Operation Socialist. ” wrote The Intercept.

Hacking

Hacking Spyware Telecommunications Malware

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The malware maintains persistence through Cron jobs.

Telecommunications

Telecommunications Authentication Data collection Passwords

Russia-linked Sandworm continues to conduct attacks against Ukraine

Security Affairs

MAY 21, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ESETresearch found an evolution of a malware loader used during the #Industroyer2 attacks. BREAKING #Sandworm continues attacks in Ukraine.

Malware

Malware Government Cyber Attacks Hacking

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

The Last Watchdog

SEPTEMBER 27, 2021

Phishing scams, malware, ransomware and data breaches are just some of the examples of cyberthreats that can devastate business operations and the protection of consumer information. The Morris worm was created by researcher Robert Morris and was considered one of the earliest forms of malware. The ILOVEYOU Worm (2000).

Hacking

Hacking Cybersecurity Identity Theft Technology

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

The Last Watchdog

OCTOBER 15, 2018

The OPM breach put most federal workers since the year 2000 are at risk. Then in August 2017, the FBI arrested a Chinese national suspected of helping to create the malware used in the OPM breach. In that caper, criminals got away with Social Security numbers, passwords, and in some cases, fingerprints. Cross-referencing.

Risk

Risk Government Cyber Attacks Authentication

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

“The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet.” Cyclops Blink is sophisticated malware with a modular structure. The malware leverages the firmware update process to achieve persistence.

Malware

Malware Government Firmware Firewall

Ransomware related news headlines trending on Google

CyberSecurity Insiders

DECEMBER 28, 2022

And it later paved the way to the spread of file encrypting malware onto the networks of over 13 firms, out of which 2 victims paid $2000 in BTC to regain access to their locked out systems. More details about the ransomware group involved in the incident will be updated after confirmation!

Ransomware

Ransomware Insurance Healthcare Encryption

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices. Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

IoT

IoT Firewall Malware Internet

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications Malware Hacking Technology

Interview with the Author of the 2000 Love Bug Virus

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Trending Sources

OT attacks increased by over 2000 percent in 2019, IBM reports

Study shows connections between 2000 malware samples used by Russian APT groups

Google moves to keep public sector cybersecurity vulnerabilities leashed

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

US and UK link new Cyclops Blink malware to Russian state hackers?

The Olympics: a timeline of scams, hacks, and malware

Frequent VBA Macros used in Office Malware

Romanian energy supplier Electrica Group is facing a ransomware attack

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Tracing the Supply Chain Attack on Android

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Rombertik: Old Dog

Synology Recently Noticed a Rise in Brute-force Attacks on NAS Devices

Companies Failing to Protect Domain Registrations

Security Affairs newsletter Round 251

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs newsletter Round 349

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

8220 Gang Cloud Botnet infected 30,000 host globally

Retired Malware Samples: Everything Old is New Again

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Tracing the Supply Chain Attack on Android

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

SolarWinds hackers also breached the US NNSA nuclear agency

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Sectigo says that most of certificates reported by Chronicle analysis were already revoked

Atomic Stealer rings in the new year with updated version

These are the 15 Top Cyber Threats Now

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Chinese actors behind attacks on industrial enterprises and public institutions

The Belgacom hack was the work of the UK GCHQ intelligence agency

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russia-linked Sandworm continues to conduct attacks against Ukraine

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

US dismantled the Russia-linked Cyclops Blink botnet

Ransomware related news headlines trending on Google

Russia-linked Cyclops Blink botnet targeting ASUS routers

Sandworm APT group hit Ukrainian news agency with five data wipers

Stay Connected