2008, Encryption, Information Security and Malware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

In June 2023, the malware analyst rivitna published a sample of the ransomware that is compiled for Linux. “During the run, the ransomware generates a symmetric encryption key using CryptGenRandom() , which is the random number generator implemented by Windows CryptoAPI. . Files are encrypted by Chacha 2008 ( D.

Ransomware

Ransomware Encryption Malware Hacking

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. Get-WindowsFeature FS-SMB1).Installed

Authentication

Authentication Malware Advertising Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. This means that the threat actor was able to avoid detection for more than 15 years.

Malware

Malware Spyware Encryption Phishing

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

VPNLab was launched in 2008 and was offering online anonymity to criminal organizations. Its technology was based on OpenVPN and adopted 2048-bit encryption, the price for the subscription was very low, just $60/year. The authorities seized 15 VPNLab.net servers across 10 countries.

VPN

VPN Cybercrime Ransomware Advertising

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Security Affairs

OCTOBER 20, 2021

” The MSI package first removes registry keys associated with the old Purple Fox installations if any are present, then it replaces the components of the malware with new ones. “The goal is to install the MSI package as an admin without any user interaction.” ” continues the analysis.

Encryption

Encryption DNS Architecture Firewall

Qbot uses a new email collector module in the latest campaign

Security Affairs

AUGUST 31, 2020

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by malware for collecting browsing data and banking credentials and other financial information from the victims. The attackers could hijack the email threads to propagate the malware.

Banking

Banking Advertising Passwords Malware

Security Affairs newsletter Round 254

Security Affairs

MARCH 8, 2020

CIA Hacking unit APT-C-39 hit China since 2008. Lets Encrypt CA is revoking over 3 Million TLS certificates due to a bug. Malware campaign employs fake security certificate updates. US officials charge two Chinese men for laundering cryptocurrency for North Korea. Cisco addresses high severity RCE flaws in Webex Player.

Data breaches

Data breaches Mobile Advertising Ransomware

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

The vulnerability was disclosed by the security researcher Polle Vanhoof. The Mifare Classic smart card technology is known to be insecure since 2008, when security researchers from Radboud University Nijmegen performed reverse engineering of the chip and published their findings. ” wrote the expert.

Hacking

Hacking Technology Software Engineering

New Turla ComRAT backdoor uses Gmail for Command and Control

Security Affairs

MAY 26, 2020

Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ , which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of Agent.BTZ were used to compromise US military networks in the Middle East in 2008.

Advertising

Advertising Malware Encryption Authentication

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 RFC 2246) and 1.1 (RFC Both versions lack support for current and recommended cryptographic algorithms and mechanisms.

Internet

Internet Internet Engineering Hacking

Indicators of compromise (IOCs): how we collect and use them

SecureList

DECEMBER 2, 2022

Usually after the phrase there are MD5 hashes [1] , IP addresses and other technical data that should help information security specialists to counter a specific threat. We have been doing so since 2008, benefiting from Kaspersky’s decades of cyberthreat data management, and unrivaled technologies.

Cyber threats

Cyber threats DNS Technology Engineering

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Challenges Facing the Passwordless Future

eSecurity Planet

SEPTEMBER 25, 2022

On the other hand, while passkeys may do much to stop email phishing , as biometrics won’t be an easy target, cyber criminals can turn to other malware to remotely hack and unlock a phone. Biometrics is presented as the solution to this security issue. several federal and state laws regulate data security and biometrics.

Passwords

Passwords Password Management Authentication Technology

Is APT27 Abusing COVID-19 To Attack People ?!

Security Affairs

MARCH 19, 2020

Today, many reports are describing how infamous attackers are abusing such an emergency time to lure people by sending thematic email campaigns or by using thematic IM within Malware or Phishing links. Hackers taking advantage of COVID-19 to spread malware New COVID-19-themed malspam campaign delivers FormBook Malware.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Cyber Attacks

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

I’m talking about cybercrime unicorns, talking the fog of cyberwar among nation states, and about a new book that I think will be on the shelves of every information security professional later this summer. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general.

Cybercrime

Cybercrime Government Ransomware Hacking

Why Were the Russians So Set Against This Hacker Being Extradited?

Krebs on Security

NOVEMBER 18, 2019

Burkov calls himself a specialist in information security and denies having committed the crimes for which he’s been charged. Also, neither forum was accessible or even visible to anyone without a special encryption certificate supplied by forum administrators that allowed the sites to load properly in a Web browser.

Cybercrime

Cybercrime Government Hacking Banking

Cyber Security Informer

Who and What is Behind the Malware Proxy Service SocksEscort?

Avast released a free decryptor for the Windows version of the Akira ransomware

Webinars

Trending Sources

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Webinars

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Qbot uses a new email collector module in the latest campaign

Security Affairs newsletter Round 254

Hacking Nespresso machines to have unlimited funds to purchase coffee

New Turla ComRAT backdoor uses Gmail for Command and Control

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Indicators of compromise (IOCs): how we collect and use them

The Most Common Types of Malware in 2021

Growing Cyber Threats to the Energy and Industrial Sectors

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Challenges Facing the Passwordless Future

Is APT27 Abusing COVID-19 To Attack People ?!

The Hacker Mind Podcast: The Fog of Cyber War

Why Were the Russians So Set Against This Hacker Being Extradited?

Stay Connected