2008, Information Security, Internet and Malware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies. SocksEscort[.]com

Malware

Malware VPN Internet Internet

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Security Affairs

JUNE 3, 2022

An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware called WinDealer via man-on-the-side attacks. The activity of the group was first documented by TeamT5 researchers that also reported the use of three malware families: SpyDealer, Demsty and WinDealer. ” concludes Kaspersky.

Malware

Malware Telecommunications Internet Internet

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. This means that the threat actor was able to avoid detection for more than 15 years.

Malware

Malware Spyware Encryption Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft warns for the second time of applying BlueKeep patch

Security Affairs

MAY 31, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003.

Internet

Internet Internet Malware Advertising

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Over the last months, many security experts have developed their own exploit code for this issue without publicly disclosing it for obvious reasons. ” concludes the expert. ” concludes the expert.

Cyber Attacks

Cyber Attacks Penetration Testing Cryptocurrency Hacking

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3

Internet

Internet Internet Engineering Hacking

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

The VPN provider’s service, which aimed to offer shielded communications and internet access, were being used in support of serious criminal acts such as ransomware deployment and other cybercrime activities.” VPNLab was launched in 2008 and was offering online anonymity to criminal organizations.

VPN

VPN Cybercrime Ransomware Advertising

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

Security Affairs

MAY 15, 2019

The vulnerability tracked as CVE-2019-0863 could be exploited by an attacker with low-privileged access to the targeted system to deliver a malware. As explained by Microsoft, this vulnerability could be exploited by malware with wormable capabilities. ” It is important to highlight that the RDP itself is not vulnerable.

Malware

Malware Authentication Advertising Accountability

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware

Spyware Malware Advertising Authentication

Security Affairs newsletter Round 254

Security Affairs

MARCH 8, 2020

Venezuela – Power outage knocked out part of the internet connectivity. CIA Hacking unit APT-C-39 hit China since 2008. Malware campaign employs fake security certificate updates. Karkoff 2020: a new APT34 espionage operation involves Lebanon Government. Nemty ransomware LOVE_YOU malspam campaign.

Data breaches

Data breaches Mobile Advertising Ransomware

Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018

Security Affairs

AUGUST 19, 2020

Microsoft’s August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days that have been exploited in attacks in the wild. The two issues are a Windows spoofing bug and a remote code execution flaw in Internet Explorer. The flaw is related to Windows incorrectly validating file signatures. “In

Advertising

Advertising Malware Internet Internet

Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days

Security Affairs

AUGUST 12, 2020

The two issues are a Windows spoofing bug and a remote code execution flaw in Internet Explorer. The Windows spoofing flaw, tracked as CVE-2020-1464 can be exploited by an attacker to bypass security features and load improperly signed files. ” The RCE vulnerability was discovered by security researchers at Kaspersky.

Internet

Internet Internet Engineering Advertising

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. Windows XP, Windows Server 2003, and Windows Server 2008 are not affected.

Authentication

Authentication Advertising Internet Internet

Security Affairs newsletter Round 233

Security Affairs

SEPTEMBER 29, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. 0patch will provide micropatches for Windows 7 and Server 2008 after EoS. North Korea-linked malware ATMDtrack infected ATMs in India. Once again thank you!

Data breaches

Data breaches Advertising Malware VPN

Indicators of compromise (IOCs): how we collect and use them

SecureList

DECEMBER 2, 2022

Usually after the phrase there are MD5 hashes [1] , IP addresses and other technical data that should help information security specialists to counter a specific threat. We have been doing so since 2008, benefiting from Kaspersky’s decades of cyberthreat data management, and unrivaled technologies.

Cyber threats

Cyber threats DNS Technology Engineering

Smominru Botnet continues to rapidly spread worldwide

Security Affairs

SEPTEMBER 19, 2019

Most of the infected systems are Windows 7 and Windows Server 2008, representing 85 percent of all infections, in China, Taiwan, Russia, Brazil and the US. Countries with several thousands of infected machines include China, Taiwan, Russia, Brazil and the US.” ” reads the report published by the experts.

Cryptocurrency

Cryptocurrency Advertising Healthcare Engineering

Internet scans found nearly one million systems vulnerable to BlueKeep

Security Affairs

MAY 28, 2019

GreyNoise is observing sweeping tests for systems vulnerable to the RDP "BlueKeep" (CVE-2019-0708) vulnerability from several dozen hosts around the Internet. BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Graham added. . Pierluigi Paganini.

Internet

Internet Internet Advertising Malware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Challenges Facing the Passwordless Future

eSecurity Planet

SEPTEMBER 25, 2022

On the other hand, while passkeys may do much to stop email phishing , as biometrics won’t be an easy target, cyber criminals can turn to other malware to remotely hack and unlock a phone. Biometrics is presented as the solution to this security issue. several federal and state laws regulate data security and biometrics.

Passwords

Passwords Password Management Authentication Technology

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

I’m talking about cybercrime unicorns, talking the fog of cyberwar among nation states, and about a new book that I think will be on the shelves of every information security professional later this summer. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general.

Cybercrime

Cybercrime Government Ransomware Hacking

Cyber Security Informer

Who and What is Behind the Malware Proxy Service SocksEscort?

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Webinars

Trending Sources

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Webinars

Microsoft warns for the second time of applying BlueKeep patch

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

NSA urges Windows Users and admins to Patch BlueKeep flaw

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs newsletter Round 254

Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018

Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs newsletter Round 233

Indicators of compromise (IOCs): how we collect and use them

Smominru Botnet continues to rapidly spread worldwide

Internet scans found nearly one million systems vulnerable to BlueKeep

The Most Common Types of Malware in 2021

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Challenges Facing the Passwordless Future

The Hacker Mind Podcast: The Fog of Cyber War

Stay Connected