Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. AWMproxy, the storefront for renting access to infected PCs, circa 2011. Image: Google.com.

Passwords 242

Passwords Malware Internet Internet 242

The Hacker News

SEPTEMBER 29, 2021

Detected in the wild since 2011, FinFisher (aka FinSpy or Wingbird) is a spyware toolset for Windows, macOS, and Linux

Spyware 100

Spyware Firmware Malware 100

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 105

Malware Hacking Government Telecommunications 105

Malwarebytes

MARCH 15, 2022

Those certificates are now being used to sign malware. From there, any cybercriminal that wanted to could grab the certificates and use them to sign their malware. The two leaked Nvidia certificates have expired, being valid from 2011 to 2014 and 2015 to 2018. Mitigation. One of them just barely (by two days).

Malware 99

Malware System Administration Software Ransomware 99

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. Interestingly enough, the share of adware attacks increased in relation to mobile malware in general. They typically work with malware developers to achieve this.

Mobile 131

Mobile Malware Adware Banking 131

Security Affairs

SEPTEMBER 5, 2022

Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware. Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus software to identify the app based on the Chromium browser engine or the Electron JavaScript framework as malware.

Antivirus 93

Antivirus Ransomware Malware Software 93

eSecurity Planet

APRIL 23, 2021

To fill this gap and aid in the analysis, detection, and testing of malware, sandboxing is widely used to give organizations the setting, isolation, and security tools needed to preserve the integrity of the host network. Sandbox solutions today are compared today by their set of features to aid advanced malware analysis. Automation.

Malware 57

Malware Antivirus Software Cybersecurity 57

Security Affairs

APRIL 28, 2023

to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year. Google targeted the distributors of the malware who are paid to spread and deliver the malicious code and infect a larger number of systems as possible. ” reads the announcement published by Google.

Malware 92

Malware Cybercrime Cryptocurrency Media 92

Security Affairs

JULY 19, 2021

US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The fourth defendant, named Wu Shurong, was hired by Hainan Xiandun Technology Development to create malware, and hack into computer systems operated by foreign governments, companies and universities.

Hacking 113

Hacking Technology Government Malware 113

Security Affairs

JANUARY 12, 2022

The alert remarks that Russian nation-state actors have demonstrated sophisticated tradecraft and cyber capabilities by compromising third-party infrastructure, compromising third-party software, or developing custom malware. Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018.

Malware 117

Malware Cyber threats Cybersecurity Government 117

CyberSecurity Insiders

SEPTEMBER 21, 2022

Technically speaking, Juice Jacking is an exploited USB port that can pass on malware and sniff data from a victimized device. Threat actors often load malware or infect a connection cable and leave it at the charging station. USB Condom works by blocking connections to all the pins except the charging pin. History of Juice Jacking.

Cyber threats 98

Cyber threats Manufacturing Banking Mobile 98

Malwarebytes

APRIL 14, 2022

Zloader or Zbot are common names used to refer to any malware related to the ZeuS family. There are a lot of those because the ZeuS banking Trojan source code was leaked in 2011, and so there’s been plenty of time for several new variants to emerge. Legal action. We also saw this method recently used against the Strontium group.

Backups 125

Backups Telecommunications Banking Internet 125

Security Affairs

DECEMBER 7, 2021

The blockchain-enabled botnet has been active since at least 2011, researchers estimate that the Glupteba botnet is currently composed of more than 1 million Windows PCs around the world. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes.

Backups 110

Backups Advertising Accountability Malware 110

CyberSecurity Insiders

APRIL 22, 2021

It is learnt that the massive file encrypting malware campaign started on April 19th,2021 when victims took help of the technology forums to know more about the ransomware. The company became a member of Intel Intelligent Systems Alliance in 2011. 7z extension, but is also seen stealing data from the victim devices.

Ransomware 109

Ransomware Surveillance Backups Encryption 109

Security Affairs

AUGUST 10, 2018

Security researchers at Intezer and McAfee have conducted a joint investigation that allowed them to collect evidence that links malware families attributed to North Korean APT groups such as the notorious Lazarus Group and Group 123. Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.)

Malware 44

Malware Hacking Advertising Accountability 44

Security Affairs

APRIL 21, 2022

ALAC was developed in 2004 and Apple open-sourced it in 2011, since then many third-party vendors used it. “The impact of an RCE vulnerability can range from malware execution to an attacker gaining control over a user’s multimedia data, including streaming from a compromised machine’s camera.”

Hacking 122

Hacking Media Malware Cybersecurity 122

Security Affairs

MAY 29, 2022

The transnational cybercrime ring was engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, and computer malware. The Infraud Organization is responsible for the purchase and sale of over four million stolen credit and debit card numbers.

Cybercrime 128

Cybercrime Hacking Malware Cybersecurity 128

Security Affairs

JANUARY 28, 2023

One of the most recent attacks was reported by Computerland in Belgium against SMBs in the country, but according to the company they were targeted by a group of cybercriminals who appeared to be using a variant of the LockBit locker malware.

Penetration Testing 90

Penetration Testing Ransomware Firewall Social Engineering 90

Security Affairs

NOVEMBER 21, 2019

The new DePriMon downloader was used by the Lambert APT group, aka Longhorn, to deploy malware. According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since at least 2011. We believe DePriMon is the first example of malware using this technique ever publicly described.”

Malware 103

Malware Telecommunications Advertising Encryption 103

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. Experts found multiple variants in the wild, many of them belonging to the Terdot Zbot/Zloader malware family. The malware is able to infect all operating systems.

Banking 135

Banking Advertising Malware Cybercrime 135

Malwarebytes

APRIL 24, 2023

GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader with a chequered history, dating back to somewhere around 2011 in various forms. It may attempt to download data stealers, trojans, generic forms of malware…whatever is required.

Scams 77

Scams Malware Media Technology 77

Security Affairs

NOVEMBER 15, 2021

I launched Security Affairs for passion in 2011 and millions of readers walked with me. Ten years together! I’m very excited. Ten years ago I launched Security Affairs, the blog over the past decade obtained important successes in the cyber security community, but the greatest one is your immense affection.

Cybercrime 94

Cybercrime Hacking Cybersecurity Data breaches 94

Krebs on Security

JULY 20, 2021

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov , a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally.

Antivirus 297

Antivirus Cybercrime Identity Theft Scams 297

Krebs on Security

FEBRUARY 7, 2024

The forum’s member roster includes a Who’s Who of top Russian cybercriminals, and it featured sub-forums for a wide range of cybercrime specialities, including malware, spam, coding and identity theft. One representation of the leaked Mazafaka database. As well as the cost of my services.” ” WHO IS DJAMIX?

Cybercrime 252

Cybercrime Accountability Identity Theft Hacking 252

Security Affairs

DECEMBER 19, 2022

The blockchain-enabled botnet has been active since at least 2011, researchers estimated that the Glupteba botnet was composed of more than 1 million Windows PCs around the world as of December 2021. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes.

DNS 98

DNS Antivirus Cryptocurrency Software 98

Identity IQ

FEBRUARY 8, 2024

February 2011: Ross Ulbricht Creates the Silk Road Marketplace “I created Silk Road because I thought the idea for the website itself had value, and that bringing Silk Road into being was the right thing to do. The hidden service gained traction in 2011 and then hit the mainstream when a Gawker article about the site was published.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months. At the time of this writing, no ransomware group has claimed responsibility for the security breach.

Education 84

Education Data breaches Ransomware Hacking 84

Malwarebytes

APRIL 11, 2023

In a recent tweet , the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or computer.

Mobile 98

Mobile Banking Malware Spyware 98

Threatpost

FEBRUARY 27, 2019

Many machines, including almost all Apple laptops and desktops produced since 2011, are vulnerable to data exfiltration via weaponized peripherals.

Mobile 62

Mobile Malware 62

Security Affairs

FEBRUARY 3, 2022

The malware was also used by the attackers to browse the web, likely using it as a proxy to mask their IP address. “The xPack malware and its associated payload seems to be used for initial access; it appears that xPack was predominantly used to execute system commands, drop subsequent malware and tools, and stage data for exfiltration.

Manufacturing 88

Manufacturing Malware Data collection Encryption 88

Security Affairs

MARCH 25, 2022

. “According to the indictment, between May and September 2017, the defendant and co-conspirators hacked the systems of a foreign refinery and installed malware, which cyber security researchers have referred to as “Triton” or “Trisis,” on a safety system produced by Schneider Electric, a multinational corporation.

Government 93

Government Energy and Utilities Malware Hacking 93

Security Affairs

MAY 15, 2020

The Tropic Trooper APT that has been active at least since 2011, it was first spotted in 2015 by security experts at Trend Micro when it targeted government ministries and heavy industries in Taiwan and the military in the Philippines. ” reads the analysis published by Trend Micro. ” continues the report.

Government 105

Government Malware Advertising Architecture 105

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 87

Ransomware Firmware Advertising Insurance 87

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. 2011 said he was a system administrator and C++ coder. Dmitry Yuryevich Khoroshev. Image: treasury.gov. On May 7, the U.S.

Ransomware 231

Ransomware Cybercrime Accountability Malware 231

Security Affairs

OCTOBER 16, 2021

FinCEN analyzed a data set composed of 2,184 SARs filed between 1 January 2011 and 30 June 2021 and identified 177 CVC (convertible virtual currency) wallets addresses that were used in ransomware operations associated with the above ransomware variants.

Ransomware 107

Ransomware Cryptocurrency Hacking Cybercrime 107

Security Affairs

JUNE 8, 2019

This week, Chi-en (Ashley) Shen presented at the CONFidence cybersecurity conference held in Poland her analysis on new samples of malware associated with the ICEFOG group. ICEFOG-M is the latest variant, it is a fileless malware that supports the same features of the ICEFOG-P but leverages HTTPs for communications.

Malware 98

Malware Government Advertising Banking 98

Security Boulevard

NOVEMBER 2, 2022

Neal Award | Won SCMagazine Award | Took Down the Koobface Botnet | Presented at the GCHQ with the Honeynet Project | SCMagazine Who to Follow on Twitter for 2011 | Participated in a Top Secret GCHQ Program called "Lovely Horse" | Identified a major victim of the SolarWinds Attack - PaloAltoNetworks | Found malware (..)

Cybercrime 52

Cybercrime InfoSec Cyber threats Accountability 52