2012, Antivirus and Media - Cyber Security Informer

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Security Affairs

JULY 22, 2025

Violet Typhoon (aka APT31 , BRONZE VINEWOOD, JUDGMENT PANDA , Red keres, TA412 , ZIRCONIUM ) focuses on espionage against NGOs, media, and academia. Enable AMSI (Antimalware Scan Interface) in Full Mode and install Defender Antivirus on all SharePoint servers. Deploy Microsoft Defender for Endpoint to detect post-exploit activity.

Antivirus

Antivirus Authentication Internet Internet

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Zero Day

JULY 23, 2025

Active since 2012, Linen Typhoon specializes in stealing intellectual property, mainly targeting government, defense, strategic planning, and human rights organizations. Make sure that the Windows Antimalware Scan Interface (AMSI) is enabled and set up properly with an antivirus product such as Defender Antivirus.

Software

Software Artificial Intelligence Digital transformation Education

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. One of the men indicted as part of APT41 — now 35-year-old Tan DaiLin — was the subject of a 2012 KrebsOnSecurity story that sought to shed light on a Chinese antivirus product marketed as Anvisoft. Image: FBI.

Antivirus

Antivirus Hacking Government Software

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. The two media outlets attribute the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ). Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

Residential proxy services are often marketed to people seeking the ability to evade country-specific blocking by the major movie and media streaming providers. These two software are currently unknown to most if not all antivirus companies.” The Exe Clean service made malware look like goodware to antivirus products.

VPN

VPN Computers and Electronics Antivirus Software

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

A New Jersey grand jury indicted Kovalev in 2012 after an investigation by the U.S. The 2012 indictment against Kovalev relates to cybercrimes he allegedly perpetrated prior to the creation of Trickbot. A copy of the now-unsealed 2012 indictment of Kovalev is here (PDF). The prosecution of Kovalev is being handled by the U.S.

Hacking

Hacking Cybercrime Ransomware Government

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

Two Japanese media outlets attributed the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ). The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. reported the Nikkei.

Manufacturing

Manufacturing Data breaches Advertising Antivirus

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

SC Magazine

JANUARY 29, 2021

Lebanese Cedar exploited 1-day publicly known vulnerabilities such as C VE-2012-3152 to install the JSP in vulnerable servers. The Explosive malware appears to have gone through multiple versions, usually updated to avoid antivirus detection. The file was installed in vulnerable Atlassian Jira and Oracle 10g servers.

Antivirus

Antivirus Malware Cyber threats Media

Ransomware news headlines trending on Google

CyberSecurity Insiders

AUGUST 24, 2022

Interestingly, from the year 2012 to 2021, the loss is estimated to be $60 billion in cryptocurrency, and the past 16 months fetched a loss of $44 billion on a combined note…might be true! As BianLian follows the process of dividing the encrypted content in 10 bytes of data, it easily evaded detection by antivirus products.

Ransomware

Ransomware Encryption Digital transformation Social Engineering

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

Pin was active on Opensc around March 2012, and authored 13 posts that mostly concerned data encryption issues, or how to fix bugs in code. Cyber intelligence firm Intel 471 finds that pin@darktower.ru was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. In November 2016, an exploit[.]ru

Cybercrime

Cybercrime Ransomware Accountability Malware

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Formerly known as Accel Partners, the Palo Alto-based company is a top-tier VC firm investing in consumer and enterprise solutions for segments like SaaS , fintech, hardware, media, and IT services. Accel’s largest presence is in the Bay Area with sizable teams in London and Bangalore. a16z Investments. Bessemer Venture Partners.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

5 Critical Threat Actors You Need to Know About

Digital Shadows

OCTOBER 29, 2024

To complicate detection, they clear system logs, disable antivirus software using Windows Management Instrumentation (WMI), and shut down endpoint detection and response (EDR) systems with proprietary tools. APT41 APT41 (aka Wicked Panda, BARIUM, Wicked Spider) is a Chinese state-affiliated threat group active since 2012.

Ransomware

Ransomware Encryption Technology Cybercrime

How to Prevent Data Leaks

Spinone

NOVEMBER 30, 2018

The Hacker had discovered Zuckerberg’s password in a 2012 LinkedIn data breach and he had used the same password across several accounts. In June 2016, the Twitter and Pinterest accounts of Facebook CEO, Mark Zuckerberg, were vandalized. Data leak of sensitive information can be devastating for a business of any size.

Data breaches

Data breaches Passwords Backups Accountability

5 Critical Threat Actors You Need to Know About

Digital Shadows

OCTOBER 29, 2024

To complicate detection, they clear system logs, disable antivirus software using Windows Management Instrumentation (WMI), and shut down endpoint detection and response (EDR) systems with proprietary tools. APT41 APT41 (aka Wicked Panda, BARIUM, Wicked Spider) is a Chinese state-affiliated threat group active since 2012.

Ransomware

Ransomware Encryption Technology Cybercrime

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

FLASHBACK The new clues about Rescator’s identity came into focus when I revisited the reporting around an April 2013 story here that identified the author of the OSX Flashback Trojan , an early malware strain that quickly spread to more than 650,000 Mac computers worldwide in 2012.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

That meant I tested the release candidates -- not the final product you’d buy in the stores - for consumer-grade antivirus programs, desktop firewalls, and desktop Intrusion detection systems. Not only that, the named ones get the media visibility that is sometimes necessary to get a patch out quickly.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

That meant I tested the release candidates -- not the final product you’d buy in the stores - for consumer-grade antivirus programs, desktop firewalls, and desktop Intrusion detection systems. Not only that, the named ones get the media visibility that is sometimes necessary to get a patch out quickly.

Software

Software Passwords Internet Internet

Top 6 Rootkit Threats and How to Protect Yourself

eSecurity Planet

NOVEMBER 7, 2022

Any bugs or glitches in its programming leaves noticeable trails for antivirus software to track. In 2012, cybersecurity experts with Kaspersky Labs announced they had discovered another malicious rootkit used in the Middle East, called Flame. Kernel-mode rootkits generally require a high degree of technical competency to utilize.

Firmware

Firmware Malware Antivirus Firewall

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Security Affairs

MARCH 6, 2025

Talos researchers linked China-backed Lotus Blossom APT (also known as Elise and Esile) to multiple campaigns targeting organizations in sectors such as government, manufacturing, telecommunications and media with the Sagerunex backdoor. Additionally, the use of VMProtect obfuscates the malware code to evade antivirus detection.

Telecommunications

Telecommunications Manufacturing Malware Media

Cyber Security Informer

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Trending Sources

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

A Deep Dive Into the Residential Proxy Service ‘911’

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

Ransomware news headlines trending on Google

How Did Authorities Identify the Alleged Lockbit Boss?

Top VC Firms in Cybersecurity of 2022

5 Critical Threat Actors You Need to Know About

How to Prevent Data Leaks

5 Critical Threat Actors You Need to Know About

Ten Years Later, New Clues in the Target Breach

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

Top 6 Rootkit Threats and How to Protect Yourself

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Stay Connected