2012, Information Security, Malware and Passwords

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware

Malware Passwords Identity Theft Data collection

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware

Malware Passwords Encryption Advertising

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system.

Malware

Malware Phishing Government Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking

Banking Malware Advertising Passwords

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management

Password Management Cryptocurrency Passwords Authentication

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

Technical analysis of China-linked Earth Preta APT’s infection chain

Security Affairs

MARCH 27, 2023

Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda ) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system.

Malware

Malware Phishing Passwords Government

Cybercriminals are Oversharing with Social Media Data Breaches

SiteLock

AUGUST 27, 2021

In each of these cases, the cybercriminals behind the breaches were after usernames and passwords. The most commonly used passwords today are, “password” and “123456,” and it only takes a hacker.29 Each stolen record contained an email address and password. In 2012, LinkedIn was hit with a breach and more than 6.5

Data breaches

Data breaches Media Passwords Accountability

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. The fake browser window displays a URL and a login prompt designed to trick recipients into providing their password to a legitimate login page.

Phishing

Phishing Media Passwords Malware

Threat actors are offering for sale 550 million stolen user records

Security Affairs

MAY 15, 2020

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. cyber #cybersecurity @BleepinComputer #malware pic.twitter.com/CtnppIyhxn — Cyble (@AuCyble) May 14, 2020. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1

Data breaches

Data breaches Advertising Passwords Hacking

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Security Affairs

JUNE 21, 2020

The United States has deported the author of NeverQuest banking malware, the computer programmer Stanislav Vitaliyevich Lisov to Russia. . The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking

Banking Malware Advertising Hacking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

Legitimate software abused by threat actors are: • ARO 2012 Tutorial 8.0.12.0 • VirusScan On-Demand Scan Task Properties (McAfee, Inc.) • Sandboxie COM Services (BITS) 3.55.06 (SANDBOXIE L.T.D) • Outlook Item Finder 11.0.5510 (Microsoft Corporation) • Mobile Popup Application 16.00 (Quick Heal Technologies (P) Ltd.). .”

Backups

Backups Malware Mobile Passwords

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

The US authorities also accuse Assange of having conspired with Army intelligence analyst Chelsea Manning to crack a password hash for an Army computer to access classified documents that were later published on the WikiLeaks website.

Government

Government Risk Passwords Hacking

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. SMS Bomber allows a user to flood the victim’s phone number with a very long list of pre-baked HTTP requests asking for one-time codes, verification messages, password recoveries and the like.

Hacking

Hacking Wireless Encryption Passwords

NK-linked InkySquid APT leverages IE exploits in recent attacks

Security Affairs

AUGUST 18, 2021

APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. Harvest cookies and a password database for supported browsers. The watering hole attacks on the Daily NK was conducted from March 2021 until early June 2021. ” reads the post published by Volexity.

Internet

Internet Internet Media Engineering

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Security Affairs

JUNE 20, 2019

Researchers discovered that recently patched Firefox zero-day (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. The popular malware researcher Vitali Kremez published an interesting analysis of macOS and Windows malware delivered through the exploitation of the CVE-2019-11707 flaw.

Cryptocurrency

Cryptocurrency Malware Advertising Passwords

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. After that, the malware starts receiving commands. ” continues the analys i s.

Encryption

Encryption Passwords Malware Software

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system.

Firmware

Firmware Encryption Government Malware

US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks

Security Affairs

JUNE 24, 2019

US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing. Want to know more about password spraying and how to stop it? The attacks are targeting U.S. link] [link] — Chris Krebs (@CISAKrebs) June 22, 2019. .

Backups

Backups Advertising Passwords Accountability

U.S. CISA Agency warns of possible cyber attacks from Iran

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” The advisory urges administrators of the assets to implement basic defenses and immediately reports any information or suspects in ongoing attacks. Want to know more about password spraying and how to stop it?

Cyber Attacks

Cyber Attacks Backups Passwords Advertising

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. The only limitation on how to carry out a Zerologon attack is that the attacker must have access to the target network.

Authentication

Authentication Advertising Architecture Security Intelligence

The return of TA402 Molerats APT after a short pause

Security Affairs

JUNE 18, 2021

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, in 2018 monitoring the operation of the group, Kaspersky identified different techniques utilized by very similar attackers in the MENA region. Proofpoint researchers assess LastConn is very actively developed and maintained malware.

Government

Government Telecommunications Malware Passwords

Cyber Security Informer

Alleged FruitFly malware creator ruled incompetent to stand trial

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Webinars

Trending Sources

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Webinars

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

New Version of Meduza Stealer Released in Dark Web

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Technical analysis of China-linked Earth Preta APT’s infection chain

Cybercriminals are Oversharing with Social Media Data Breaches

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Threat actors are offering for sale 550 million stolen user records

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

British Court rejects the US’s request to extradite Julian Assange

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

NK-linked InkySquid APT leverages IE exploits in recent attacks

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

The Platinum APT group adds the Titanium backdoor to its arsenal

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks

U.S. CISA Agency warns of possible cyber attacks from Iran

Iran-linked APT is exploiting the Zerologon flaw in attacks

The return of TA402 Molerats APT after a short pause

Stay Connected