SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. Interestingly enough, the share of adware attacks increased in relation to mobile malware in general. They typically work with malware developers to achieve this.

Mobile 138

Mobile Malware Adware Banking 138

Schneier on Security

JULY 9, 2019

Their goal, the researchers believe, is to obtain and download rolling records on the target from the cell provider's database without having to deploy malware on each target's device. [.]. From there, the hackers continued to exploit each machine they found by stealing credentials to gain deeper access.

Hacking 250

Hacking Telecommunications Malware Passwords 250

Security Affairs

JANUARY 28, 2021

The APT group has been active since 2012, experts linked the group to the Hezbollah militant group. ClearSky experts linked the Lebanese Cedar group to intrusions at telco companies, internet service providers, hosting providers, and managed hosting and applications companies. CVE-2012-3152).

Internet 130

Internet Internet Hacking Malware 130

Security Affairs

MARCH 10, 2023

The NetWire Remote Access Trojan (RAT) is available for sale on cybercrime forums since 2012, it allows operators to steal sensitive data from the infected systems. DomainTools further shows this email address was used to register one other domain in 2012: wwlabshosting[.]com, ” reads the press release published DoJ.

Malware 79

Malware Cybercrime Data breaches Internet 79

Krebs on Security

DECEMBER 14, 2023

The malware used in the Target breach included the text string “ Rescator ,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. For starters, the text string “Rescator” was found in some of the malware used in the Target breach.

Cybercrime 233

Cybercrime Accountability Advertising Computers and Electronics 233

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers.

Ransomware 244

Ransomware Cybercrime Accountability Malware 244

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 75

Hacking Cybercrime Data breaches Advertising 75

Security Affairs

NOVEMBER 29, 2020

out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012. Tracked as CVE-2020-25159 , the flaw is rated 9.8 This would leave many running in the wild still today.”

Hacking 121

Hacking Firmware Internet Internet 121

Krebs on Security

JULY 9, 2019

” The DHCP weakness ( CVE-2019-0785 ) exists in most supported versions of Windows server, from Windows Server 2012 through Server 2019. It should be noted that 11 of the 15 critical flaws are present in or are a key component of the browsers built into Windows — namely, Edge and Internet Exploder Explorer.

Internet 181

Internet Internet Software Advertising 181

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 169

Mobile Technology Manufacturing Software 169

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. THE INTERNET NEVER FORGETS.

VPN 313

VPN Computers and Electronics Antivirus Software 313

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016. ” continues the report.

Accountability 109

Accountability Malware Cyber Attacks Media 109

SecureList

OCTOBER 12, 2021

Besides finding the zero-day in the wild, we analyzed the malware payload used along with the zero-day exploit, and found that variants of the malware were detected in widespread espionage campaigns against IT companies, military/defense contractors, and diplomatic entities. Microsoft Windows Server 2012. Microsoft Windows 7.

Malware 140

Malware Technology Engineering Advertising 140

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. PC malware The number of users affected by financial malware for PCs dropped by 11% from 2022. Ramnit and Zbot were the prevalent malware families, together targeting over 50% of affected users. Money is what always attracts cybercriminals.

Phishing 100

Phishing Banking Mobile Scams 100

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. And there were many good reasons to support this conclusion. w s, icamis[.]ru ru , and icamis[.]biz.

Cybercrime 215

Cybercrime Banking Computers and Electronics DDOS 215

Security Affairs

AUGUST 18, 2021

North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. ” reads the post published by Volexity.

Internet 109

Internet Internet Media Engineering 109

CyberSecurity Insiders

MARCH 24, 2021

Canada-based Internet of Things (IoT) maker Sierra Wireless has been hit by ransomware attack bringing certain production operations of the company to a halt. Note – The products that Sierra Wireless produces are used in various industries like automobile, transportation and energy and healthcare fields.

Wireless 66

Wireless IoT Ransomware Mobile 66

Malwarebytes

OCTOBER 26, 2022

Mark of the Web (MOTW)—the technology that ensures Windows pops a warning message when trying to open a file downloaded from the Internet—is back in the news, but unfortunately not in a good way. MOTW was originally an Internet Explorer security feature. So somewhere between 2012 and 2016 it broke.

Internet 84

Internet Internet Ransomware Malware 84

Security Affairs

MARCH 10, 2020

Necurs botnet is one of the largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – malware, Necurs botnet). million spam messages to more than 40.6

Advertising 70

Advertising Malware Cybercrime Government 70

Security Affairs

JANUARY 31, 2021

Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named “ clowwindy “, and multiple implementations of the protocol have been made available since.

Firewall 136

Firewall Surveillance Internet Internet 136

NopSec

APRIL 30, 2023

Kerberos authentication is only available if the vulnerable Exchange server has access to port eighty-eight (88) of the domain controller, which is only accessible on private networks (please please please don’t expose your DC to the Internet). The MSMQ service operates on TCP port 1801. Patch now before a proof-of-concept hits the public.

Authentication 52

Authentication Internet Internet Software 52

The Last Watchdog

JUNE 21, 2020

The above-mentioned AIDS Trojan hailing from the distant pre-Internet era was the progenitor of the trend, but its real-world impact was close to zero. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro. These included PClock, CryptoLocker 2.0,

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box Upon execution, the bot prints xXxSlicexXxxVEGA. to the console. If a botnet process already exists, the botnet client will and exit.

IoT 96

IoT DDOS Encryption Malware 96

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It describes malware being iterated by hackers who’ve clearly been doing this for a long while.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

Security Affairs

SEPTEMBER 8, 2019

Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals. SecurityAffairs – XakFor forum , malware). Pierluigi Paganini.

Advertising 79

Advertising Malware Cybercrime Hacking 79

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. This malware employed a custom EternalBlue SMBv1 exploit to infiltrate its victims’ systems.

Malware 114

Malware DNS Encryption Cryptocurrency 114

SecureWorld News

MARCH 24, 2022

Summary: Multiple Facebook databases were found to be unprotected by passwords or encryption, meaning anyone who searched the internet could find them. They then gained access to a customer service database and uploaded malware to capture sensitive information. LinkedIn data breach (2012). Damages: leaked account information.

Data breaches 116

Data breaches Passwords Accountability Government 116

eSecurity Planet

OCTOBER 8, 2021

CVE-2012-1723. “Thus, we recommend organizations adopt defense-in-depth strategies to detect and respond to these attacks via anti-malware, EDR and deception technologies ,” he said. . Patch Available from Vendor. Patch Available Since. Patchable From Qualys. CVE-2013-1493. March 2013. CVE-2013-0431. February 2013.

Risk 103

Risk Ransomware Backups Software 103

Security Affairs

MARCH 25, 2020

The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Telecommunications 117

Telecommunications Healthcare Education Advertising 117

SiteLock

AUGUST 27, 2021

Perhaps the single biggest and most dangerous change in threats came in the world of malware delivery. For years, hackers and malware authors had used the same ways to deliver and spread their malware. So hackers had to choose a new way to deliver and spread malware. Email and spam were by far the most popular.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

SiteLock

AUGUST 27, 2021

The only solution in the industry to offer file-based malware scanning and automatic core security patching for WordPress, Joomla! Securing the platforms that power so much of the internet is critical, and the open source community has long been in need of a powerful, time-saving solution. Introducing SMART PLUS !

Malware 52

Malware Small Business Risk Internet 52

Security Affairs

JUNE 13, 2022

Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. However, the group has been active at least since 2012.

Telecommunications 87

Telecommunications Government Internet Internet 87

Security Affairs

AUGUST 1, 2018

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. ” reads the analysis published by Citizen Lab. Country Nexus.

Surveillance 43

Surveillance Malware Spyware Mobile 43

Security Affairs

FEBRUARY 10, 2022

Technological advancements have come a long way – from when internet utility was very limited to when internet connection was achieved only through internet protocol (IP) version 4 (IPv4) addresses to this modern age where IPv6 is the next big thing. This helps to provide necessary security and anonymity for the internet user.

Internet 82

Internet Internet Data privacy Technology 82

SecureWorld News

DECEMBER 29, 2020

Summary: Multiple Facebook databases were found to be unprotected by passwords or encryption, meaning anyone who searched the internet could find them. They then gained access to a customer service database and uploaded malware to capture sensitive information. LinkedIn data breach (2012). Damages: Leaked account information.

Data breaches 97

Data breaches Passwords Accountability Government 97

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. This issue reminds us of the flaw exploited by the Stuxnet malware back in 2010.

Authentication 83

Authentication Advertising Internet Internet 83

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system.

Firmware 97

Firmware Encryption Government Malware 97