Krebs on Security

MAY 14, 2019

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003 , citing the discovery of a “wormable” flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017.

Malware 265

Malware Ransomware Authentication 265

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail 273

Retail Advertising Cryptocurrency Marketing 273

Schneier on Security

DECEMBER 17, 2018

A new variant of the Shamoon malware has destroyed signifigant amounts of data at a UAE "heavy engineering company" and the Italian oil and gas contractor Saipem. Shamoon is the Iranian malware that was targeted against the Saudi Arabian oil company, Saudi Aramco, in 2012 and 2016.

Engineering 213

Engineering Malware 213

The Hacker News

APRIL 2, 2024

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar.

Malware 144

Malware 144

Schneier on Security

JANUARY 22, 2018

From the Lookout announcement: Dark Caracal has operated a series of multi-platform campaigns starting from at least January 2012, according to our research. It primarily targets mobile devices compromised by fake secure messaging clients like Signal and WhatsApp. The campaigns span across 21+ countries and thousands of victims.

Malware 182

Malware Spyware Manufacturing Mobile 182

The Hacker News

FEBRUARY 17, 2024

to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. He was added to the FBI's most-wanted list in 2012. A Ukrainian national has pleaded guilty in the U.S.

Malware 138

Malware 138

Krebs on Security

FEBRUARY 11, 2020

A dozen of the vulnerabilities Microsoft patched today are rated “critical,” meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.

Backups 68

Backups Malware Internet Internet 68

Krebs on Security

FEBRUARY 4, 2020

Investigators say Bukoski’s booter service was among the longest running services targeted by the FBI, operating since at least 2012. The landing page for the Quantum Stresser attack-for-hire service.

Internet 345

Internet Internet Government Accountability 345

Krebs on Security

FEBRUARY 24, 2023

The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The website BHProxies[.]com

Accountability 305

Accountability Advertising Marketing Malware 305

CyberSecurity Insiders

JANUARY 5, 2022

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke.

Malware 131

Malware Spyware Antivirus Cyber threats 131

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 133

Banking Malware Advertising Passwords 133

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. SecurityAffairs – LimeRAT, malware).

Malware 132

Malware Passwords Encryption Advertising 132

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 278

Mobile Technology Manufacturing Malware 278

Schneier on Security

JULY 9, 2019

Their goal, the researchers believe, is to obtain and download rolling records on the target from the cell provider's database without having to deploy malware on each target's device. [.]. Before and since then, the hackers broke into one cell provider after the other to gain continued and persistent access to the networks.

Hacking 276

Hacking Telecommunications Malware Passwords 276

Schneier on Security

NOVEMBER 7, 2019

Fireeye reports on a Chinese-sponsored espionage effort to eavesdrop on text messages: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft.

Telecommunications 185

Telecommunications Encryption Malware 185

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA.

Marketing 307

Marketing Energy and Utilities Malware Ransomware 307

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. ” reported Akamai.

Malware 140

Malware DDOS Internet Internet 140

Security Affairs

APRIL 17, 2025

Mustang Panda has been active since at least 2012, targeting American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Upon opening the reports, the infection process starts leading to the deployment of malware on the victims system.

Encryption 116

Encryption Government Malware Hacking 116

Security Affairs

MARCH 10, 2025

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The issue resides in the Best-Fit feature of encoding conversion within the Windows operating system. reported Akamai.

DDOS 105

DDOS Security Intelligence Malware Hacking 105

CSO Magazine

APRIL 27, 2023

Chinese state-sponsored threat actor Alloy Taurus has introduced a new variant of PingPull malware , designed to target Linux systems, Palo Alto Networks said in its research. Alloy Taurus, a Chinese APT , has been active since 2012. Along with the new variant, another backdoor called Sword2033 was also identified by the researchers.

Malware 105

Malware Telecommunications Government 105

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families which is greater than 500 (41%).

Malware 131

Malware Cyber threats Advertising Telecommunications 131

Malwarebytes

JULY 28, 2021

All of a sudden we have infectious email attachments, and compromised third-party sites serving up malware. 2012 London. Articles warning of dangers mainly focused on search engine poisoning (still a threat back in 2012), fake sites, streaming , and once again Twitter makes an appearance as “one to watch.”

Scams 144

Scams Hacking Malware Mobile 144

SecureList

OCTOBER 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. The malware uses different strings to load libraries and functions required for execution. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. Get-WindowsFeature FS-SMB1).Installed

Malware 145

Malware Authentication Advertising Hacking 145

Malwarebytes

JANUARY 26, 2022

DazzleSpy, a piece of malware that attacks macOS, was discovered last fall by researchers at ESET, and now those researchers have released more detailed findings. The new malware got a foothold via CVE-2021-1789, exploited via a JavaScript file named mac.js These two pieces of malware are quite different.

Malware 101

Malware Government Antivirus Engineering 101

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. Interestingly enough, the share of adware attacks increased in relation to mobile malware in general. They typically work with malware developers to achieve this.

Mobile 145

Mobile Malware Adware Banking 145

SecureList

NOVEMBER 29, 2024

According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014. Kaspersky solutions worldwide detected this type of malware on 297,485 unique user devices. This malware also possessed the capability to install a backdoor on compromised systems.

Mobile 106

Mobile Adware Ransomware Malware 106

The Hacker News

MARCH 23, 2024

The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. According

Malware 140

Malware 140

Krebs on Security

JULY 9, 2019

” The DHCP weakness ( CVE-2019-0785 ) exists in most supported versions of Windows server, from Windows Server 2012 through Server 2019. The other — CVE-2019-0880 — is present in Windows 8.1 , Server 2012 and later operating systems.

Internet 234

Internet Internet Software Advertising 234

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking 249

Hacking Cybercrime Ransomware Government 249

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 132

Malware Cybercrime Banking Hacking 132

Security Affairs

NOVEMBER 24, 2020

Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. Operators behind the botnet powered a massive adware campaign active since 2012, crooks mainly targeted users in Russia, Ukraine, Belarus, and Kazakhstan searching for pirated software. .”

Adware 145

Adware Malware Hacking Software 145

Krebs on Security

JANUARY 13, 2021

Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users.

Backups 334

Backups Malware Marketing Software 334

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. center, linked to Konni malware used by APT37, and nidlogon[.]com, One of C2 domains, st0746[.]net,

Spyware 80

Spyware Surveillance Encryption Malware 80

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It describes malware being iterated by hackers who’ve clearly been doing this for a long while.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

SecureWorld News

JANUARY 23, 2021

Unfortunately, a number of the laptops sent out were discovered to have malware. English students' laptops infected with malware. They say the malware appears to have been contacting Russian servers and has been found in a handful of schools. Reports on the malware have indicated that the Windows laptops contained Gamarue.I,

Malware 93

Malware Education Spyware Government 93

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 118

Hacking Cybercrime Advertising Data breaches 118