Security Affairs

OCTOBER 3, 2019

“For three years, Unit 42 has tracked a set of cyber espionage attack campaigns across Asia, which used a mix of publicly available and custom malware. The China-linked APT group has been active for at least six years, it used both custom-made and publicly available malware. Hackers targeted primarily the Uyghurs minority.

Malware 109

Malware Advertising Cybersecurity Hacking 109

SiteLock

AUGUST 27, 2021

In its annual Data Breach Investigations Report , published at the beginning of 2013, Verizon revealed that businesses with fewer than 100 employees made up the single largest group of victims of data breaches. Perhaps the single biggest and most dangerous change in threats came in the world of malware delivery.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. banking Trojan and was used to spread Zeus-like banking trojan (i.e.

Malware 145

Malware Banking Software Cybercrime 145

Security Affairs

AUGUST 28, 2024

million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. million reward for information leading to the arrest of Volodymyr Kadariya (38), a Belarusian national allegedly involved in a significant malware organization. The US Department of State offers a $2.5

Malware 133

Malware Computers and Electronics Cybercrime Internet 133

Krebs on Security

OCTOBER 26, 2021

According to that source, the payment processor found that the PAX terminals were being used both as a malware “dropper” — a repository for malicious files — and as “command-and-control” locations for staging attacks and collecting information.

Technology 72

Technology Retail Computers and Electronics Malware 72

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. ” read the advisory published by CERT-UA. . ” read the advisory published by CERT-UA.

Malware 141

Malware Banking Accountability Phishing 141

Krebs on Security

JUNE 22, 2022

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Advertising 318

Advertising Cybercrime System Administration Hacking 318

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. Now some statistic facts about malware. billion malware attacks.

Firewall 132

Firewall Malware IoT Software 132

CyberSecurity Insiders

JANUARY 5, 2022

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke.

Malware 131

Malware Spyware Antivirus Cyber threats 131

Security Affairs

FEBRUARY 12, 2025

Kimsukycyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researchers in 2013. Recently, researchers from AhnLab Security Intelligence Center (ASEC) observed North Koreas Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Phishing 92

Phishing Malware Security Intelligence Hacking 92

CyberSecurity Insiders

JULY 27, 2022

A novel malware named CosmicStrand is said to be targeting the old motherboards offered by Asus and Gigabyte and the crux is that it can survive operating system re-installs and it survives in Unified Extensible Firmware Interface (UEFIs) unlike just the storage drive.

Malware 129

Malware Firmware Antivirus Marketing 129

Security Affairs

JANUARY 21, 2025

Researchers found over 100 servers distributing Mirai malware and communicating with compromised IPs, indicating the campaign is ongoing. “Mirai malware, here dubbed as Murdoc Botnet, is a prominent malware family for *nix systems. Most of the infected systems are in Malaysia, Thailand, Mexico, and Indonesia.

IoT 85

IoT Malware Hacking Cybercrime 85

Malwarebytes

MARCH 5, 2022

The Formbook malware is an information stealer that is in use by many threat actors. The embedded object downloaded a remote template that exploits CVE-2017-11882 to download and execute the FormBook malware. The post Beware of malware offering “Warm greetings from Saudi Aramco” appeared first on Malwarebytes Labs.

Malware 141

Malware Manufacturing Marketing 141

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 136

Malware Advertising Spyware Government 136

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

APRIL 21, 2025

. “The threat actor also used other means to distribute the malware, such as attaching the same file to emails and exploiting the Microsoft Office Equation Editor vulnerability (CVE-2017-11882) [1].” When opened, they execute PowerShell or Mshta to download malware like PebbleDash and RDP Wrapper, to control the infected systems.

Phishing 81

Phishing Malware Security Intelligence Hacking 81

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. “We have seen this module implemented in two different languages: C# and VBScript” The arsenal of the group includes also multiple malware, most of them downloaders and backdoors. Pierluigi Paganini.

Malware 143

Malware Phishing Advertising Government 143

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. ” reads the analysis published by Kaspersky.

Malware 109

Malware Banking Advertising Encryption 109

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 319

DNS Penetration Testing Malware Hacking 319

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. jyhxz.net 2013-07-02 — longmen[.]com com 2013-10-09 ALIBABA CLOUD COMPUTING (BEIJING) CO.,

Mobile 278

Mobile Technology Manufacturing Malware 278

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 283

Advertising Software Computers and Electronics Internet 283

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware 75

Malware Phishing Security Intelligence Hacking 75

The Hacker News

MARCH 1, 2022

A previously undocumented espionage tool has been deployed against selected governments and other critical infrastructure targets as part of a long-running espionage campaign orchestrated by China-linked threat actors since at least 2013.

Government 99

Government Malware Technology 99

Security Affairs

OCTOBER 24, 2020

US Treasury Department announced sanctions against Russia’s Central Scientific Research Institute of Chemistry and Mechanics behind Triton malware. The US Treasury Department announced sanctions against a Russian research institute for its alleged role in the development of the Triton malware. ” continues the press release.

Malware 140

Malware Government Hacking Cyber Attacks 140

Hacker Combat

AUGUST 6, 2021

The disclosure cantered on the Mail-O malware when the attackers attempted to access Russian federal officials’ emails. Then, SentinelOne thought it was related to a malware variant called manager or PhantomNet created by TA428. Group-IB performed an in-depth analysis of the malware families used by the attackers.

Government 111

Government Malware Energy and Utilities Cyber Attacks 111

Krebs on Security

DECEMBER 8, 2020

Nine of the 58 security vulnerabilities addressed this month earned Microsoft’s most-dire “critical” label, meaning they can be abused by malware or miscreants to seize remote control over PCs without any help from users.

DNS 344

DNS Backups Malware Software 344

Krebs on Security

SEPTEMBER 27, 2023

The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord. the now-defunct pittsburghcitygirls[.]com).

Ransomware 324

Ransomware Internet Internet Phishing 324

Malwarebytes

APRIL 27, 2021

In the latest example of a supply chain attack, cybercriminals delivered malware to customers of the business password manager Passwordstate by breaching its developer’s networks and then deploying a fraudulent update last week, said Passwordstate’s maker, Click Studios. That attack, which resulted in an $18.5

Password Management 121

Password Management Passwords Malware Retail 121

Krebs on Security

APRIL 13, 2021

Nineteen of the vulnerabilities fixed this month earned Microsoft’s most-dire “Critical” label, meaning they could be used by malware or malcontents to seize remote control over vulnerable Windows systems without any help from users. Interestingly, all four were reported by the U.S. .

Authentication 321

Authentication Backups Malware Engineering 321

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. Threat actors have been using Attor since 2013, the malicious code remained under the radar until last year.

Malware 104

Malware Encryption Advertising Mobile 104

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 254

Advertising Antivirus Software Malware 254

Security Affairs

FEBRUARY 10, 2025

Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. ” reads the analysis published by Intezer.

Manufacturing 113

Manufacturing Cybercrime Passwords Authentication 113

Krebs on Security

JANUARY 8, 2024

From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a In December 2023, KrebsOnSecurity published new details about the identity of “Rescator,” a Russian cybercriminal who is thought to be closely connected to the 2013 data breach at Target.

Cybercrime 281

Cybercrime Banking Computers and Electronics DDOS 281

Krebs on Security

MARCH 15, 2023

The Outlook vulnerability ( CVE-2023-23397 ) affects all versions of Microsoft Outlook from 2013 to the newest. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction.

Passwords 282

Passwords Cyber threats Authentication Internet 282

Troy Hunt

MAY 29, 2024

Since 2013 when I kicked off HIBP as a pet project , it has become an increasingly important part of the security posture of individuals, organisations, governments and law enforcement agencies. We have NTLM hashes as well because many orgs use them to check passwords in their own Active Directory instances.

Passwords 360

Passwords Password Management Data breaches Cybercrime 360

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. If the recipient then opens this file, the ANONVNC malware, tracked as MESHAGENT, is executed. msi”), which, when opened, triggers the ANONVNC (MESHAGENT) malware.

Government 140

Government Phishing Malware Banking 140

Krebs on Security

FEBRUARY 8, 2022

But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents. Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user.

Authentication 248

Authentication Internet Internet System Administration 248