2014, Antivirus, DNS and Hacking - Cyber Security Informer

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. The registration records for the website Cryptor[.]biz ” Crypt[.]guru’s

Malware

Malware Antivirus Cybercrime Hacking

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Antivirus DNS Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

The malicious code is used by the hackers to deliver a Moner (XMR) crypto miner that is not detected by almost any antivirus solution. “the actor moved away from hosting the scripts on dedicated servers and instead started to use Domain Name System (DNS) text records. . Pierluigi Paganini.

Cybercrime

Cybercrime DNS Malware Advertising

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. RCE flaw in Electronic Arts Origin client exposes gamers to hack. Analyzing OilRigs malware that uses DNS Tunneling. Broadcom WiFi Driver bugs expose devices to hack. Avast, Avira, Sophos and other antivirus solutions show problems after.

Computers and Electronics

Computers and Electronics Spyware Data breaches Advertising

FIN7 Hackers group is back with a new loader and a new RAT

Security Affairs

OCTOBER 12, 2019

FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. The messages sent to the victims were also dropping the backdoor DNSbot that primarily operates over DNS traffic. SecurityAffairs – FIN7, hacking).

Identity Theft

Identity Theft Hacking Advertising DNS

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

SEPTEMBER 8, 2018

PoC: [link] #malware #virus #MacOS #Apple #MacBook #MacBookPro #CyberSecurity #privacy #GDPR #Hacking #hackers #cyberpunk #Alert. Antivirus”, and ‘Dr. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Top Sold MacOS AppStore application is ROGUE. Adware Doctor is stealing your privacy.

Adware

Adware DNS Malware Advertising

The return of the AdvisorsBot malware

Security Affairs

FEBRUARY 1, 2019

It retrieves: System Info; Computer IP address; Network status; List of running processes; Available privileges; Usernames; Domain Admins; File on desktop machine; AntiVirus product on computer. Last DNS activity was in December 2018. Figure 14 – previous DNS of C2. Figure 7 – System information stealed by malware.

Malware

Malware DNS Social Engineering Advertising

LimeRAT spreads in the wild

Security Affairs

APRIL 9, 2019

The installed payload actually is a Base64 encoded PE32 file, file-lessly stored within the registry hive to avoid antivirus detection. Also, the attacker behind this sample leans on the Dynamic DNS service “warzonedns.com”, pointing to the 213.183.58[.10 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising DNS Antivirus

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

It involves DNS cache poisoning as it redirects users to a malicious site even if they enter the correct web address. Another successful strategy for preventing phishing is to secure your device using anti-malware, antivirus, VPN and other security softwares. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Accountability Authentication Passwords

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

That meant I tested the release candidates -- not the final product you’d buy in the stores - for consumer-grade antivirus programs, desktop firewalls, and desktop Intrusion detection systems. It’s about challenging our expectations about people who hack for a living. Our story now skips ahead twenty years to 2014.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

That meant I tested the release candidates -- not the final product you’d buy in the stores - for consumer-grade antivirus programs, desktop firewalls, and desktop Intrusion detection systems. It’s about challenging our expectations about people who hack for a living. Our story now skips ahead twenty years to 2014.

Software

Software Passwords Internet Internet

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

Moreover, querying the services behind the latest associated DNS record the host responds with “403 Forbidden” message too, indicating the infrastructure may still be operative. Information about C2 and relative DNS. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Passwords

Passwords DNS Engineering Malware

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

Vulnerability in Medtronic insulin pumps allow hacking devices. Firefox finally addressed the Antivirus software TLS Errors. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Is Your Browser Secure? Pierluigi Paganini.

Scams

Scams Spyware DNS Advertising

APT trends report Q1 2021

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware

Malware Spyware Government Social Engineering

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

It's about challenging our expectations about the people who hack for a living. But to find that information back in 2014, he had to scan the Internet, the entire internet and that was a very noisy process. He works for an antivirus company and he's been scanning for malware families on the internet. At this year's sector.

Internet

Internet Internet Malware Authentication

Cyber Security Informer

Why Malware Crypting Services Deserve More Scrutiny

Linksys force password reset to prevent Router hijacking

Webinars

Trending Sources

Some Fortinet products used hardcoded keys and weak encryption for communications

Webinars

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs newsletter Round 210 – News of the week

FIN7 Hackers group is back with a new loader and a new RAT

Apple removed the popular app Adware Doctor because steals user browsing history

The return of the AdvisorsBot malware

LimeRAT spreads in the wild

5 Common Phishing Attacks and How to Avoid Them?

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

A month later Gamaredon is still active in Eastern Europe

Security Affairs newsletter Round 221 – News of the week

APT trends report Q1 2021

The Hacker Mind Podcast: Scanning the Internet

Stay Connected