2014, Antivirus, DNS and Malware - Cyber Security Informer

2014

Antivirus

DNS

Malware

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware

Malware Antivirus Cybercrime Hacking

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks , in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware.

Passwords

Passwords DNS Malware Advertising

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

The return of the AdvisorsBot malware

Security Affairs

FEBRUARY 1, 2019

Security experts at Cybaze – Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Figure 3 – Piece of VBS script that starts malware infection. DLL Analysis.

Malware

Malware DNS Social Engineering Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

The group has been observed using new tactics, techniques, and procedures (TTPs), it is also using updated malware to evade detection. The malicious code is used by the hackers to deliver a Moner (XMR) crypto miner that is not detected by almost any antivirus solution. ” reads the analysis published by the security firm Anomaly.

Cybercrime

Cybercrime DNS Malware Advertising

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

Analyzing OilRigs malware that uses DNS Tunneling. Avast, Avira, Sophos and other antivirus solutions show problems after. Marcus Hutchins pleads guilty to two counts of banking malware creation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Spyware Data breaches Advertising

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

SEPTEMBER 8, 2018

Apple has removed one of the most popular anti-malware app called Adware Doctor:Anti Malware &Ad from the official macOS App Store. PoC: [link] #malware #virus #MacOS #Apple #MacBook #MacBookPro #CyberSecurity #privacy #GDPR #Hacking #hackers #cyberpunk #Alert. Antivirus”, and ‘Dr. Cleaner”).

Adware

Adware DNS Malware Advertising

FIN7 Hackers group is back with a new loader and a new RAT

Security Affairs

OCTOBER 12, 2019

The new loader is able to drop the malware directly in memory, it was dubbed BOOSTWRITE and allows threat actors to load several malicious codes, including the Carbanak backdoor. In March, the group carried out attacks delivering a previously unseen malware tracked as SQLRat that drops files and executes SQL scripts on the host.

Identity Theft

Identity Theft Hacking Advertising DNS

WinDealer dealing on the side

SecureList

JUNE 2, 2022

In their initial disclosures on this threat actor, TeamT5 identified three malware families: SpyDealer, Demsty and WinDealer. In 2020, we discovered a whole new distribution method for the WinDealer malware that leverages the automatic update mechanism of select legitimate applications. WinDealer is a modular malware platform.

Malware

Malware Encryption Social Engineering Telecommunications

LimeRAT spreads in the wild

Security Affairs

APRIL 9, 2019

Too many times turned into fully-featured malware implants by unethical hackers and cyber criminals. The installed payload actually is a Base64 encoded PE32 file, file-lessly stored within the registry hive to avoid antivirus detection. Figure 9: The persistence mechanisms of the malware. Technical Analysis. C2 retrieval.

Malware

Malware Advertising DNS Antivirus

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

The PyInstaller module for Windows contains a script named “Guard” Interestingly, this malware was developed for both Windows and macOS operating systems. The malware tries to spread to other hosts on the network by infecting USB drives. After this, they were tricked into downloading previously unknown malware.

Malware

Malware Banking Energy and Utilities Accountability

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

It involves DNS cache poisoning as it redirects users to a malicious site even if they enter the correct web address. This link is the landing page to a malware which allows the host to access the account details of the person lending on the site. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Accountability Authentication Passwords

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

Low AV detection of SFX malware. cmd” , which firstly checks for the presence of malware analysis tools. Fake document to divert attention on malware execution. Information about C2 and relative DNS. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Content of malicious e-mail.

Passwords

Passwords DNS Engineering Malware

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

Firefox finally addressed the Antivirus software TLS Errors. Cryptomining Campaign involves Golang malware to target Linux servers. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Bangladesh Cyber Heist 2.0:

Scams

Scams Spyware DNS Advertising

APT trends report Q1 2021

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware

Malware Spyware Government Social Engineering

The Hacker Mind Podcast: Scanning the Internet

ForAllSecure

NOVEMBER 2, 2021

Traditional anti-malware research relies on customer systems but what if a particular malware wasn’t on the same platform as your solution software? éveillé from ESET joins The Hacker Mind podcast to talk about the challenges of building his own internet scanner to scan for elusive malware. Marc-Etienne M.Léveillé

Internet

Internet Internet Malware Authentication

Why Malware Crypting Services Deserve More Scrutiny

Linksys force password reset to prevent Router hijacking

Webinars

Trending Sources

The return of the AdvisorsBot malware

Webinars

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs newsletter Round 210 – News of the week

Apple removed the popular app Adware Doctor because steals user browsing history

FIN7 Hackers group is back with a new loader and a new RAT

WinDealer dealing on the side

LimeRAT spreads in the wild

IT threat evolution Q3 2021

5 Common Phishing Attacks and How to Avoid Them?

A month later Gamaredon is still active in Eastern Europe

Security Affairs newsletter Round 221 – News of the week

APT trends report Q1 2021

The Hacker Mind Podcast: Scanning the Internet

Stay Connected