2014, Antivirus, Hacking and Passwords - Cyber Security Informer

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. The hacking campaigns were also detailed by researchers at Bitdefender in late March. Users will be prompted to reset the passwords the next time they log in. SecurityAffairs – Linksys, hacking).

Passwords

Passwords DNS Malware Advertising

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said.

Hacking

Hacking Cybercrime Ransomware Government

Astaroth Trojan relies on legitimate os and antivirus processes to steal data

Security Affairs

FEBRUARY 16, 2019

Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. According to the experts, LOLbins are very effecting in evading antivirus software.

Antivirus

Antivirus Passwords Malware Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. ” Meanwhile, the Jabber address masscrypt@exploit.im The WHOIS records for autodoska[.]biz

Malware

Malware Antivirus Cybercrime Hacking

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Antivirus

OilRig’s Jason email hacking tool leaked online

Security Affairs

JUNE 4, 2019

A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. The Lab Dookhtegan hackers used a Telegram channel to dump information about the OilRig infrastructure, revealing details about its hacking tools, members, and operations.

Hacking

Hacking Advertising Antivirus Passwords

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Cybercriminals are interested in hacking your IP address for various reasons. The hacked and stolen IPs are often used for carrying out illegal activities.

Hacking

Hacking VPN Internet Internet

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Security Affairs

JANUARY 2, 2020

Security expert discovered a Google Chrome extension named Shitcoin Wallet that steals passwords and wallet private keys. Harry Denley, director of security at the MyCrypto , discovered that the Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys. SecurityAffairs – Shitcoin Wallet , hacking).

Passwords

Passwords Cryptocurrency Advertising Antivirus

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

. “The new malware tricks victims into bypassing Apple’s built-in macOS security protections, and it uses sneaky tactics in an effort to evade antivirus detection.” “As of Friday, the new malware installer and its payload had a 0/60 detection rate among all antivirus engines on VirusTotal.” Pierluigi Paganini.

Engineering

Engineering Malware Adware Antivirus

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

NOVEMBER 11, 2019

The ZoneAlarm suite includes antivirus software and firewall solutions to and users and small organizations, it has nearly 100 million downloads. The company sent a data breach notification mail to forum users urging them to change their forum account passwords. You will be requested to reset your password once joining the forum.”

Hacking

Hacking Data breaches Passwords Advertising

VSDC video editing software website hacked again

Security Affairs

APRIL 11, 2019

Unfortunately this isn’t the first time that the VSDC site has been hacked. Users that had downloaded the software in the above between have to scan their system for malware using an up-to-date of the antivirus software. Users are also recommended to change their passwords for banking websites and other services.

Software

Software Hacking Banking Malware

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Emotet joined the password-protected attachment bandwagon with a campaign starting Friday. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, CISA).

Government

Government Banking Advertising Malware

Security Affairs newsletter Round 224 – News of the week

Security Affairs

JULY 28, 2019

Twitter account of Scotland Yard hacked and posted bizarre messages. WizzAir informed customers it forced a password reset on their accounts. BlackBerry Cylance addresses AI-based antivirus engine bypass. A new ProFTPD vulnerability exposes servers to hack. Comodo Antivirus is affected by several vulnerabilities.

Antivirus

Antivirus Spyware Advertising Hacking

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malware is able to steal sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) . Below the list of mitigations: Maintain up-to-date antivirus signatures and engines. Enforce a strong password policy.

Malware

Malware Passwords Advertising Antivirus

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus , Security Cloud, and Small Office Security products. As in: under some circumstances, antivirus would still crash. SecurityAffairs – Kaspersky, hacking).

Antivirus

Antivirus Advertising Password Management Passwords

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. If these services are required, use strong passwords or Active Directory authentication. SecurityAffairs – hacking, Taidoor).

Malware

Malware Government Passwords System Administration

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation. If these services are required, use strong passwords or Active Directory authentication. Enforce a strong password policy and implement regular password changes.

Malware

Malware Passwords Advertising Antivirus

A new variant of HawkEye stealer emerges in the threat landscape

Security Affairs

APRIL 17, 2019

The malicious code is under continuous enhancement, it is offered for sale on various hacking forums as a keylogger and stealer, it allows to monitor systems and exfiltrate information. The malware also steals passwords from several browsers, including FileZilla, Beyluxe Messenger, CoreFTP, and the video game Minecraft.

Antivirus

Antivirus Malware Advertising Passwords

15 SUREFIRE Tips To Protect Your Privacy Online

SecureBlitz

MAY 25, 2021

In 2014, over 5 million Google account passwords were leaked online after a successful data breach. I will show you tips to protect your privacy online as well as social networking platforms like Twitter, Facebook, etc. in this post. According to Statista, only 12% of US internet users were confident of their online privacy in.

Data breaches

Data breaches Passwords Internet Internet

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

“The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S. ” The report attributed the cyberespionage campaign to the China-linked APT10 (aka Menupass, and Stone Panda), the same group recently accused of hacking telco operators worldwide. SecurityAffairs – Cloud Hopper, hacking).

Identity Theft

Identity Theft Hacking System Administration Advertising

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Security Affairs

SEPTEMBER 14, 2019

InnfiRAT also grabs browser cookies to steal stored usernames and passwords, as well as session data.” The malware is also able to shut down traditional antivirus processes. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

Security Affairs newsletter Round 201 – News of the week

Security Affairs

FEBRUARY 17, 2019

Password Checkup Chrome extension warns users about compromised logins. 620 million accounts stolen from 16 hacked websites available for sale on the dark web. Astaroth Trojan relies on legitimate os and antivirus processes to steal data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Antivirus Malware Backups

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

In classic social engineering attack, the phishing message presents a “one time username and password” to the victims and urges the user to click the “Login Right Here” button. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Social Engineering Malware Advertising

Security Affairs newsletter Round 227

Security Affairs

AUGUST 18, 2019

Boffins hacked Siemens Simatic S7, most secure controllers in the industry. A flaw in Kaspersky Antivirus allowed tracking its users online. Mozilla addresses master password security bypass flaw in Firefox. Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager. Once again thank you!

Banking

Banking Password Management Advertising Antivirus

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. RCE flaw in Electronic Arts Origin client exposes gamers to hack. Broadcom WiFi Driver bugs expose devices to hack. Facebook admitted to have stored millions of Instagram users passwords in plaintext. Kindle Edition. Paper Copy. Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Spyware Data breaches Advertising

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

In many cases, some machines run without standard safeguards, like security updates and cloud-delivered antivirus protection.” “There is also the lack of credential hygiene, over-privileged accounts, predictable local administrator and RDP passwords, and unattended EDR alerts for suspicious activities.”

Ransomware

Ransomware Cybercrime Social Engineering Banking

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). It is better to use ICAP (Internet Content Adaptation Protocol) servers or excellent Antivirus systems to protect the data of your company.

Authentication

Authentication Firewall Encryption Passwords

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. More than 80% of all malicious files were disguised as .zip

Ransomware

Ransomware Antivirus Malware Banking

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

Security Affairs

MAY 27, 2019

Security researchers are monitoring a new hacking campaign aimed at Joomla and WordPress websites, attackers used.htaccess injector for malicious redirect. The features include the redirect functionality, content password protection or image hot link prevention. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Malware Antivirus Software

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

“ “The password database was leaked shortly before the attack. ” Once compromised the target network, attackers attempt to exfiltrate the company’s accounts and passwords database. .” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the alert.

Government

Government Ransomware Encryption Penetration Testing

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

The activity of the Zinc APT group, aka Lazarus, surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. SecurityAffairs – hacking, Zinc).

Malware

Malware Antivirus Hacking Accountability

Exaramel Malware Links Industroyer ICS malware and NotPetya wiper

Security Affairs

OCTOBER 11, 2018

In June 2017, researchers at antivirus firm ESET discovered a new strain of malware, dubbed Industroyer, that was designed to target power grids. “The CredRaptor custom password-stealer tool, exclusively used by this group since 2016, has been slightly improved. Security Affairs – instant messaging, hacking ).

Malware

Malware Passwords Advertising Antivirus

Experts discovered Calisto macOS Trojan, the first member of Proton RAT family

Security Affairs

JULY 21, 2018

But for two whole years, until May 2018, Calisto remained off the radar of antivirus solutions, with the first detections on VT appearing only recently.” A few weeks later the malware was involved in attacks in the wild for the first time, threat actors hacked the website of the HandBrake app and poisoned the official app with it.

Antivirus

Antivirus Advertising Malware Accountability

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. Soon enough, the threat actor started talking about hacking into IBM and Microsoft. Then, he carries out brute-force attacks on the victim’s server to guess the RDP password.

Antivirus

Antivirus Advertising Hacking Banking

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Security Affairs

AUGUST 24, 2020

For instance, to disable built-in antivirus software, the attackers used Defender Control and Your Uninstaller. As the attackers usually need several attempts to brute force passwords and gain access to the RDP, it is important to enable account lockout policies by limiting the number of failed login attempts per user.

Threat Detection

Threat Detection Ransomware Advertising Cybercrime

FBI shuts down malware on hundreds of Exchange servers, opens Pandora’s box

Malwarebytes

APRIL 14, 2021

They fell foul to password reuse. This means criminals figuring out the passwords to other criminals’ web shells could also potentially access the compromised servers. The FBI requested a rule change for expanded access powers back in 2014 , and it was granted in 2016. If folks aren’t careful, issues can arise.

Malware

Malware Hacking Phishing Passwords

Minding the Data Protection for Individuals

Spinone

JANUARY 27, 2015

All the news are full of caution not to be hacked, not to put easy passwords, and so on. In 2013, more than 20 breaches compromised nearly four million consumers’ information, while 2014 saw only 10 breaches and 72,000 records compromised. 5) of the holiday season.

Backups

Backups Cyber Attacks Passwords Antivirus

Common Techniques Hackers Use to Penetrate Systems and How to Protect Your Organization

ForAllSecure

APRIL 26, 2023

Criminal hacking has become a major threat to today’s organizations. Common Types of Cyber Attacks Common techniques that criminal hackers use to penetrate systems include social engineering, password attacks, malware, and exploitation of software vulnerabilities.

Social Engineering

Social Engineering Passwords Engineering Software

TA505 is expanding its operations

Security Affairs

MAY 29, 2019

The “-p” parameter, indeed, specify the password of the archive to be extracted. Analyzing it in depth, we discover it actually is the RMS (Remote Manipulator System) client by TektonIT , encrypted using the MPress PE compressor utility, a legitimate tool, to avoid antivirus detection. SecurityAffairs – TA505, hacking).

Retail

Retail Banking Advertising Encryption

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Security Affairs

APRIL 16, 2019

The Scranos rootkit malware was first discovered late last year when experts at Bitdefender were analyzing a new password- and data-stealing operation leveraging around a rootkit driver digitally signed with a stolen certificate. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware

Spyware Adware Malware Accountability

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

SEPTEMBER 8, 2018

PoC: [link] #malware #virus #MacOS #Apple #MacBook #MacBookPro #CyberSecurity #privacy #GDPR #Hacking #hackers #cyberpunk #Alert. The expert discovered also that the gathered info was first stored in a password protected zip file named “history.zip”, then it would be uploaded to a remote server. Cleaner”).

Adware

Adware DNS Malware Advertising

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

For example: if there are cookies or saved passwords from mysite.com, then download and run the file link[.]com/soft.exe. pwds : this section contains stolen passwords (not confirmed). ” Experts noticed that the infection process requests a significant users’ interaction to avoid antivirus. com/soft.exe. ransomware.

Spyware

Spyware Cryptocurrency Passwords Malware

Linksys force password reset to prevent Router hijacking

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Webinars

Trending Sources

Astaroth Trojan relies on legitimate os and antivirus processes to steal data

Webinars

Why Malware Crypting Services Deserve More Scrutiny

Ask Fitis, the Bear: Real Crooks Sign Their Malware

OilRig’s Jason email hacking tool leaked online

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

5 Ways to Protect Yourself from IP Address Hacking

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

New Shlayer Mac malware spreads via poisoned search engine results

ZoneAlarm forum site hack exposed data of thousands of users

VSDC video editing software website hacked again

15 billion credentials available in the cybercrime marketplaces

CISA alert warns of Emotet attacks on US govt entities

Security Affairs newsletter Round 224 – News of the week

CISA’s advisory warns of notable increase in LokiBot malware

Kaspersky addressed multiple issues in online protection solutions

US govt agencies share details of the China-linked espionage malware Taidoor

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

A new variant of HawkEye stealer emerges in the threat landscape

15 SUREFIRE Tips To Protect Your Privacy Online

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Security Affairs newsletter Round 201 – News of the week

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs newsletter Round 227

Security Affairs newsletter Round 210 – News of the week

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

API Security and Hackers: What?s the Need?

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

CERT France – Pysa ransomware is targeting local governments

Microsoft: North Korea-linked Zinc APT targets security experts

Exaramel Malware Links Industroyer ICS malware and NotPetya wiper

Experts discovered Calisto macOS Trojan, the first member of Proton RAT family

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Cybercriminal greeners from Iran attack companies worldwide for financial gain

FBI shuts down malware on hundreds of Exchange servers, opens Pandora’s box

Minding the Data Protection for Individuals

Common Techniques Hackers Use to Penetrate Systems and How to Protect Your Organization

TA505 is expanding its operations

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Apple removed the popular app Adware Doctor because steals user browsing history

A new sophisticated version of the AZORult Spyware appeared in the wild

Stay Connected