2014, Antivirus, Information Security and Passwords

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Security Affairs

JANUARY 2, 2020

Security expert discovered a Google Chrome extension named Shitcoin Wallet that steals passwords and wallet private keys. Harry Denley, director of security at the MyCrypto , discovered that the Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys. Pierluigi Paganini.

Passwords

Passwords Cryptocurrency Advertising Antivirus

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. .

Government

Government Banking Advertising Malware

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. ” reads the post.

Antivirus

Antivirus Advertising Password Management Passwords

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. If these services are required, use strong passwords or Active Directory authentication. Keep operating system patches up-to-date.

Malware

Malware Government Passwords System Administration

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

CISA reports provide the following recommendations to users and administrators to strengthen the security posture of their organization’s systems: • Maintain up-to-date antivirus signatures and engines. If these services are required, use strong passwords or Active Directory authentication. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malware is able to steal sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) . Below the list of mitigations: Maintain up-to-date antivirus signatures and engines. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. More than 80% of all malicious files were disguised as .zip

Ransomware

Ransomware Antivirus Malware Banking

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

“ “The password database was leaked shortly before the attack. ” Once compromised the target network, attackers attempt to exfiltrate the company’s accounts and passwords database. .” “On one of the compromised information systems, experts found encrypted files with the extension “ newversion.”

Government

Government Ransomware Encryption Penetration Testing

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

It is essential to install firewall and antivirus software on your routers and keep them up-to-date. Security software not only secure your IP address from theft but it also warns you about any phishing and spying activities on your device. This way you stay informed and safe from any suspicious activities on your connection.

Hacking

Hacking VPN Internet Internet

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

Security Affairs

SEPTEMBER 14, 2019

. “Among other things, InnfiRAT is written to look for cryptocurrency wallet information, such as Bitcoin and Litecoin. InnfiRAT also grabs browser cookies to steal stored usernames and passwords, as well as session data.” The malware is also able to shut down traditional antivirus processes. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising Antivirus

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

NOVEMBER 11, 2019

ZonaAlarm , the popular security software firm owned by Check Point Technologies, has suffered a data breach. According to the post published by The Hacker News, the security breach exposed the data of ZonaAlarm discussion forum users. You will be requested to reset your password once joining the forum.”

Hacking

Hacking Data breaches Passwords Advertising

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

In classic social engineering attack, the phishing message presents a “one time username and password” to the victims and urges the user to click the “Login Right Here” button. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Social Engineering Malware Advertising

Security Affairs newsletter Round 227

Security Affairs

AUGUST 18, 2019

Security Patch Day for August includes the most critical Note released by SAP in 2019. A flaw in Kaspersky Antivirus allowed tracking its users online. Mozilla addresses master password security bypass flaw in Firefox. Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager.

Banking

Banking Password Management Advertising Antivirus

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). Call Security Experts. For API security, it’s okay to be paranoid and show very little information, particularly in error messages.

Authentication

Authentication Firewall Encryption Passwords

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

Security Affairs

MAY 27, 2019

The features include the redirect functionality, content password protection or image hot link prevention. A warning message from endpoint antivirus software when users try to visit malicious site redirected by Joomla and WordPress sites. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Malware Antivirus Software

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

APT10 hackers also targeted the customers of the IT companies stealing plans, blueprints, personal information, and other data. “APT10 often attacked a service provider’s system by “spear-phishing” – sending company employees emails designed to trick them into revealing their passwords or installing malware. Pierluigi Paganini.

Identity Theft

Identity Theft Hacking System Administration Advertising

Common Techniques Hackers Use to Penetrate Systems and How to Protect Your Organization

ForAllSecure

APRIL 26, 2023

Common Types of Cyber Attacks Common techniques that criminal hackers use to penetrate systems include social engineering, password attacks, malware, and exploitation of software vulnerabilities. Password Attacks Password attacks involve guessing or cracking passwords to gain access to systems.

Social Engineering

Social Engineering Passwords Engineering Software

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

According to Microsoft, the ‘ZINC’ APT group has been targeting security researchers, pen testers, employees at security firms for the past months. The activity of the Zinc APT group, aka Lazarus, surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Antivirus Hacking Accountability

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. According to media reports, Fxmsp had managed to compromise networks belonging to three antivirus software vendors. mln appeared first on Security Affairs. The big fish.

Antivirus

Antivirus Advertising Hacking Banking

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Security Affairs

AUGUST 24, 2020

For instance, to disable built-in antivirus software, the attackers used Defender Control and Your Uninstaller. As the attackers usually need several attempts to brute force passwords and gain access to the RDP, it is important to enable account lockout policies by limiting the number of failed login attempts per user.

Threat Detection

Threat Detection Ransomware Advertising Cybercrime

Astaroth Trojan leverages Facebook and YouTube to avoid detection

Security Affairs

SEPTEMBER 15, 2019

According to the experts, LOLbins are very effecting in evading antivirus software. . “This campaign also utilized Cloudflare workers (JavaScript execution environment) to download modules and payloads, negating network security measures. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Malware Encryption Network Security

TA505 is expanding its operations

Security Affairs

MAY 29, 2019

The “-p” parameter, indeed, specify the password of the archive to be extracted. Analyzing it in depth, we discover it actually is the RMS (Remote Manipulator System) client by TektonIT , encrypted using the MPress PE compressor utility, a legitimate tool, to avoid antivirus detection. Comparison between infection chains. Conclusion.

Retail

Retail Banking Advertising Encryption

A new trojan Lampion targets Portugal

Security Affairs

DECEMBER 29, 2019

This is a clear signal that most of the antivirus engines don’t detect yet the malware signature. The file is extremely large (32 MB), with a lot of junk allowing, thus, to evade antivirus engines as a result. But the file is protected with a password. Only the 2nd stage (Lampion) has that password inside. Figure 27 : 0.zip

Malware

Malware Internet Internet Antivirus

The stealthy email stealer in the TA505 hacker group’s arsenal

Security Affairs

MAY 16, 2019

In fact, many independent researchers pointed to a particular email attack wave probably related to the known TA505 hacking group , active since 2014 and focusing on Retail and Banking companies. Figure 3: Malware Signature by SLON LTD.

Banking

Banking Malware Surveillance Retail

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Turchin obtained credentials to target networks by launching spear-phishing attacks and brute-forcing the passwords of remote desktop servers exposed online. Once the hacker gained access to the network, the deployed password-stealing malware and remote access trojans (RATs) to harvest credentials and establish persistence in the system.

Hacking

Hacking Antivirus Advertising Cybercrime

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs

SEPTEMBER 7, 2020

Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. The Epic Manchego threat actors stored their malicious code in a custom VBA code format, which was also password-protected to prevent researchers from analyzing it. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime

Cybercrime Phishing Advertising Antivirus

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

People fell prey for these manipulative emails and provide confidential details like passwords and bank information in their negligence. This information is then used for unauthorized and illegal activities, which could have a devastating impact on individuals and organizations. Protect Your Device and Connection.

Phishing

Phishing Accountability Authentication Passwords

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

To trick antivirus software, threat actors include the passwords for accessing the content in the email subject line, in the archive name, or in subsequent correspondence with the victim. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Group-IB is a member of the World Economic Forum. .

Phishing

Phishing Malware Spyware DDOS

A month later Gamaredon is still active in Eastern Europe

Security Affairs

JUNE 4, 2019

The infection chain is composed by different stages of password protected SFX (self extracting archive), each containing vbs or batch scripts. Execution of “ winupd.exe ” (SFX) and relative password (uyjqystgblfhs). cmd” that renames the “win.jpg” into “win.exe” , another password protected SFX. Technical Analysis.

Passwords

Passwords DNS Engineering Malware

Microsoft warns of growing DoppelPaymer Ransomware threat

Security Affairs

NOVEMBER 21, 2019

Microsoft has shared more information on ransomware and how to stay safe online here , it urges organizations to: • Keep your Windows Operating System and antivirus up-to-date. Use a safe and password-protected internet connection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Social Engineering Malware Advertising

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

Security Affairs

JULY 10, 2019

Many modern devices, apps, and web browsers offer parental controls that restrict access to certain content for their kids but did you know that many antivirus software titles already include parental controls? Don’t share passwords. In 2014, Snapchat was in the spotlight after a third-party “snap saving” app was hacked.

Internet

Internet Internet Media Accountability

Cyber Security Informer

Linksys force password reset to prevent Router hijacking

Shitcoin Wallet Chrome extension steals crypto-wallet private keys and passwords

Webinars

Trending Sources

15 billion credentials available in the cybercrime marketplaces

Webinars

CISA alert warns of Emotet attacks on US govt entities

Kaspersky addressed multiple issues in online protection solutions

US govt agencies share details of the China-linked espionage malware Taidoor

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

CISA’s advisory warns of notable increase in LokiBot malware

Ransomware Revival: Troldesh becomes a leader by the number of attacks

CERT France – Pysa ransomware is targeting local governments

5 Ways to Protect Yourself from IP Address Hacking

InnfiRAT Trojan steals funds from Bitcoin and Litecoin wallets

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

ZoneAlarm forum site hack exposed data of thousands of users

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs newsletter Round 227

API Security and Hackers: What?s the Need?

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Common Techniques Hackers Use to Penetrate Systems and How to Protect Your Organization

Microsoft: North Korea-linked Zinc APT targets security experts

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Astaroth Trojan leverages Facebook and YouTube to avoid detection

TA505 is expanding its operations

A new trojan Lampion targets Portugal

The stealthy email stealer in the TA505 hacker group’s arsenal

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Epic Manchego gang uses Excel docs that avoid detection

5 Common Phishing Attacks and How to Avoid Them?

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

A month later Gamaredon is still active in Eastern Europe

Microsoft warns of growing DoppelPaymer Ransomware threat

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

Stay Connected