2014, Antivirus and Internet - Cyber Security Informer

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

This deal reads like to the epilogue to a book titled The First 20 Years of the Supremely Lucrative Antivirus Market. Way back in 1990, Symantec acquired Norton Utilities and made Norton the heart of its antivirus subscription offering. Norton got ‘ demergered ’ from Symantec in 2014 and then acquired LifeLock for $2.3

Antivirus

Antivirus Marketing Identity Theft Social Engineering

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Why do I need a certificate?

Malware

Malware Cybercrime Software Antivirus

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Antivirus DNS Advertising

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In 2010, someone with the username Pepyak on the Russian language affiliate forum GoFuckBiz[.]com

Malware

Malware Antivirus Cybercrime Hacking

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. The flaw impacts McAfee Total Protection (MTP), McAfee Anti-Virus Plus (AVP), and all McAfee Internet Security (MIS) versions including 16.0.R22. in the wbem folder and get it executed.

Antivirus

Antivirus Advertising Software Internet

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. “He’d been told the organization had an extensive system to prevent cyberattacks, but this new virus evaded all their firewalls and antivirus software. . Pierluigi Paganini.

Antivirus

Antivirus Malware Phishing Advertising

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. Microleaves works by changing each customer’s Internet Protocol (IP) address every five to ten minutes. Which hints at a possible BOTNET. “Online[.]io

Advertising

Advertising Software Computers and Electronics Internet

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

FEBRUARY 11, 2019

The user ianch99 in the QNAP NAS community forum reported that the antivirus ClamAV was failing to update due to 0.0.0.0 “Since recent firmware updates, the ClamAV Antivirus fails to update due to 700+ clamav.net entries in /etc/hosts, all set to 0.0.0.0 Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Antivirus

Antivirus Firmware Advertising VPN

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus , Security Cloud, and Small Office Security products. As in: under some circumstances, antivirus would still crash. I wouldn’t bet on it.”

Antivirus

Antivirus Advertising Password Management Passwords

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Emotet , the most widespread malware worldwide and Ryuk , a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Retail Advertising Antivirus

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Limit Internet access for all agents to a controlled white list. Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Send the samples (.doc Pierluigi Paganini.

Malware

Malware Advertising Antivirus Banking

15 SUREFIRE Tips To Protect Your Privacy Online

SecureBlitz

MAY 25, 2021

In 2014, over 5 million Google account passwords were leaked online after a successful data breach. According to Statista, only 12% of US internet users were confident of their online privacy in. I will show you tips to protect your privacy online as well as social networking platforms like Twitter, Facebook, etc. in this post.

Data breaches

Data breaches Passwords Internet Internet

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP or Internet Protocol address is your digital identity on the internet. It may be used to download unauthorized stuff or may be used for uploading disputed content on the internet. It disguises your original identity and location and allows you to access the internet from a remote server. Secure Your Router.

Hacking

Hacking VPN Internet Internet

Security Affairs newsletter Round 224 – News of the week

Security Affairs

JULY 28, 2019

BlackBerry Cylance addresses AI-based antivirus engine bypass. Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens. Comodo Antivirus is affected by several vulnerabilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter).

Antivirus

Antivirus Spyware Advertising Hacking

Could Your Company Survive a Ransomware Attack?

CyberSecurity Insiders

AUGUST 26, 2022

Ransomware attacks are about as old as the internet itself. The FBI had stopped CryptoLocker by the summer of 2014. A ransomware attack occurs when somebody hacks a person’s or company’s computer system and demands a ransom payment in return. One of the first known instances took place in 1989.

Ransomware

Ransomware Education Software Malware

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. In May, Internet scans found nearly one million systems vu lnerable to the BlueKeep flaw. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Internet Internet Malware

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Scan all software downloaded from the Internet prior to executing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Government Passwords System Administration

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

CISA reports provide the following recommendations to users and administrators to strengthen the security posture of their organization’s systems: • Maintain up-to-date antivirus signatures and engines. Scan all software downloaded from the Internet prior to executing. Keep operating system patches up-to-date. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

PDF zero-day samples harvest user data when opened in Chrome

Security Affairs

FEBRUARY 27, 2019

Most of the samples detected by EdgeSpot have a low detection rate on VirusTotal, at the time of writing only two antivirus products are able to detect them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Below the timeline.

Advertising

Advertising Antivirus Internet Internet

Security Affairs newsletter Round 201 – News of the week

Security Affairs

FEBRUARY 17, 2019

Astaroth Trojan relies on legitimate os and antivirus processes to steal data. Russia is going to disconnect from the internet as part of a planned test. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Antivirus Malware Backups

Android Apps containing Clicker Trojan installed on over 100M devices

Security Affairs

AUGUST 10, 2019

Malware researchers at antivirus firm Dr Web discovered more than 33 Android Apps in the Google Play Store with over 100 million installations that contain a clicker Tojan tracked as Android. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. origin is quite simple. ” continues the report.”This

Mobile

Mobile Advertising Malware Data collection

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Security Affairs

MARCH 10, 2020

The threat actors targets servers that have Remote Desktop Protocol (RDP) exposed to the internet, then use brute force attacks for lateral movements. In many cases, some machines run without standard safeguards, like security updates and cloud-delivered antivirus protection.” ” continues Microsoft. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Social Engineering Banking

Behind the scenes with the head of Kaspersky’s GReAT

SecureList

JUNE 22, 2021

During his tenure at Kaspersky, he has spearheaded the company’s research on some of the most infamous cyber threat campaigns in recent memory, from the highly destructive computer worm Stuxnet to the Dukes advanced persistent threat which targeted the White House and the US Department of State in 2014, as believed.

Antivirus

Antivirus Malware Artificial Intelligence Engineering

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The above-mentioned AIDS Trojan hailing from the distant pre-Internet era was the progenitor of the trend, but its real-world impact was close to zero. The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries.

Ransomware

Ransomware Hacking Encryption Penetration Testing

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

Below the list of mitigations: Maintain up-to-date antivirus signatures and engines. Scan all software downloaded from the internet prior to executing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Malware

Malware Passwords Advertising Antivirus

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

A historic records search at Domaintools on that tosaka1027@gmail.com address says it was used to register 24 Internet domain names , including at least seven that have been conclusively tied to the spread of powerful Android mobile malware. net 2014-01-20 ALIBABA CLOUD COMPUTING (BEIJING) CO., com and rurimeter[.]com 2333youxi[.]com

Mobile

Mobile Technology Manufacturing Malware

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Security Affairs

AUGUST 24, 2020

All the affected organizations had hosts with Internet-facing RDP and weak credentials. It was revealed that the operators scanned ranges of IPs for hosts with Internet-facing RDP and weak credentials in Russia , Japan , China , and India. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Threat Detection

Threat Detection Ransomware Advertising Cybercrime

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

A historic records search at Domaintools on that tosaka1027@gmail.com address says it was used to register 24 Internet domain names , including at least seven that have been conclusively tied to the spread of powerful Android mobile malware. net 2014-01-20 ALIBABA CLOUD COMPUTING (BEIJING) CO., com and rurimeter[.]com 2333youxi[.]com

Mobile

Mobile Technology Manufacturing Software

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Security Affairs

APRIL 16, 2019

The malware is also able to inject JavaScript adware in Internet Explorer, install Chrome/Opera extensions to inject JavaScript adware on these browsers as well, exfiltrate browsing history, silently display ads or muted YouTube videos to users via Chrome, and subscribe users to YouTube video channels. Pierluigi Paganini.

Spyware

Spyware Adware Malware Accountability

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

0)b31 router distributed by TrueOnline CVE-2014-2321 ZTE F460 and F660 cable modems CVE-2017-6334 NETGEAR DGN2200 devices with firmware through 10.0.0.50. BotenaGo was written in Golang (Go) and at the time of the report published by the experts, it had a low antivirus (AV) detection rate (6/62). v001 / 3.40(ULM.0)b31

IoT

IoT Firmware Malware Wireless

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

It is better to use ICAP (Internet Content Adaptation Protocol) servers or excellent Antivirus systems to protect the data of your company. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Call Security Experts.

Authentication

Authentication Firewall Encryption Passwords

The Ursnif Gangs keep Threatening Italy

Security Affairs

MARCH 26, 2019

The VBS code is obfuscated to evade antivirus detection and, in order to confuse the analyst, all the values are manipulated in different steps: using many mathematical operations, very long random variable names and other content encoded in Base64 format. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Antivirus Advertising Encryption

A new trojan Lampion targets Portugal

Security Affairs

DECEMBER 29, 2019

It downloads the next stage from the compromised server available on the Internet on an AWS S3 bucket. This is a clear signal that most of the antivirus engines don’t detect yet the malware signature. Figure 2: URL (1) hosting the malware on the Internet (a zip file). Now is time to download the 2nd stage from the Internet.

Malware

Malware Internet Internet Antivirus

Protecting Industrial Control Systems Against Cyberattacks – Part 1

Security Boulevard

APRIL 28, 2021

The system developers weren’t overly preoccupied with security because they had no conception of something called the Internet. With no Internet in existence at the time, the systems were “air gapped” – meaning not connected to other systems or the outside world, for years. Who’s Behind ICS Threats?

Energy and Utilities

Energy and Utilities Malware DDOS Internet

A new NAS Ransomware targets QNAP Devices

Security Affairs

JULY 11, 2019

It is not common for these devices to run antivirus products, and currently, the samples are only detected by 2-3 products on VirusTotal, which allows the ransomware to run uninhibited.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – NAS ransomware, malware).

Ransomware

Ransomware Encryption Malware Advertising

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

As of the publishing of this article, antivirus (AV) vendor detection for BotenaGo and its variants remains behind with very low detection coverage from most of AV vendors. Figure 8 shows the low level of antivirus detections for BotenaGo’s new variants. 2032077: ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321).

Malware

Malware IoT Authentication Antivirus

Slack Launched Encryption Key Addon For Businesses

Security Affairs

MARCH 18, 2019

There are millions of third party app available on the internet that needs permission, integration and access to your personal data. Make sure that your system is up to date and have necessary security tools installed in your system, such as virtual private network , antivirus and others. Third Party Apps. Third Party Apps.

Encryption

Encryption Risk Small Business Financial Services

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

Security Affairs

JULY 10, 2019

Worse, the Internet, the rise of smartphones, and the culture of social media allow us to access these things from anywhere. Fortunately, there are options available to parents when it comes to controlling YouTube and Internet access. Shockingly, 1 in 5 U.S. As a parent, that’s terrifying. The answer to this question isn’t simple.

Internet

Internet Internet Media Accountability

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Security Affairs

APRIL 10, 2019

That file was delivered via malscam campaigns around the world and its source-code is obfuscated in order to evade antivirus detection and complicate its analysis. Data includes date/hour of infection , remote IP from victim’s computer , OS version and antivirus name. Figure 16: EMOTET collects antivirus product name via WMI query.

Banking

Banking Malware Antivirus Cyber threats

LimeRAT spreads in the wild

Security Affairs

APRIL 9, 2019

The installed payload actually is a Base64 encoded PE32 file, file-lessly stored within the registry hive to avoid antivirus detection. LimeRAT is a powerful Remote Administration Tool publicly available to any internet user, it is an open-source project freely available on Github. LimeRAT spreads in the wild. Pierluigi Paganini.

Malware

Malware Advertising DNS Antivirus

Kaspersky Lab opens first Transparency Center in Zurich

Security Affairs

NOVEMBER 15, 2018

According to independent rankings [1] , Switzerland is among the world’s top locations in terms of the number of secure internet servers available, and it has an international reputation as an innovative center for data processing and high quality IT infrastructure. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Threat Detection

Threat Detection Technology Government Advertising

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

2000 Children’s Internet Protection Act (CIPA): Requires K–12 schools to restrict children’s exposure to obscene digital content, monitor the online activity of minors, and educate students about appropriate behavior on the internet. Install, regularly update, and enable real-time detection for antivirus software.

Education

Education Ransomware Cybersecurity Risk

WinDealer dealing on the side

SecureList

JUNE 2, 2022

Such capabilities are not unheard of: the QUANTUM program revealed in 2014 was the first known instance. Man-on-the-side attacks are devastating because they do not require any interaction with the target to lead to a successful infection: simply having a machine connected to the internet is enough. Indicators of Compromise.

Malware

Malware Encryption Social Engineering Telecommunications

A flaw in Kaspersky Antivirus allowed tracking its users online

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

Trending Sources

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Some Fortinet products used hardcoded keys and weak encryption for communications

Why Malware Crypting Services Deserve More Scrutiny

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Microsoft’s case study: Emotet took down an entire network in just 8 days

Breach Exposes Users of Microleaves Proxy Service

A mysterious code prevents QNAP NAS devices to be updated

Kaspersky addressed multiple issues in online protection solutions

Report: Threat of Emotet and Ryuk

France national cyber-security agency warns of a surge in Emotet attacks

15 SUREFIRE Tips To Protect Your Privacy Online

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs newsletter Round 224 – News of the week

Could Your Company Survive a Ransomware Attack?

New variant of Linux Botnet WatchBog adds BlueKeep scanner

US govt agencies share details of the China-linked espionage malware Taidoor

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

PDF zero-day samples harvest user data when opened in Chrome

Security Affairs newsletter Round 201 – News of the week

Android Apps containing Clicker Trojan installed on over 100M devices

Microsoft warns of Human-Operated Ransomware as a growing threat to businesses

Behind the scenes with the head of Kaspersky’s GReAT

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

CISA’s advisory warns of notable increase in LokiBot malware

Tracing the Supply Chain Attack on Android

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Tracing the Supply Chain Attack on Android

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

BotenaGo botnet targets millions of IoT devices using 33 exploits

API Security and Hackers: What?s the Need?

The Ursnif Gangs keep Threatening Italy

A new trojan Lampion targets Portugal

Protecting Industrial Control Systems Against Cyberattacks – Part 1

A new NAS Ransomware targets QNAP Devices

BotenaGo strikes again – malware source code uploaded to GitHub

Slack Launched Encryption Key Addon For Businesses

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

LimeRAT spreads in the wild

Kaspersky Lab opens first Transparency Center in Zurich

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

WinDealer dealing on the side

Stay Connected