Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. Kaspersky went on to find tens of other, similar spyware apps dating back to 2015 that Google had already removed from its Play Store, but which were still visible in archived mirrors of the app repository. This particular campaign is tied to the government of Vietnam.

Malware 291

Malware Spyware Phishing Government 291

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.

Hacking 201

Hacking Cybercrime Ransomware Government 201

Security Affairs

SEPTEMBER 10, 2019

The Instagram account of Robert Downey Jr. has been hacked, he is the last celebrity in order of time that had the social media accounts compromised. Robert Downey Jr’s Instagram account has 43.2 million, hacking it is possible to target millions of unaware fans. SecurityAffairs – Robert Downey Jr, hacking).

Accountability 82

Accountability Hacking Advertising Scams 82

Security Affairs

OCTOBER 10, 2020

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). Google announced an improved malware protection. Google announced an improved malware protection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” . .

Accountability 73

Accountability Malware Phishing Advertising 73

Security Affairs

NOVEMBER 1, 2020

A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from 17 companies. A data breach broker is selling account databases containing a total of 34 million user records stolen from 17 companies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches 145

Data breaches Accountability Advertising Passwords 145

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. ” continues the analysis.

Malware 136

Malware Cryptocurrency Advertising Accountability 136

Security Affairs

APRIL 13, 2020

Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Cyble confirmed that the accounts’ credentials belonging to some of its clients were valid.

Accountability 145

Accountability Passwords Advertising Phishing 145

Krebs on Security

MAY 28, 2024

Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5 , an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. The 911 S5 botnet-powered proxy service, circa July 2022.

VPN 226

VPN Banking Cybercrime Internet 226

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware 92

Malware Cybercrime Banking Hacking 92

Security Affairs

JUNE 20, 2022

German investigators believe that Kozachek is a member of the Russia-linked APT28 group (aka Fancy Bear), which is the same group that hacked the German Bundestag in 2015. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. SecurityAffairs – hacking, APT28).

Hacking 130

Hacking Accountability Malware Cybersecurity 130

Security Affairs

OCTOBER 19, 2020

Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. GravityRAT is a malware strain known for checking the CPU temperature of Windows computers to avoid being executed in sandboxes and virtual machines. SecurityAffairs – hacking, GravityRAT ).

Malware 112

Malware Computers and Electronics Spyware Advertising 112

Krebs on Security

FEBRUARY 12, 2019

11, when the company’s Twitter account started fielding reports from users who said they were no longer receiving messages. VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.” 9], username “aktv.”).

Hacking 254

Hacking DDOS Backups Accountability 254

Security Affairs

DECEMBER 2, 2020

Russian-linked cyberespionage group Turla employed a new malware toolset, named Crutch, in targeted attacks aimed at high-profile targets. The Crutch framework was employed in attacks since 2015 to siphon sensitive data and transfer them to Dropbox accounts controlled by the Russian hacking group.

Malware 120

Malware Accountability Hacking Government 120

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. More than 500,000 Activision accounts may have compromised as a result of a data breach suffered by the gaming firm on September 20, reported the eSports site Dexerto. ” concludes Dexerto.

Hacking 106

Hacking Data breaches Accountability Passwords 106

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure.

Banking 103

Banking Malware Advertising Passwords 103

Security Affairs

OCTOBER 1, 2020

Twitter removed around 130 Iranian accounts for attempting to disrupt the public recent US Presidential Debate. The social media giant Twitter announced to have removed around 130 Iranian Twitter accounts that attempted to disrupt the public conversation during the recent first Presidential Debate for the US 2020 Presidential Election.

Accountability 135

Accountability Advertising Media Hacking 135

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing 255

Marketing Energy and Utilities Malware Ransomware 255

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. SecurityAffairs – North Korea, hacking).

Malware 116

Malware Advertising Government Cryptocurrency 116

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. ” states the DoJ. Pierluigi Paganini.

Malware 107

Malware Banking Cryptocurrency Cybercrime 107

Adam Levin

JULY 8, 2020

Many of these faux-Zoom sites were used to distribute malware under the guise of links to online meetings. In 2015, Chinese hackers redirected the hijacked ShadesDaddy.com to a site selling counterfeit merchandise. ” Hacking campaigns exploiting poor domain name security can be more subtle. . What Can Be Done?

Hacking 130

Hacking Retail Cyber Insurance Authentication 130

Security Affairs

SEPTEMBER 18, 2020

Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. SecurityAffairs – hacking, Rampant Kitten).

Malware 103

Malware Phishing Accountability Advertising 103

Security Affairs

OCTOBER 3, 2020

Facebook shared details about a long-running ad-fraud campaign that’s been ongoing since 2016 targeting Facebook users with SilentFade malware. The social network giant revealed that malware has a Chinese origin and allowed hackers to siphon $4 million from users’ advertising accounts. ” continues the paper. “The

Malware 107

Malware Advertising Accountability Authentication 107

Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches 124

Data breaches Accountability Advertising Internet 124

Security Affairs

OCTOBER 4, 2020

“These vulnerabilities may allow locally managed accounts within Device Manager to be susceptible to dictionary attacks due to weak cipher implementation (CVE-2020-6925) and allow a malicious actor to remotely gain unauthorized access to resources (CVE-2020-6926), and/or allow a malicious actor to gain SYSTEM privileges (CVE-2020-6927).”

Hacking 130

Hacking Accountability Passwords InfoSec 130

Krebs on Security

MAY 4, 2023

” That handle used the same ICQ instant messenger account number ( 555724 ) as a Mazafaka denizen named “ Nordex.” ” In February 2005, Nordex posted to Mazafaka that he was in the market for hacked bank accounts, and offered 50 percent of the take. In 2017, U.S. Constella tracked another Bankir[.]com

Marketing 244

Marketing Cybercrime Accountability Cryptocurrency 244

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media 141

Media Hacking Passwords Data breaches 141

Security Affairs

JUNE 16, 2023

The malware is distributed as the messaging apps BingeChat and Chatico. The GravityRAT malware Access Trojan (RAT) is believed to be the work of Pakistani hacker groups, it was mainly employed in attacks aimed at Indian users. MalwareHunterTeam researchers first shared the hash for a GravityRAT sample via a tweet.

Backups 92

Backups Spyware Malware Accountability 92

Security Affairs

FEBRUARY 27, 2020

Lampion malware is the most critical malware affecting Portuguese users’ last three months. This malware appears to be on the rise at the end of February 2020, after a fresh update where its operators introduced a new obfuscation layer on the first stage of the threat. Figure 7: Lampion’s email received on the target account.

Malware 101

Malware Advertising Government Accountability 101

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking 102

Hacking Ransomware Banking Mobile 102

Security Affairs

MAY 9, 2019

US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. back in 2015. ” reads the press release published by DoJ.

Hacking 69

Hacking Insurance Data breaches Identity Theft 69

Security Affairs

AUGUST 3, 2020

As a precaution, we wanted to let you know that we recently became aware of a potential incident that may have affected the security of certain customer accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Havenly). ” reads the data breach notification.

Data breaches 99

Data breaches Accountability Passwords Advertising 99

Security Affairs

OCTOBER 19, 2020

“The intruder was able to access forum user profiles, which include the e-mail addresses connected to those forum accounts. “However, there is a small possibility they could be used to identify accounts with particularly weak passwords.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 102

Hacking Data breaches Passwords Advertising 102

Security Affairs

OCTOBER 4, 2020

Visa revealed that two unnamed North American hospitality merchants have been infected with some strains of point-of-sale (POS) malware. “In May and June 2020, respectively, Visa Payment Fraud Disruption (PFD) analyzed malware samples recovered from the independent compromises of two North American merchants.”

Malware 140

Malware Advertising Accountability Hacking 140

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan.

Malware 88

Malware Banking Mobile Spyware 88

Security Affairs

OCTOBER 26, 2022

. “Kaye allegedly operated The Real Deal, a Dark Web market for illicit items, including stolen account login credentials for U.S. ” The now-defunct Real Deal marketplace was used by crooks to sell and buy illegal goods and services, including narcotics, hacking tools and stolen login credentials. . Attorney Ryan K.

Marketing 88

Marketing Government Hacking Accountability 88

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. Nikulin also hacked into an employee account of a Formspring engineer and used it to access the company network between June 13, 2012, and June 29, 2012.

Hacking 78

Hacking Cybercrime Data breaches Advertising 78

Security Affairs

AUGUST 2, 2020

A critical flaw in the wpDiscuz WordPress plugin could be exploited by remote attackers to execute arbitrary code and take over the hosting account. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, wpDiscuz). Pierluigi Paganini.

Accountability 134

Accountability Advertising Account Security Hacking 134