Security Affairs

OCTOBER 11, 2020

ransomware displays ransom note in innovative way Carnival confirms data breach as a result of the August ransomware attack Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP) Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns. Pierluigi Paganini.

Advertising 82

Advertising Antivirus Data privacy Ransomware 82

Security Affairs

SEPTEMBER 7, 2020

A recently discovered cybercrime gang, tracked as Epic Manchego , is using a new technique to create weaponized Excel files that are able to bypass security checks. Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. Pierluigi Paganini. SecurityAffairs – hacking, Norway).

Cybercrime 90

Cybercrime Phishing Advertising Antivirus 90

Security Affairs

JULY 8, 2020

The name Fxmsp refers a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S. Attorney Brian T.

Hacking 69

Hacking Antivirus Advertising Cybercrime 69

Security Affairs

SEPTEMBER 22, 2020

The Lokibot malware has been active since 2015, it is an infostealer that was involved in many malspam campaigns aimed at harvest credentials from web browsers, email clients, admin tools and that was also used to target cryptocoin-wallet owners. Below the list of mitigations: Maintain up-to-date antivirus signatures and engines.

Malware 63

Malware Passwords Advertising Antivirus 63

Security Affairs

SEPTEMBER 20, 2019

Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. Experts revealed that the botnet was used by the TA505 cybercrime gang to distribute the FlawedAmmy RAT and some email stealers.

Phishing 81

Phishing Social Engineering Malware Advertising 81

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ransom amount, individual bots and encryption masks). million dollars per week.

Ransomware 113

Ransomware Advertising Malware Hacking 113

Security Affairs

NOVEMBER 21, 2019

Microsoft has shared more information on ransomware and how to stay safe online here , it urges organizations to: • Keep your Windows Operating System and antivirus up-to-date. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. .” continues Microsoft. Upgrade to Windows 10. Pierluigi Paganini.

Ransomware 80

Ransomware Social Engineering Malware Advertising 80

Security Affairs

SEPTEMBER 16, 2019

The researchers provided evidence that the threat actors sold the purchased certificates to a cybercrime gang that used them to spread malware. The verification is done using a public antivirus scanning service, then the threat actors use the file scan record as “a clean bill of health” for potential buyers. Pierluigi Paganini.

Adware 79

Adware Advertising Marketing Antivirus 79

Security Affairs

JANUARY 26, 2020

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Russian operator of Cardplanet carding site pleads guilty in the US. Cisco Webex flaw allows unauthenticated remote attackers to join private meetings.

Data breaches 78

Data breaches Advertising Antivirus DDOS 78

Security Affairs

MARCH 19, 2020

Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. “On one of the compromised information systems, experts found encrypted files with the extension “ newversion.” SecurityAffairs – Pysa ransomware, cybercrime).

Government 100

Government Ransomware Encryption Penetration Testing 100

Security Affairs

OCTOBER 12, 2019

Security experts at FireEye Mandiant discovered that the FIN7 hacking group has added new tools to its arsenal, including a new loader and a module that hooks into the legitimate remote administration software used by the ATM maker NCR Corporation. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Identity Theft 73

Identity Theft Hacking Advertising DNS 73

Security Affairs

SEPTEMBER 7, 2020

Generally speaking, removal/cleaning by antivirus is not a sufficient guarantee. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. . • Limit Internet access for all agents to a controlled white list. Disconnect compromised machines from the network without deleting data. Send the samples (.doc

Malware 106

Malware Advertising Antivirus Banking 106

Security Affairs

AUGUST 24, 2020

For instance, to disable built-in antivirus software, the attackers used Defender Control and Your Uninstaller. Group-IB’s technological leadership is built on the company’s 17 years of hands-on experience in cybercrime investigations around the world and 60 000 hours of cyber security incident response accumulated in one of ???

Threat Detection 82

Threat Detection Ransomware Advertising Cybercrime 82

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT 115

IoT Firmware Malware Wireless 115

Security Affairs

AUGUST 28, 2019

The Retadup bot has been around since at least 2015, it was involved in several malicious campaigns aimed at delivering malware such as information stealers, ransomware and miners. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Retadup botn et , hacking).

Malware 81

Malware Advertising Antivirus Cryptocurrency 81

Security Affairs

DECEMBER 7, 2019

“According to the indictment, Bugat is a malware specifically crafted to defeat antivirus and other protective measures employed by victims. For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world,” said U.S. Attorney Brady. Pierluigi Paganini.

Banking 62

Banking Malware Cybercrime Accountability 62

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. Between 2015 and 2019, the largest-known individual ransom demand was $15 million. Stay safe and secure. Reducing Human Error Security Threats with Remote Workforce.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. Another technique used by cybercriminals to bypass antivirus systems is a targeted attack, in which malicious email are delivered outside regular working hours. More than 80% of all malicious files were disguised as .zip

Ransomware 68

Ransomware Antivirus Malware Banking 68

Security Affairs

MARCH 24, 2020

No benign files MalwareBazaar is not a multi antivirus scanning engine You can upload and download as many malware samples as you want It’s completely free! “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – MalwareBazaar, cybercrime). No Adware (PUA/PUP).

Malware 50

Malware Adware Cyber threats Advertising 50

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Geography and victims. First steps. The big fish.

Antivirus 79

Antivirus Advertising Hacking Banking 79

Security Affairs

JULY 7, 2019

Firefox finally addressed the Antivirus software TLS Errors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. A cyberattack took offline websites of the Georgia agency. After 2 years under the radars, Ratsnif emerges in OceanLotus ops. Cyber Defense Magazine – July 2019 has arrived. Silence APT goes global.

Scams 47

Scams Spyware DNS Advertising 47

Security Affairs

JULY 28, 2020

The purpose of this report is to deliver a devastating blow to cybercrime by uncovering key organizations sponsoring pirates and exposing the entire criminal structure of online piracy. Since 2015, 1xBet has sponsored content for 80% of major voiceover studios. These were Latin America (primarily Brazil) , India , and Thailand.

Marketing 63

Marketing Banking Advertising Cybercrime 63

Security Affairs

JULY 19, 2019

The macro might also purposely attempt to bypass endpoint security defenses. . The Rubella Macro Builder is cheap, fast and easy to use, the malware it generated can evade antivirus detection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 67

Malware Social Engineering Advertising Antivirus 67

Security Affairs

APRIL 9, 2020

To trick antivirus software, threat actors include the passwords for accessing the content in the email subject line, in the archive name, or in subsequent correspondence with the victim. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Group-IB is a member of the World Economic Forum. .

Phishing 100

Phishing Malware Spyware DDOS 100

Security Affairs

APRIL 10, 2019

That file was delivered via malscam campaigns around the world and its source-code is obfuscated in order to evade antivirus detection and complicate its analysis. When the malware is executed without any restrictions, i.e., upon a non-virtualized environment, some information from the victim’s computer is send to C2 server.

Banking 57

Banking Malware Antivirus Cyber threats 57

Security Affairs

MAY 29, 2019

Analyzing it in depth, we discover it actually is the RMS (Remote Manipulator System) client by TektonIT , encrypted using the MPress PE compressor utility, a legitimate tool, to avoid antivirus detection. Information about MPress packer used in “winserv.exe” payload. Pierluigi Paganini. SecurityAffairs – TA505, hacking).

Retail 64

Retail Banking Advertising Encryption 64

Security Affairs

JULY 23, 2019

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Its content is minimal and quickly redirect the execution to a small batch file, “installer.bat” contained in the same folder. Then it runs installer.bat (the filename) with the parameter “ 0? tmp”, later renamed as “007.bat”. The consequences could be more serious.

Malware 70

Malware Advertising Antivirus Architecture 70