2015, Hacking, Malware and Passwords - Cyber Security Informer

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. ru in 2008.

Malware

Malware Cybercrime Software Antivirus

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. The password chosen by this user was “ 1232.” Image: spur.us. Image: Darkbeast/Ke-la.com.

Malware

Malware Passwords Accountability Advertising

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Security Affairs

MAY 11, 2021

Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. revealed that the XcodeGhost malware impacted 128 million iOS users. SecurityAffairs – hacking, Apple). Documents provided in a court case that sees Epic Games v. Pierluigi Paganini.

Malware

Malware Hacking Mobile Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. “2FA has proven to be a powerful tool in securing communications channels. .” ”

Accountability

Accountability Hacking Authentication Marketing

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking

Hacking Cybercrime Ransomware Government

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks , in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware.

Passwords

Passwords DNS Malware Advertising

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware

Malware Cryptocurrency Advertising Accountability

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. Several former customers of his took to Hackforums[.]net

Malware

Malware Advertising Marketing System Administration

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. The attackers may have gained access to some users’ login credentials after deploying malware on both websites. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Hacking Telecommunications Passwords

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. File encryption 2013 – 2015. RaaS rollout 2015 – 2018. None of these early threats went pro. These included PClock, CryptoLocker 2.0,

Ransomware

Ransomware Hacking Encryption Penetration Testing

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. . SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media

Media Hacking Passwords Data breaches

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

The leaked data includes login names, hashed passwords, and email addresses. It is not confirmed that all of the leaked data is legitimate, anyway, experts suggest users change their password immediately. Users that share the password at another site should also change the password. Pierluigi Paganini.

Hacking

Hacking Data breaches Cybercrime Passwords

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords.

Internet

Internet Internet Passwords Malware

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

The experts first discovered the malware in June 2018, but it has been available since 2014, when they observed threat actors spreading it via a Microsoft Word document containing an auto-executable malicious VBA Macro. Recent samples of the malware include specific code to collect app configuration data and credentials from several apps.

Passwords

Passwords Spyware VPN Malware

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords

Passwords Authentication Advertising Software

Cybersecurity Report: July 28, 2015

SiteLock

AUGUST 27, 2021

UCLA Health Hacked, 4.5 National Security Agency Teaches Students Ethical Hacking, Cybersecurity. The National Security Agency is offering middle- and high school students in the United States the opportunity to learn cracking secured passwords. Cybersecurity Intern Accused in Huge Hacking Bust. Million Victims.

Cybersecurity

Cybersecurity Identity Theft Data breaches Government

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure.

Banking

Banking Malware Advertising Passwords

Don’t Panic: Website Defacements from 2015

SiteLock

AUGUST 27, 2021

Fortunately, hacks are mostly random. If you take basic security measures like a web application firewall and malware scanner, defacements can be avoided. Hacks sometimes destroy site content, sometimes by accident, and backups are vital in recovering that damage. Preventing A Website Defacement. Dealing With A Defacement.

Backups

Backups Firewall Hacking Malware

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering

Engineering Malware Adware Antivirus

Slack resetting passwords for roughly 1% of its users

Security Affairs

JULY 18, 2019

Slack is resetting passwords for accounts belonging to users that have not secured them after the data breach suffered by the company in 2015. Slack announced it is resetting passwords for accounts belonging to users that have not secured them after the data breach suffered by the company in 2015.

Passwords

Passwords Data breaches Accountability Advertising

Malware campaign attempts to evade analysis with Any.Run sandbox

Security Affairs

JULY 13, 2020

Malware authors are implementing the capability to check if their malicious code is running in the Any.Run malware analysis service. Vxers are implementing the capability to check if their malware is running in the Any.Run interactive online malware sandbox to prevent them from being analyzed by experts. ’ and exit.

Malware

Malware Advertising Passwords Hacking

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware

Malware Advertising Passwords Cryptocurrency

The forum of the popular Albion Online game was hacked

Security Affairs

OCTOBER 19, 2020

A threat actor has breached the forum of Albion Online and stole usernames and password hashes from its database. On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Passwords Advertising

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware

Malware Ransomware Antivirus Internet

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. Pierluigi Paganini.

Government

Government Accountability Hacking Advertising

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation.

Malware

Malware Passwords Advertising Antivirus

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. Enforce a strong password policy.

Malware

Malware Passwords Advertising Antivirus

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

This was more than a multi-password via ssh exploit, and there was no ransom. I wrote about the company in 2015 after it suffered a debilitating distributed denial-of-service (DDoS) attack after Romero declined to pay a ransom demand from an online extortion group. . “Every VM [virtual machine] is lost. Just attack and destroy.”

Hacking

Hacking DDOS Backups Accountability

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” Change your Activision account passwords and add 2FA immediately.

Hacking

Hacking Data breaches Accountability Passwords

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).”

Malware

Malware DDOS IoT Cybercrime

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware. “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1

Malware

Malware Government Passwords System Administration

Tedrade banking malware families target users worldwide

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules. ” continues Kaspersky.

Banking

Banking Malware Phishing Advertising

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. The Monero cryptocurrency miner uses a worm module (Systemctl.exe) dubbed PsMiner written in the Go language which includes exploit modules used to hack into vulnerable servers. Pierluigi Paganini.

Malware

Malware Cryptocurrency Advertising Passwords

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware

Malware Passwords Encryption Advertising

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

JULY 8, 2020

Many of these faux-Zoom sites were used to distribute malware under the guise of links to online meetings. In 2015, Chinese hackers redirected the hijacked ShadesDaddy.com to a site selling counterfeit merchandise. ” Hacking campaigns exploiting poor domain name security can be more subtle. . What Can Be Done?

Hacking

Hacking Retail Cyber Insurance Authentication

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Someone has transferred almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet to another wallet. 2015* apparently, maybe the owner? Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

In May 2015, KrebsOnSecurity published a brief writeup about the brazen Manipulaters team, noting that they openly operated hundreds of web sites selling tools designed to trick people into giving up usernames and passwords, or deploying malicious software on their PCs. ” A number of questions, indeed.

Phishing

Phishing Cybercrime Malware Advertising

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. Attorney DuCharme.

Hacking

Hacking Passwords Accountability Cybercrime

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. SecurityAffairs – hacking, cybercrime).

Hacking

Hacking Cybercrime Data breaches Advertising

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware

Malware Scams Social Engineering Phishing

Poloniex forces password reset following a data leak

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . SecurityAffairs – Poloniex exchange, hacking).

Passwords

Passwords Cryptocurrency Data breaches Advertising

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

I strongly advise you, firstly, to log on to all servers running HP Device Manager and set a strong password for the "dm_postgres" user of the "hpdmdb" Postgres database on TCP port 40006 1/4 — Nicky Bloor (@nickstadb) September 29, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Accountability Passwords InfoSec

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . The experts were alerted about the malware in October and immediately launched an investigation.

Malware

Malware Firmware Advertising Manufacturing

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Giving a Face to the Malware Proxy Service ‘Faceless’

Webinars

Trending Sources

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Webinars

Sendgrid Under Siege from Hacked Accounts

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Linksys force password reset to prevent Router hijacking

New MrbMiner malware infected thousands of MSSQL DBs

Orcus RAT Author Charged in Malware Scheme

SFO discloses data breach following the hack of 2 of its websites

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Asian media firm E27 hacked, attackers asked for a “donation”

Threat actor leaked data for U.S. gun exchange site on hacking forum

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

TeamViewer flaw can allow hackers to steal System password

Cybersecurity Report: July 28, 2015

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Don’t Panic: Website Defacements from 2015

New Shlayer Mac malware spreads via poisoned search engine results

Slack resetting passwords for roughly 1% of its users

Malware campaign attempts to evade analysis with Any.Run sandbox

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Crooks use weaponized coronavirus map to deliver malware

The forum of the popular Albion Online game was hacked

The History of Computer Viruses & Malware

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

CISA’s advisory warns of notable increase in LokiBot malware

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Alleged Activision hack, 500,000 Call Of Duty players impacted

EnemyBot malware adds new exploits to target CMS servers and Android devices

US govt agencies share details of the China-linked espionage malware Taidoor

Tedrade banking malware families target users worldwide

Modular Cryptojacking malware uses worm abilities to spread

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Ticketmaster will pay $10 Million fine over hacking a competitor

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

New Coronavirus-themed malspam campaign delivers FormBook Malware

Poloniex forces password reset following a data leak

HP Device Manager flaws expose Windows systems to hack

QSnatch malware infected over 62,000 QNAP NAS Devices

Stay Connected