2015, Information Security, Malware and Passwords

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Security Affairs

MAY 11, 2021

Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. revealed that the XcodeGhost malware impacted 128 million iOS users. The post Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015 appeared first on Security Affairs.

Malware

Malware Hacking Mobile Passwords

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks , in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware.

Passwords

Passwords DNS Malware Advertising

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware

Malware Cryptocurrency Advertising Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

The experts first discovered the malware in June 2018, but it has been available since 2014, when they observed threat actors spreading it via a Microsoft Word document containing an auto-executable malicious VBA Macro. Recent samples of the malware include specific code to collect app configuration data and credentials from several apps.

Passwords

Passwords Spyware VPN Malware

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware

Malware Advertising Passwords Cryptocurrency

TeamViewer flaw can allow hackers to steal System password

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords

Passwords Authentication Advertising Software

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure.

Banking

Banking Malware Advertising Passwords

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware

Malware Passwords Encryption Advertising

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

Slack resetting passwords for roughly 1% of its users

Security Affairs

JULY 18, 2019

Slack is resetting passwords for accounts belonging to users that have not secured them after the data breach suffered by the company in 2015. Slack announced it is resetting passwords for accounts belonging to users that have not secured them after the data breach suffered by the company in 2015.

Passwords

Passwords Data breaches Accountability Advertising

Malware campaign attempts to evade analysis with Any.Run sandbox

Security Affairs

JULY 13, 2020

Malware authors are implementing the capability to check if their malicious code is running in the Any.Run malware analysis service. Vxers are implementing the capability to check if their malware is running in the Any.Run interactive online malware sandbox to prevent them from being analyzed by experts. ’ and exit.

Malware

Malware Advertising Passwords Hacking

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation.

Malware

Malware Passwords Advertising Antivirus

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).”

Malware

Malware DDOS IoT Cybercrime

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. The Agency’s EINSTEIN Intrusion Detection System has detected persistent malicious activity associated with the LokiBot malware. Enforce a strong password policy.

Malware

Malware Passwords Advertising Antivirus

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware. “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1

Malware

Malware Government Passwords System Administration

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware.

Malware

Malware Scams Social Engineering Phishing

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . The experts were alerted about the malware in October and immediately launched an investigation.

Malware

Malware Firmware Advertising Manufacturing

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. .

Government

Government Malware Advertising Passwords

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

The Taiwanese vendor QNAP urges its users to update the Malware Remover app following the alert on the QSnatch malware. The Taiwanese company QNAP is urging its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Webshell functionality for remote access.

Malware

Malware Advertising Passwords Manufacturing

Poloniex forces password reset following a data leak

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . This is a real email! Pierluigi Paganini.

Passwords

Passwords Cryptocurrency Data breaches Advertising

Cryptomining Campaign involves Golang malware to target Linux servers

Security Affairs

JULY 5, 2019

Experts at F5 Networks discovered a cryptomining campaign that is delivering a new piece of the Golang malware that targets Linux-based servers. F5 experts uncovered a cryptominer campaign that is delivering a new strain of Golang malware that targets Linux-based servers. ” reads the analysis published by F5.

Malware

Malware Passwords Advertising Information Security

Internal Revenue Service warns taxpayers of a malware campaign

Security Affairs

AUGUST 25, 2019

The Internal Revenue Service (IRS) is warning of an active IRS impersonation scam campaign sending spam emails to distribute malware. The Internal Revenue Service (IRS) issued an alert to warn taxpayers of a new scam campaign distributing malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Computers and Electronics Scams Passwords

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

Security Affairs

AUGUST 17, 2019

Trend Micro addressed 2 DLL hijacking flaws in Trend Micro Password Manager that could allow malicious actors to escalate privileges and much more. “ SafeBreach Labs discovered a new vulnerability in Trend Micro Password Manager software.” ” reads the security advisory published by Trend Micro.

Password Management

Password Management Passwords Advertising Authentication

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware

Malware Encryption Advertising Passwords

Masad Stealer Malware exfiltrates data via Telegram

Security Affairs

SEPTEMBER 29, 2019

Experts at Juniper Threat Labs have discovered a new piece of malware dubbed Masad Stealer that exfiltrate s cryptocurrency wallet files via Telegram. Security researchers at the Juniper Threat Labs discovered a strain of malware dubbed Masad Stealer that is actively distributed.

Malware

Malware Cryptocurrency Advertising Marketing

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

New APT34 campaign uses LinkedIn to deliver fresh malware

Security Affairs

JULY 22, 2019

The APT24 group continues its cyber espionage activity, its members were posing as a researcher from Cambridge to infect victims with three new malware. ” The hackers used three new malware families in the campaign that also involved the Pickpocket , a browser credential-theft tool exclusively linked to APT34 campaigns.

Malware

Malware Advertising Phishing Government

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. 2015* apparently, maybe the owner?

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Malware

Malware Cryptocurrency Passwords Internet

North Korea-linked malware ATMDtrack infected ATMs in India

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. ” reads the analysis published by Kaspersky.

Malware

Malware Banking Advertising Encryption

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. The recent Emotet campaign uses spam messages with password-protected attachments, experts noticed a decline in infections over the weekend, a behavior already observed in the past.

Malware

Malware Passwords Advertising Cybercrime

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. SecurityAffairs – malware, Coronavirus).

Phishing

Phishing Malware Spyware DDOS

Stealthworker botnet targets Windows and Linux servers

Security Affairs

JUNE 8, 2020

Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Passwords Advertising Internet

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

The attackers may have gained access to some users’ login credentials after deploying malware on both websites. The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director.

Data breaches

Data breaches Hacking Telecommunications Passwords

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Security Affairs

AUGUST 13, 2019

Security experts analyzed a new interesting Android banking Trojan, dubbed Cerberus, that is offered for rent by its author. A new malware-as-a- service dubbed Cerberus has emerged in the threat landscape, it is an Android RAT developed from scratch that doesn’t borrow the code from other malware.

Banking

Banking Malware Advertising Social Engineering

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. File encryption 2013 – 2015. RaaS rollout 2015 – 2018. None of these early threats went pro. These included PClock, CryptoLocker 2.0,

Ransomware

Ransomware Hacking Encryption Penetration Testing

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Security Affairs

JUNE 21, 2020

The United States has deported the author of NeverQuest banking malware, the computer programmer Stanislav Vitaliyevich Lisov to Russia. . The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking

Banking Malware Advertising Hacking

Experts uncovered hidden behavior in thousands of Android Apps

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. There are 7,584 apps with secret access keys, 501 apps that embed master passwords, and 6,013 apps with secret commands. Moreover, these security risks hold generally across all of our data sources. Pierluigi Paganini.

Mobile

Mobile Passwords Advertising Firmware

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Security Affairs

OCTOBER 21, 2019

Security experts have a new malware, dubbed skip-2.0 Security experts at ESET have discovered a new malware, dubbed skip-2.0, malware was used by threat actors to establish a backdoor in MSSQL Server 11 and 12 servers, allowing them to access to any account on the server using a “magic password.”

Malware

Malware Passwords Advertising DNS

Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malware

Security Affairs

MARCH 26, 2020

The number of Coronavirus-themed attacks continues to increase, crooks hijack D-Link and Linksys routers to redirect users to sites spreading COVID19-themed malware. Crooks continue to launch Coronavirus-themed attacks , experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware.

Malware

Malware DNS Advertising Cryptocurrency

The Challenges Facing the Passwordless Future

eSecurity Planet

SEPTEMBER 25, 2022

In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology. By 2015, Microsoft joined, and in 2020, Apple followed. Apple has also promised that passwords will be a thing of the past, and passkeys will become available for iOS 16. See the Top Password Managers.

Passwords

Passwords Password Management Authentication Technology

Necro Python bot now enhanced with new VMWare, server exploits

Security Affairs

JUNE 4, 2021

The Necro Python bot, aka FreakOut, has been in development since 2015 and early this year researchers from Check Point and Netlab 360 have provided details about its activity. Researchers noticed that malware authors have added multiple exploits for over 10 different web applications and the SMB protocol. ” continues the post.

Malware

Malware Passwords DDOS IoT

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

In 2015, the company controlled 55% of the U.S. ” The company pointed out that it does not store Social Security numbers and financial information in its systems. VF Corp also added that it has found no evidence that customer passwords were stolen. million customers.

Data breaches

Data breaches Retail Insurance Passwords

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

The malware author named the bot Satan DDoS, but Palo Alto Network’s Unit42 researchers dubbed it Lucifer because there’s another malware with the same name, the Satan Ransomware. Unit42 researchers noticed that the attacker is leveraging certutil utility in the payload for malware propagation. Pierluigi Paganini.

DDOS

DDOS Malware Advertising Passwords

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Linksys force password reset to prevent Router hijacking

Webinars

Trending Sources

New MrbMiner malware infected thousands of MSSQL DBs

Webinars

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Crooks use weaponized coronavirus map to deliver malware

TeamViewer flaw can allow hackers to steal System password

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Slack resetting passwords for roughly 1% of its users

Malware campaign attempts to evade analysis with Any.Run sandbox

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

EnemyBot malware adds new exploits to target CMS servers and Android devices

CISA’s advisory warns of notable increase in LokiBot malware

US govt agencies share details of the China-linked espionage malware Taidoor

New Coronavirus-themed malspam campaign delivers FormBook Malware

QSnatch malware infected over 62,000 QNAP NAS Devices

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

QNAP urges users to update Malware Remover after QSnatch joint alert

Poloniex forces password reset following a data leak

Cryptomining Campaign involves Golang malware to target Linux servers

Internal Revenue Service warns taxpayers of a malware campaign

Trend Micro addressed two DLL Hijacking flaws in Trend Micro Password Manager

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Masad Stealer Malware exfiltrates data via Telegram

Raccoon Malware, a success case in the cybercrime ecosystem

New APT34 campaign uses LinkedIn to deliver fresh malware

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

New strain of Clipsa malware launches brute-force attacks on WordPress sites

North Korea-linked malware ATMDtrack infected ATMs in India

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Stealthworker botnet targets Windows and Linux servers

SFO discloses data breach following the hack of 2 of its websites

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Experts uncovered hidden behavior in thousands of Android Apps

Winnti APT group uses skip-2.0 malware to control Microsoft SQL Servers

Hackers hijack D-Link and Linksys routers to point users to coronavirus-themed sites serving malware

The Challenges Facing the Passwordless Future

Necro Python bot now enhanced with new VMWare, server exploits

VF Corp December data breach impacts 35 million customers

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Stay Connected