The Hacker News

JULY 17, 2023

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It

Malware 95

Malware Phishing 95

Security Affairs

MAY 7, 2020

” The activity of the group was detailed in a report published by Kaspersky in 2015, but in the last five years, the group drastically changed its modus operandi to go silent. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the report. Pierluigi Paganini.

Government 90

Government Advertising Technology Hacking 90

Bleeping Computer

JANUARY 17, 2024

A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes worldwide since at least 2015. [.]

Cybercrime 119

Cybercrime Malware 119

Security Affairs

DECEMBER 12, 2023

Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang -based malware families. Two of these malware strains are remote access trojans (RATs), respectively tracked as NineRAT and “DLRAT” The former relies on Telegram bots and channels for C2 communications.

Malware 106

Malware Data collection Healthcare Manufacturing 106

Security Affairs

OCTOBER 22, 2020

The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The attackers used a sophisticated strain of malware to violated the Bundestag network and syphoned sensitive data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 78

Hacking Cyber Attacks Identity Theft Government 78

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. A malware campaign conducted by alleged Russian threat actors has been targeting users in Eastern European in the crypto industry. ” continues the report. Stolen data are exfiltrated through Telegram.

Cryptocurrency 86

Cryptocurrency Malware Media Phishing 86

Penetration Testing

APRIL 17, 2024

Cisco Talos security researchers have uncovered a persistent, multi-component virus known as OfflRouter that has been quietly infecting Ukrainian systems and stealing sensitive documents since 2015.

Penetration Testing 103

Penetration Testing Malware 103

Security Affairs

OCTOBER 19, 2020

Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. GravityRAT is a malware strain known for checking the CPU temperature of Windows computers to avoid being executed in sandboxes and virtual machines. Pierluigi Paganini.

Malware 117

Malware Computers and Electronics Spyware Advertising 117

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware 228

Malware Passwords Accountability Advertising 228

The Hacker News

AUGUST 18, 2022

A.NET-based evasive crypter named DarkTortilla has been used by threat actors to distribute a broad array of commodity malware as well as targeted payloads like Cobalt Strike and Metasploit, likely since 2015. "It

Malware 98

Malware Cybersecurity 98

Schneier on Security

JANUARY 22, 2018

Kaspersky Labs is reporting on a new piece of sophisticated malware: We observed many web landing pages that mimic the sites of mobile operators and which are used to spread the Android implants. These domains have been registered by the attackers since 2015. It seems to be Italian. BoingBoing post.

Malware 150

Malware Government Spyware Hacking 150

Malwarebytes

FEBRUARY 14, 2024

They tested Malwarebytes by executing a repository of 2015 “malicious” files to see how many Malwarebytes would detect. Malwarebytes missed 34 out of those 2015 files, giving us a score of 98.31%. About a month ago, The PC Security Channel (TPSC) ran a test to check out the detection capabilities of Malwarebytes.

Malware 83

Malware Risk Cybersecurity 83

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware 97

Malware Cybercrime Banking Hacking 97

Security Affairs

JUNE 29, 2023

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year.

Malware 86

Malware Cybercrime Phishing Internet 86

Security Affairs

NOVEMBER 22, 2020

Two Romanians arrested for running three malware services. Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. DataProtector was launched in 2015, while CyberScan was launched in 2019. Pierluigi Paganini.

Malware 132

Malware Antivirus Cybercrime Software 132

Malwarebytes

MAY 25, 2022

Based on a case study in 2015 , Akamai strengthened the theory that the malware may be of Asian origin based on its targets. Microsoft said that XorDDoS continues to home on Linux-based systems, demonstrating a significant pivot in malware targets. MMD believed the Linux Trojan originated in China.

Malware 137

Malware IoT DDOS DNS 137

CyberSecurity Insiders

JUNE 17, 2021

And information is out that the campaign could have started by a hacking group dubbed Ferocious Kitten that has been active since 2015 and was conducting spying through a highly sophisticated malware named MarkiRAT. . Why the malware spreading hackers are targeting only Persian-speaking people is yet to be revealed to the public.

Malware 118

Malware Surveillance Antivirus Software 118

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. Several former customers of his took to Hackforums[.]net

Malware 198

Malware Advertising Marketing System Administration 198

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware 126

Malware Advertising Cryptocurrency Cybercrime 126

Heimadal Security

DECEMBER 2, 2021

Emotet is a malware known as a banking Trojan. Malspam, which are spam emails that contain malware, is the primary means by which it spreads. Since 2015, Emotet started assaulting the United […]. Since 2015, Emotet started assaulting the United […].

Malware 80

Malware Banking Phishing Cybersecurity 80

SiteLock

AUGUST 27, 2021

If you take basic security measures like a web application firewall and malware scanner, defacements can be avoided. Additionally, SiteLock offers services to help with hacks like the TrueShield firewall to help prevent harm, and the INFINITY malware scanner to clean up the malicious content they added. Preventing A Website Defacement.

Backups 52

Backups Firewall Hacking Malware 52

CyberSecurity Insiders

MARCH 28, 2023

The malware is primarily used to steal sensitive information, such as login credentials and financial information, from victims. The Dridex malware typically spreads through spam email campaigns, with the emails containing a malicious attachment or link that, when clicked, will install the malware on the victim's computer.

Banking 78

Banking Malware Backups Education 78

Security Boulevard

JUNE 1, 2023

This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. The post Ask Fitis, the Bear: Real Crooks Sign Their Malware appeared first on Security Boulevard.

Malware 52

Malware Marketing Software Authentication 52

Security Affairs

JULY 26, 2020

A new version of the REMnux Linux toolkit for malware analysts is available for download, it includes a huge set of tools for professionals. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

Malware 124

Malware Advertising Software Engineering 124

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware 138

Malware Advertising Passwords Cryptocurrency 138

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Malware 137

Malware Cryptocurrency Advertising Accountability 137

Security Affairs

OCTOBER 25, 2020

Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute. "Abaddon"

Malware 134

Malware Advertising Ransomware Encryption 134

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. The government says between July 2012 and Sept.

Banking 171

Banking Malware Advertising Government 171

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” The post EnemyBot malware adds new exploits to target CMS servers and Android devices appeared first on Security Affairs. LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware 142

Malware DDOS IoT Cybercrime 142

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering 141

Engineering Malware Adware Antivirus 141

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware 122

Malware Advertising Government Cryptocurrency 122

Security Affairs

MARCH 26, 2020

Crooks behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites. behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites. ” concludes Bleeping Computer. Pierluigi Paganini.

Malware 115

Malware Advertising Information Security Hacking 115

CSO Magazine

OCTOBER 11, 2021

According to the Ponemon Institute's 2021 Global Encryption Trends Study, 50% of organizations have an encryption plan consistently applied across their entire environment—up from around 40% in 2015, and 25% in 2010. There are two common approaches to restoring traffic visibility: To read this article in full, please click here

Encryption 95

Encryption Malware 95

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware 122

Malware Encryption Advertising Passwords 122

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 104

Banking Malware Advertising Passwords 104

Security Affairs

AUGUST 13, 2020

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group.

Malware 136

Malware Advertising IoT Government 136

Security Affairs

JULY 9, 2020

Researchers from Malwarebytes have found yet another phone with pre-installed malware via the Lifeline Assistance program sold in the United States. Researchers at Malwarebytes have found malware pre-installed on smartphones sold in the United States, this is the second time as documented in a report published in January.

Malware 132

Malware Wireless Mobile Advertising 132