SecureList

NOVEMBER 18, 2022

In another, they were able to compromise a WebLogic server through an exploit for the CVE-2017-10271 vulnerability, which ultimately allowed them to run a script. We believe DeathStalker to be a group of mercenaries, offering hack-for-hire services, or acting as an information broker to support competitive and financial intelligence efforts.

Malware 111

Malware Computers and Electronics Adware Cryptocurrency 111

SecureList

MAY 31, 2021

Further investigation of the Sunburst backdoor revealed several features that overlap with a previously identified backdoor known as Kazuar , a.NET backdoor first reported in 2017 and tentatively linked to the Turla APT group. Most malicious objects detected for the macOS platform are adware. Secondhand news.

Malware 110

Malware Adware Encryption Architecture 110

SecureList

AUGUST 15, 2022

Cybercriminals were spreading malicious documents that exploited CVE-2017-11882 and CVE-2018-0802 , which are the best-known vulnerabilities in the Equation Editor component. For instance, a new APT group Earth Berberoka (GamblingPuppet) that specializes in hacking online casinos, uses malware for Windows, Linux, and macOS.

Mobile 65

Mobile Adware Malware Ransomware 65

SecureList

MAY 27, 2022

These are CVE-2017-11882 and CVE-2018-0802 , which cause a buffer overflow when processing objects in a specially crafted document in the Equation Editor component and ultimately allow an attacker to execute arbitrary code. Adware from the Pirrit family was encountered most frequently out of all macOS threats in the listed countries.

Mobile 113

Mobile Adware Ransomware Malware 113

SecureList

JUNE 7, 2023

The most-exploited vulnerabilities in that category were the following: CVE-2017-11882 and CVE-2018-0802 : Equation Editor vulnerabilities that allow corrupting application memory during formula processing to then run arbitrary code in the system. CVE-2017-0199 that allows using MS Office to load malicious scripts. 2 AdWare.OSX.Amc.e

Mobile 69

Mobile Ransomware Malware Adware 69

SecureList

NOVEMBER 26, 2021

According to the hacking forum XSS, the group’s former public representative known as UNKN “disappeared”, and the malware developers, failing to find him, waited awhile and restored the Trojan infrastructure from backups. Spain and India came in second and third, with the Pirrit family adware as their prevalent threat.

Malware 105

Malware Adware Ransomware IoT 105

Krebs on Security

JULY 16, 2019

It is allowed to host: ordinary sites, doorway pages, satellites, codecs, adware, tds, warez, pharma, spyware, exploits, zeus, IRC, etc. Here’s a snippet from one of Yalishanda’s advertisements to a cybercrime forum in 2011, when he was running a bulletproof service under the domain real-hosting[.]biz: and Europe.

Cybercrime 186

Cybercrime Phishing Banking Malware 186

SecureList

NOVEMBER 18, 2022

LockBit themselves attributed the leakage to one of their developers’ personal initiative, not the group’s getting hacked. As usual, our TOP 20 ranking for biggest threats encountered by users of Kaspersky security solutions for macOS were dominated by adware. One way or another, the LockBit 3.0 AdWare.OSX.Amc.e,

Mobile 96

Mobile Malware Ransomware IoT 96

SecureList

MAY 26, 2021

Cybercriminals create such sites on purpose, and web resources with user-created content (for example, forums), as well as hacked legitimate resources, can be infected. Overall, during the reporting period, adware and its components were registered on 89.60% of users’ computers on which Web Anti-Virus was triggered.

Phishing 138

Phishing Malware Ransomware Adware 138

SecureList

DECEMBER 1, 2023

Adware programs and fake system accelerators remained the main threat to macOS users in Q3. Cybercriminals create such sites on purpose; they can infect hacked legitimate resources as well as web resources with user-created content, such as forums. TOP 20 threats for macOS Verdict %* 1 AdWare.OSX.Agent.ai 2 AdWare.OSX.Pirrit.ac

Mobile 85

Mobile Ransomware Malware Adware 85

SecureList

AUGUST 30, 2023

The most frequently exploited vulnerabilities were as follows: CVE-2017-11882 and CVE-2018-0802: Equation Editor vulnerabilities that allow corrupting application memory during formula processing to then run arbitrary code in the system CVE-2017-0199 allows using MS Office to load malicious scripts. 2 AdWare.OSX.Agent.gen 8.54

Mobile 82

Mobile Ransomware Malware Adware 82