Security Boulevard

JANUARY 17, 2022

Ukraine is again under malware attack. And the tactics look strikingly similar to 2017’s NotPetya hack by the Russian GRU. The post ‘Russian’ Wiper Malware: ‘Prelude to war’ in Ukraine appeared first on Security Boulevard.

Malware 144

Malware Hacking Social Engineering Engineering 144

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking 250

Hacking Cybercrime Ransomware Government 250

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing 309

Marketing Energy and Utilities Malware Ransomware 309

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 109

Architecture Internet Internet Malware 109

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. Fast forward to 2017. Branching attacks.

Hacking 212

Hacking Energy and Utilities System Administration Accountability 212

Security Affairs

OCTOBER 19, 2024

APT37 exploited this flaw to trick victims into downloading malware on their desktops with the toast ad program installed. organizations and individuals involved in Korean Peninsula reunification efforts); Researchers from FireEye revealed that the nation-state actor also targeted entities in Japan, Vietnam, and even the Middle East in 2017.

Internet 143

Internet Internet Engineering Malware 143

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 319

DNS Penetration Testing Malware Hacking 319

Security Affairs

DECEMBER 2, 2020

Russian-linked cyberespionage group Turla employed a new malware toolset, named Crutch, in targeted attacks aimed at high-profile targets. The Crutch framework was employed in attacks since 2015 to siphon sensitive data and transfer them to Dropbox accounts controlled by the Russian hacking group. SecurityAffairs – hacking, Crutch).

Malware 145

Malware Accountability Hacking Government 145

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

OCTOBER 30, 2023

A sophisticated malware tracked as StripedFly remained undetected for five years and infected approximately one million devices. Researchers from Kaspersky discovered a sophisticated malware, dubbed StripedFly, that remained under the radar for five years masquerading as a cryptocurrency miner. “What was the real purpose?

Malware 140

Malware Cryptocurrency Ransomware Hacking 140

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. German investigators believe that Kozachek is a member of the Russia-linked APT28 group (aka Fancy Bear), which is the same group that hacked the German Bundestag in 2015. ” continues the post.

Hacking 145

Hacking Accountability Malware Cybersecurity 145

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Pierluigi Paganini.

Ransomware 144

Ransomware Hacking Encryption Malware 144

CyberSecurity Insiders

JANUARY 17, 2022

Microsoft has issued an official warning to all IT and not-for-profit organizations, along with some critical government organizations across Ukraine, that their digital infrastructure could be targeted by a dreaded data wiping malware campaign.

Malware 139

Malware Government Technology Authentication 139

Security Affairs

JANUARY 21, 2025

Researchers found over 100 servers distributing Mirai malware and communicating with compromised IPs, indicating the campaign is ongoing. “Mirai malware, here dubbed as Murdoc Botnet, is a prominent malware family for *nix systems. It mainly targets vulnerable AVTECH and Huawei devices. ” reads the advisory.

IoT 84

IoT Malware Hacking Cybercrime 84

Security Affairs

OCTOBER 24, 2020

US Treasury Department announced sanctions against Russia’s Central Scientific Research Institute of Chemistry and Mechanics behind Triton malware. The US Treasury Department announced sanctions against a Russian research institute for its alleged role in the development of the Triton malware. ” continues the press release.

Malware 140

Malware Government Hacking Cyber Attacks 140

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 134

Malware Phishing Spyware Cyber threats 134

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. SecurityAffairs – hacking, Lemon_Duck).

Malware 145

Malware Authentication Passwords Internet 145

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. “It means that they are actively developing new malwares.

Malware 145

Malware Phishing Passwords Media 145

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It’s notable that hacks to gain access to, and maintain control of, industrial control systems are a recurring theme in cyber warfare.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 139

Malware Cryptocurrency Accountability Cybercrime 139

Schneier on Security

JULY 10, 2019

The hacking campaign, known as "Cloud Hopper," was the subject of a U.S. HPE spun-off its services arm in a merger with Computer Sciences Corporation in 2017 to create DXC. Waves of hacking victims emanate from those six plus HPE and IBM: their clients. It was much bigger than originally reported.

Identity Theft 242

Identity Theft Hacking Mobile Technology 242

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 137

Malware Internet Internet DDOS 137

Security Affairs

APRIL 12, 2024

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. The security firm pointed out that this is the first TA547 group to use this malware family. The experts also discovered the attempts of using LLM in malware campaigns.

Malware 135

Malware Social Engineering Retail Engineering 135

Security Affairs

DECEMBER 15, 2023

Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team ( GERT ) and GReAT uncovered a new multiplatform malware dubbed NKAbuse. ” reads the report published by Kaspersky.

Malware 142

Malware Architecture Technology DDOS 142

Security Affairs

MARCH 20, 2025

Threat actors exploit remote command execution to run a shell script that downloads a Mirai malware payload from a remote server. The third issue added to the KeV catalog is a directory traversal vulnerability, tracked as CVE-2017-12637 , in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5.

Backups 73

Backups Hacking Cybersecurity Malware 73

Krebs on Security

JANUARY 14, 2019

Also last week, a 30-year-old in the United Kingdom was sentenced to 32 months in jail for using an army of hacked devices to crash large portions of Liberia’s Internet access in 2016. Daniel Kaye. Photo: National Crime Agency. Daniel Kaye , an Israel-U.K. Daniel Kaye , an Israel-U.K. to face charges there.

DDOS 237

DDOS Internet Internet Spyware 237

SecureWorld News

APRIL 22, 2025

Once control is granted, the attacker can secretly install malware, including infostealers and remote access trojans (RATs), onto the victim's machine. The malware then exfiltrates sensitive data, including cryptocurrency wallet credentials, personal information, and private keys. billion hack of the Bybit exchange in February 2025.

Cryptocurrency 91

Cryptocurrency Social Engineering Cybercrime Engineering 91

Krebs on Security

MAY 28, 2020

The ad campaign follows a similar initiative launched in late 2017 that academics say measurably dampened demand for such services by explaining that their use to harm others is illegal and can land potential customers in jail. For example, search in Google for the terms “booter” or “stresser” from a U.K.

Cybercrime 295

Cybercrime DDOS Advertising Hacking 295

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. Pierluigi Paganini.

Banking 126

Banking Malware Manufacturing Business Services 126

Security Affairs

APRIL 21, 2025

. “The threat actor also used other means to distribute the malware, such as attaching the same file to emails and exploiting the Microsoft Office Equation Editor vulnerability (CVE-2017-11882) [1].” Kimsuky also used the forceCopy stealer malware to capture keystrokes and extract files from browser directories.

Phishing 80

Phishing Malware Security Intelligence Hacking 80

Security Affairs

DECEMBER 12, 2024

The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from open directories on attacker infrastructure. The surveillance tool family has been active since 2017, the experts highlighted that it requires physical access to the target device to initiate operations. .

Surveillance 66

Surveillance Mobile Spyware Malware 66

Security Affairs

FEBRUARY 28, 2022

Microsoft revealed that Ukrainian entities were targeted with a previous undetected malware, dubbed FoxBlade, several hours before the invasion. Microsoft pointed out that its experts have written signatures to detect the malware within three hours of this discovery. SecurityAffairs – hacking, FoxBlade). Pierluigi Paganini.

Malware 120

Malware DDOS Government Technology 120

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Who is Phillip Durachinsky?

Malware 123

Malware Passwords Identity Theft Data collection 123

Krebs on Security

JUNE 3, 2019

.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “ Eternal Blue ,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. “It doesn’t even have any means of spreading across networks on its own.”

Ransomware 252

Ransomware Accountability Malware Government 252

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 256

Advertising Antivirus Software Malware 256

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” SecurityAffairs – hacking, EnemyBot). The Enemybot botnet borrows the code from the Gafgyt bot and re-used some codes from the infamous Mirai botnet.

Malware 145

Malware DDOS IoT Cybercrime 145

Security Affairs

FEBRUARY 13, 2025

The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 109

Telecommunications DNS Hacking Passwords 109