Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 102

Malware Internet Internet DDOS 102

Krebs on Security

MAY 18, 2020

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. is cybercrime forum.

Malware 308

Malware Cybercrime Ransomware Marketing 308

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Who is Phillip Durachinsky?

Malware 89

Malware Passwords Identity Theft Data collection 89

Security Affairs

DECEMBER 15, 2023

Experts uncovered a new Go-based multi-platform malware, tracked as NKAbuse, which is the first malware abusing NKN technology. Researchers from Kaspersky’s Global Emergency Response Team ( GERT ) and GReAT uncovered a new multiplatform malware dubbed NKAbuse. ” reads the report published by Kaspersky.

Malware 114

Malware Architecture Technology DDOS 114

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 111

Malware Cryptocurrency Accountability Cybercrime 111

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 260

Hacking Social Engineering Phishing Scams 260

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The name ‘Nazar’ comes from the debug paths he found in the dump alongside Farsi resources in some of the malware droppers. SecurityAffairs – Nazar, hacking).

Hacking 106

Hacking Advertising Malware Engineering 106

CyberSecurity Insiders

JANUARY 17, 2022

Microsoft has issued an official warning to all IT and not-for-profit organizations, along with some critical government organizations across Ukraine, that their digital infrastructure could be targeted by a dreaded data wiping malware campaign.

Malware 139

Malware Government Technology Authentication 139

Penetration Testing

DECEMBER 14, 2023

Dubbed “NKAbuse,” this novel threat harnesses the power of the NKN (New Kind of Network)... The post NKAbuse: Go-Powered Malware Floods & Hacks, Targets Linux & Beyond appeared first on Penetration Testing.

Penetration Testing 45

Penetration Testing Malware Hacking Cyber threats 45

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. German investigators believe that Kozachek is a member of the Russia-linked APT28 group (aka Fancy Bear), which is the same group that hacked the German Bundestag in 2015. ” continues the post.

Hacking 134

Hacking Accountability Malware Cybersecurity 134

Schneier on Security

JANUARY 22, 2018

Kaspersky Labs is reporting on a new piece of sophisticated malware: We observed many web landing pages that mimic the sites of mobile operators and which are used to spread the Android implants. The activities continue: the most recently observed domain was registered on October 31, 2017. It seems to be Italian. BoingBoing post.

Malware 150

Malware Government Spyware Hacking 150

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking 188

Hacking Cybercrime Ransomware Government 188

Security Affairs

JANUARY 16, 2023

Netlab 360 observed unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. Researchers from Qihoo Netlab 360 reported that unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. SecurityAffairs – hacking, malware).

Malware 95

Malware Encryption Authentication Hacking 95

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. ” concludes the report.

Malware 91

Malware Phishing Banking Hacking 91

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Malware 113

Malware Authentication Threat Detection Government 113

CyberSecurity Insiders

NOVEMBER 24, 2022

Well, it’s because of privacy concerns, as hackers can hack the camera and see what a person is doing in front of the screen or get a glimpse of what was happening in front of the camera placed in a room or office. Now coming to the main point, i.e., how is this hacking takes place? Similar to extortion tactics….

Hacking 104

Hacking Media Internet Internet 104

CyberSecurity Insiders

FEBRUARY 18, 2022

According to a research conducted by Proofpoint, cybersecurity researchers have been targeting the servers operating in aerospace and defense sector with a Trojan malware and the hacking group behind the incident has been dubbed as TA2541.

Malware 98

Malware Phishing Hacking Cybersecurity 98

CyberSecurity Insiders

JUNE 28, 2022

The anti-malware firm is linking the attackers to a Chinese group of Threat Actors and confirmed that the threat actors have interests in targeting SMBs from Asian countries as often such companies do not have enough resources to tackle such attacks.

Malware 111

Malware Telecommunications Surveillance Cyber threats 111

Security Affairs

FEBRUARY 28, 2022

Microsoft revealed that Ukrainian entities were targeted with a previous undetected malware, dubbed FoxBlade, several hours before the invasion. Microsoft pointed out that its experts have written signatures to detect the malware within three hours of this discovery. SecurityAffairs – hacking, FoxBlade). Pierluigi Paganini.

Malware 108

Malware DDOS Government Technology 108

Security Affairs

OCTOBER 16, 2020

The Google Cloud team revealed that in September 2017 it has mitigated DDoS attack that reached 2.54 The Google Cloud team revealed that back in September 2017 it has mitigated a powerful DDoS attack that clocked at 2.54 Tbps DDoS in September 2017, the culmination of a six-month campaign that utilized multiple methods of attack.

DDOS 101

DDOS DNS Advertising Engineering 101

SiteLock

AUGUST 27, 2021

eCommerce Growth Hacks. He shared what SiteLock has learned about malware since 2008, and from scanning 6 million websites daily. One example of the data shared was that 80% of malware is found within the first 25 pages of a website. It wasn’t until 2002 when Rami saw major success again with Spider-Man.

B2C 98

B2C eCommerce Malware Marketing 98

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Pierluigi Paganini.

Ransomware 128

Ransomware Hacking Encryption Malware 128

Security Affairs

JULY 2, 2019

US Cyber Command posted on Twitter an alert about cyber attacks exploiting the CVE-2017-11774 vulnerability in Outlook. Yesterday I was using Twitter when I noticed the following alert issued by the account managed by the US Cyber Command : USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching.

Energy and Utilities 84

Energy and Utilities Malware Advertising InfoSec 84

Security Affairs

DECEMBER 2, 2020

Russian-linked cyberespionage group Turla employed a new malware toolset, named Crutch, in targeted attacks aimed at high-profile targets. The Crutch framework was employed in attacks since 2015 to siphon sensitive data and transfer them to Dropbox accounts controlled by the Russian hacking group. SecurityAffairs – hacking, Crutch).

Malware 123

Malware Accountability Hacking Government 123

CyberSecurity Insiders

JUNE 17, 2021

And information is out that the campaign could have started by a hacking group dubbed Ferocious Kitten that has been active since 2015 and was conducting spying through a highly sophisticated malware named MarkiRAT. . Why the malware spreading hackers are targeting only Persian-speaking people is yet to be revealed to the public.

Malware 118

Malware Surveillance Antivirus Software 118

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. Pierluigi Paganini.

Banking 100

Banking Malware Manufacturing Business Services 100

Security Affairs

JANUARY 6, 2024

billion claim arising from the NotPetya malware incident. billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. In August 2017, the pharmaceutical company revealed that the massive NotPetya cyberattack disrupted its worldwide operations. Merck and its insurers have agreed with a $1.4

Insurance 114

Insurance Manufacturing Ransomware Healthcare 114

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” SecurityAffairs – hacking, EnemyBot). The Enemybot botnet borrows the code from the Gafgyt bot and re-used some codes from the infamous Mirai botnet.

Malware 143

Malware DDOS IoT Cybercrime 143

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. “It means that they are actively developing new malwares.

Malware 121

Malware Phishing Passwords Media 121

Security Affairs

MAY 14, 2020

Experts discovered a new strain of malware dubbed Ramsay that can infect air-gapped computers and steal sensitive data, including Word, PDF, and ZIP files. The malware was specifically designed to jump the air gap and reach computers withing the isolated networks to steal sensitive information. gapped networks.” The Ramsay v2.a

Malware 111

Malware Advertising Hacking 111

Security Affairs

APRIL 28, 2024

A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike. The researchers pointed out that the use of the “script:” prefix demonstrates the exploitation of the vulnerability CVE-2017-8570 , a bypass for CVE-2017-0199. 617766616773726468746672726a6834.html,”

VPN 116

VPN Hacking Engineering Information Security 116

Security Affairs

JUNE 10, 2019

Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, just opening the RTF documents. The spam messages are sent in various European languages, threat actors are exploiting the Microsoft Office and Wordpad CVE-2017-11882 vulnerability. Pierluigi Paganini.

Security Intelligence 72

Security Intelligence Advertising Malware Information Security 72

Security Affairs

JUNE 19, 2020

New AcidBox Malware employed in targeted attacks leverages an exploit previously associated with the Russian-linked Turla APT group. Palo Alto Networks researchers analyzed a new malware, dubbed AcidBox, that was employed in targeted attacks and that leverages an exploit previously associated with the Russian-linked Turla APT group.

Malware 114

Malware InfoSec Advertising Hacking 114

The Hacker News

FEBRUARY 15, 2022

Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems.

Manufacturing 101

Manufacturing Hacking Phishing Malware 101

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. SecurityAffairs – hacking, Lemon_Duck).

Malware 141

Malware Authentication Passwords Internet 141

Security Affairs

JANUARY 17, 2024

CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to warn of AndroxGh0st malware. ” reads the advisory. ” reported Lacework.

Malware 98

Malware Cybersecurity Hacking Information Security 98

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. SecurityAffairs – hacking, Log4Shell).

Malware 86

Malware Telecommunications DNS Hacking 86