2018, Accountability, Antivirus and Blog

Avast, NordVPN Breaches Tied to Phantom User Accounts

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability

Accountability VPN Software Antivirus

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. ru account and posted as him.

Ransomware

Ransomware Accountability Cybercrime Backups

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Dave Kennedy | @hackingdave. Eugene Kaspersky | @e_kaspersky.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

KrebsOnSecurity began revisiting the research into Rescator’s real-life identity in 2018, after the U.S. The story on the Flashback author featured redacted screenshots that were taken from Ika’s BlackSEO account (see image above). Department of Justice unsealed an indictment that named a different Ukrainian man as Helkern.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. In November 2018, a GandCrab affiliate posted a screenshot on the Exploit[.]in The GandCrab identity on Exploit[.]in

Ransomware

Ransomware Accountability Cybercrime Passwords

Microsoft blocked Polonium attacks against Israeli organizations

Security Affairs

JUNE 3, 2022

“POLONIUM was observed creating and using legitimate OneDrive accounts, then utilizing those accounts as C2 to execute part of their attack operation.” sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:?

Security Intelligence

Security Intelligence Antivirus Hacking Authentication

Purple Fox rootkit now bundled with Telegram installer

Malwarebytes

JANUARY 4, 2022

Then User Account Control (UAC) is disabled, specific antivirus initiations are blocked, and information about security tools on the affected system are gathered and sent to a hardcoded command and control (C2) address. It downloads and executes more files, which get deleted after they have done their work. Purple Fox background.

Artificial Intelligence

Artificial Intelligence Malware Antivirus Phishing

VSDC video editing software website hacked again

Security Affairs

APRIL 11, 2019

” reads the blog post published by Dr. Web. The malware is able to steal information from web browsers, Microsoft accounts, several messenger services, and some other programs. In July 2018, experts from Chinese security firm Qihoo 360 Total Security discovered that attackers hijacked the download links of the VSDC website.

Software

Software Hacking Banking Malware

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and social media and online messaging accounts and monetization via advertisements. Please nominate Security Affairs as your favorite blog. 231 banking malware.

Mobile

Mobile Advertising Malware Cybercrime

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

An online search for the term “yehuo” reveals an account on the Chinese Software Developer Network which uses that same nickname and references the domain blazefire[.]com. In July 2017, Russian antivirus vendor Dr.Web published research showing that Triada had been installed by default on at least four low-cost Android models.

Mobile

Mobile Technology Manufacturing Malware

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. Also, see the blog post - The Ransomware Group Tactics which Maximise their Profitability. Microsoft Antivirus Now Automatically Mitigates Exchange Server Vulnerability.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

An online search for the term “yehuo” reveals an account on the Chinese Software Developer Network which uses that same nickname and references the domain blazefire[.]com. In July 2017, Russian antivirus vendor Dr.Web published research showing that Triada had been installed by default on at least four low-cost Android models.

Mobile

Mobile Technology Manufacturing Software

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

SEPTEMBER 8, 2018

The unwanted behavior was spotted by a security researcher that goes online with Twitter account Privacy 1st , he discovered that Adware Doctor would gather browsing history from the Safari, Chrome, and the Firefox browsers, the search history on the App Store, and a list of running processes. Antivirus”, and ‘Dr.

Adware

Adware DNS Malware Advertising

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Security Affairs

APRIL 10, 2019

That file was delivered via malscam campaigns around the world and its source-code is obfuscated in order to evade antivirus detection and complicate its analysis. The latter leverages the WinRar/Ace vulnerability ( CVE-2018-20250 ) dropping the malware itself into the Windows startup folder.

Banking

Banking Malware Antivirus Cyber threats

Spam and phishing in 2020

SecureList

FEBRUARY 15, 2021

The email antivirus was triggered most frequently by email messages containing members of the Trojan.Win32.Agentb Contact us to lose your money or account! Theft of work accounts and infecting of office computers with malware in targeted attacks are the main risk that companies have faced this year. Agentb malware family.

Phishing

Phishing Malware Scams Accountability

Attacks against machine learning — an overview

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. Adversarial inputs include malicious documents designed to evade antivirus, and emails attempting to evade spam filters. This series of posts is modeled after the talk I gave at RSA 2018. second post.

Accountability

Accountability Artificial Intelligence Engineering Retail

IT threat evolution in Q2 2021. PC statistics

SecureList

AUGUST 12, 2021

Web antivirus recognized 675,832,360 unique URLs as malicious. Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 119,252 unique users. Our file antivirus detected 68,294,298 unique malicious and potentially unwanted objects. Geography of threats for macOS. Local threats.

Adware

Adware Malware Ransomware IoT

Attacks against machine learning — an overview

Elie

MAY 30, 2018

This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them. Adversarial inputs include malicious documents designed to evade antivirus, and emails attempting to evade spam filters. This series of posts is modeled after the talk I gave at RSA 2018. second post.

Accountability

Accountability Artificial Intelligence Engineering Retail

RM3 – Curiosities of the wildest banking malware

Fox IT

MAY 4, 2021

But if you would like to understand the rather tortured history of this particular malware a little better, the research and blog posts on the subject by Check Point are a good starting point. Around 2018/2019, Sagrid actively spread malware in Australia and New Zealand, using advanced techniques to deliver it to their victims.

Banking

Banking Malware Encryption Architecture

Sunburst backdoor – code overlaps with Kazuar

SecureList

JANUARY 11, 2021

On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In a previous blog, we dissected the method used by Sunburst to communicate with its C2 server and the protocol by which victims are upgraded for further exploitation.

Malware

Malware Media Internet Internet

Cyber Security Informer

Avast, NordVPN Breaches Tied to Phantom User Accounts

A Closer Look at the Snatch Data Ransom Group

Webinars

Trending Sources

Top Cybersecurity Accounts to Follow on Twitter

Webinars

Ten Years Later, New Clues in the Target Breach

Who’s Behind the GandCrab Ransomware?

Microsoft blocked Polonium attacks against Israeli organizations

Purple Fox rootkit now bundled with Telegram installer

VSDC video editing software website hacked again

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Tracing the Supply Chain Attack on Android

Cyber Security Roundup for April 2021

Tracing the Supply Chain Attack on Android

Apple removed the popular app Adware Doctor because steals user browsing history

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Spam and phishing in 2020

Attacks against machine learning — an overview

IT threat evolution in Q2 2021. PC statistics

Attacks against machine learning — an overview

RM3 – Curiosities of the wildest banking malware

Sunburst backdoor – code overlaps with Kazuar

Stay Connected