2018, Antivirus, DNS and Hacking - Cyber Security Informer

2018

Antivirus

DNS

Hacking

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. The registration records for the website Cryptor[.]biz ” Crypt[.]guru’s

Malware

Malware Antivirus Cybercrime Hacking

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

“While the Windows system is in safe mode antivirus software doesn’t work. The researchers started investigating the threat after they became aware that the malware was disabling and uninstalling its antivirus from infected devices. “It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Antivirus

Antivirus Cryptocurrency Malware Software

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. SecurityAffairs – Fortinet, hacking). Pierluigi Paganini.

Encryption

Encryption Antivirus DNS Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts pointed out that the number of infected systems could be far greater because data provided by AVAST are only related to systems running their antivirus solution. Pierluigi Paganini.

DNS

DNS Cryptocurrency Internet Internet

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These two software are currently unknown to most if not all antivirus companies.” “Using the internal router, it would be possible to poison the DNS cache of the LAN router of the infected node, enabling further attacks.” The Exe Clean service made malware look like goodware to antivirus products.

VPN

VPN Computers and Electronics Antivirus Software

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

The cybercrime organization was first spotted in April 2018 by researchers at Cisco Talos, earlier 2019 researchers from Palo Alto Networks Unit42 found new malware samples used by the Rocke group for cryptojacking that uninstalls from Linux servers cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud.

Cybercrime

Cybercrime DNS Malware Advertising

FIN7 Hackers group is back with a new loader and a new RAT

Security Affairs

OCTOBER 12, 2019

FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. The messages sent to the victims were also dropping the backdoor DNSbot that primarily operates over DNS traffic. SecurityAffairs – FIN7, hacking).

Identity Theft

Identity Theft Hacking Advertising DNS

The return of the AdvisorsBot malware

Security Affairs

FEBRUARY 1, 2019

Security experts at Cybaze – Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. Last DNS activity was in December 2018. Figure 14 – previous DNS of C2. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”.

Malware

Malware DNS Social Engineering Advertising

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

SEPTEMBER 8, 2018

PoC: [link] #malware #virus #MacOS #Apple #MacBook #MacBookPro #CyberSecurity #privacy #GDPR #Hacking #hackers #cyberpunk #Alert. — Privacy 1st (@privacyis1st) August 20, 2018. Antivirus”, and ‘Dr. Adware Doctor is stealing your privacy. Below a video created by Privacy_1st to show his findings.

Adware

Adware DNS Malware Advertising

How to Improve Email Security for Enterprises & Businesses

eSecurity Planet

JUNE 8, 2023

Unfortunately, text-based email protocols are extremely vulnerable to hacking and email has become the primary vector for cyber attacks. It can be time consuming to establish these protocols on an organization’s DNS servers, but doing so will provide two key benefits. Most organizations use email as a basic communication method.

Firewall

Firewall DNS Authentication Malware

Who’s In Your Online Shopping Cart?

Krebs on Security

NOVEMBER 4, 2018

Crooks who hack online merchants to steal payment card data are constantly coming up with crafty ways to hide their malicious code on Web sites. Zoobashop is also a presently hacked e-commerce site. In September, Symantec said it blocked almost a quarter of a million instances of attempted formjacking since mid-August 2018.

Antivirus

Antivirus Hacking DNS Internet

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. Lots of accounts including Bezos, Elon Musk, Joe Biden, Barack Obama, Bill Gates, Mr Beast, and a ton more getting hacked for a bitcoin scheme. — Jack Daniel (@jack_daniel) October 10, 2018.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

Vulnerability in Medtronic insulin pumps allow hacking devices. Firefox finally addressed the Antivirus software TLS Errors. Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Is Your Browser Secure? Bangladesh Cyber Heist 2.0:

Scams

Scams Spyware DNS Advertising

APT trends report Q1 2021

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose. Other interesting discoveries.

Malware

Malware Spyware Government Social Engineering

Indictment, Lawsuits Revive Trump-Alfa Bank Story

Krebs on Security

SEPTEMBER 23, 2021

Since 2018, access to an exhaustive report commissioned by the U.S. The data at issue refers to communications traversing the Domain Name System (DNS), a global database that maps computer-friendly coordinates like Internet addresses (e.g., DNS lookups from Alfa Bank constituted the majority of those requests. trump-email.com).

Banking

Banking DNS Internet Internet

Why Malware Crypting Services Deserve More Scrutiny

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Webinars

Trending Sources

Some Fortinet products used hardcoded keys and weak encryption for communications

Webinars

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

A Deep Dive Into the Residential Proxy Service ‘911’

Chinese-speaking cybercrime gang Rocke changes tactics

FIN7 Hackers group is back with a new loader and a new RAT

The return of the AdvisorsBot malware

Apple removed the popular app Adware Doctor because steals user browsing history

How to Improve Email Security for Enterprises & Businesses

Who’s In Your Online Shopping Cart?

Top Cybersecurity Accounts to Follow on Twitter

Security Affairs newsletter Round 221 – News of the week

APT trends report Q1 2021

Indictment, Lawsuits Revive Trump-Alfa Bank Story

Stay Connected