Security Affairs

APRIL 30, 2021

The weaponized RTF documents generated with the exploit builder are able to trigger the CVE-2017-11882 , CVE-2018-0798 , CVE-2018-0802 vulnerabilities in Microsoft’s Equation Editor. This tool was widely adopted by several China-linked threat actors, including Tick , Tonto Team and TA428. ” continues the report.

Phishing 132

Phishing Malware Antivirus Encryption 132

Krebs on Security

SEPTEMBER 30, 2023

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running. Details after contacting on jabber: truniger@xmpp[.]jp.”

Ransomware 218

Ransomware Accountability Cybercrime Backups 218

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 197

Advertising Antivirus Software Malware 197

Security Affairs

FEBRUARY 7, 2020

The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Ransomware operators leverage a custom antivirus killing p ackage that is delivered to workstations to disable security solution before starting encryption. ” reads the report published by Sophos.

Software 122

Software Ransomware Antivirus Encryption 122

Security Affairs

OCTOBER 17, 2018

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. At a first sight, the office document had an encrypted content available on OleObj.1 And why the attacker used an encrypted payload if the victim cannot open it? 1 and OleObj.2.

Malware 87

Malware Computers and Electronics Encryption Penetration Testing 87

Spinone

NOVEMBER 11, 2018

With every new type of crypto or locker , the hash sum is changed, so an antivirus that is effective against one malware family will be ineffective a few months later against another type of ransomware. Here is a step-by-step sequence of the Google Drive encryption process and the Spinbackup Ransomware Protection flow.

Ransomware 40

Ransomware Backups Encryption Antivirus 40

eSecurity Planet

MARCH 1, 2023

Wireless security is critical because these networks are subject to eavesdropping, interception, data theft, denial of services ( DoS ) assaults, and malware infestations. WPA2 is the most widely used protocol because it uses the AES encryption technique for improved security.

Wireless 89

Wireless Encryption Authentication IoT 89

CyberSecurity Insiders

JANUARY 6, 2023

First launched in 2004 and updated most recently in 2018, the PCI Data Security (PCI DSS) standard is continually updated to reflect the evolving challenges of the cyberthreat landscape. Requirement 4: Less specificity on the type of encryption used means your organization is freer to follow industry best practices. and PCI v4.0:

Antivirus 138

Antivirus Retail Software Accountability 138

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. This malware employed a custom EternalBlue SMBv1 exploit to infiltrate its victims’ systems.

Malware 107

Malware DNS Encryption Cryptocurrency 107

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The second half of 2018 saw a drop in the number of malicious programs downloaded via browsers reaching its minimum at less than 5%, while in the first half of 2019 only every 19 th download was initiated via means other than email.

Ransomware 72

Ransomware Antivirus Malware Banking 72

Security Affairs

AUGUST 3, 2020

He allegedly subscribed the GandCrab ransomware-as-a-service to create his own version of the malware and spread it running a spam campaign. The GandCrab ransomware-as-a-service first emerged from Russian crime underground in early 2018. ransom amount, individual bots and encryption masks). SecurityAffairs – hacking, malware).

Ransomware 119

Ransomware Advertising Malware Hacking 119

Security Affairs

MARCH 19, 2019

rar) spread by #WinRAR exploit ( #CVE -2018-20250). The vulnerability, tracked as CVE-2018-20250, was discovered by experts at Check Point in February, it could allow an attacker to gain control of the target system. At the moment of writing, 29 antivirus engines detect JNEC.a Possibly the first #ransomware (vk_4221345.rar)

Ransomware 73

Ransomware Antivirus Encryption Advertising 73

SecureList

DECEMBER 1, 2023

To exfiltrate data and deliver next-stage malware, the attackers abuse cloud-based data storage, such as Dropbox or Yandex Disk, as well as a temporary file sharing service. libssl.dll or libcurl.dll was statically linked to implants to implement encrypted C2 communications. org domain did not occur in all cases.

Malware 91

Malware Ransomware Encryption Energy and Utilities 91

Security Affairs

AUGUST 20, 2018

The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. During the analysis time, only really few Antivirus (6 out of 60) were able to “detect” the sample. AntiVirus Coverage. Resource (a.k.a package in where it will be contextualized).

Engineering 64

Engineering Malware Computers and Electronics Penetration Testing 64

Security Affairs

JULY 25, 2019

“We have discovered a new version of WatchBog—a cryptocurrency-mining botnet operational since late 2018—that we suspect has compromised more than 4,500 Linux machines in newer campaigns taking place since early June.” ” reads a blog post published by Intezer. The new WatchBog variant, actively distributed since June.

Cryptocurrency 71

Cryptocurrency Internet Internet Malware 71

Security Affairs

APRIL 27, 2020

Unlike other ransomware strains that don’t encrypt victims in Russia and other CIS countries, Shade also targets computers in Russia and Ukraine. We are also publishing our decryption soft; we also hope that, having the keys, antivirus companies will issue their own more user-friendly decryption tools.”

Ransomware 120

Ransomware Advertising Antivirus Education 120

eSecurity Planet

FEBRUARY 16, 2021

All of your files are encrypted with RSA-2048 and AES-128 ciphers.” ” Or you might see a readme.txt stating, “Your files have been replaced by these encrypted containers and aren’t accessible; you will lose your files on [enter date] unless you pay $2500 in Bitcoin.” IMPORTANT INFORMATION !!!

Ransomware 97

Ransomware Backups Software Encryption 97

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. Install and regularly update antivirus and anti-malware software on all hosts. Any attempts to install or run this program and its associated files should be prevented.

Passwords 66

Passwords Government Firmware Accountability 66

Security Affairs

SEPTEMBER 15, 2019

At every turn in the infection chain, the malware uses legitimate services to evade detection. ” The Astaroth Trojan was first spotted by security firm Cofense in late 2018 when it was involved in a campaign targeting Europe and Brazil. According to the experts, LOLbins are very effecting in evading antivirus software. .

Phishing 82

Phishing Malware Encryption Network Security 82

Security Affairs

OCTOBER 12, 2019

In August 2018, three members of the notorious cybercrime gang have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. Fin7 is suspected to have hit more than 100 US companies, most of them in the restaurant, hospitality, and industries.

Identity Theft 76

Identity Theft Hacking Advertising DNS 76

SC Magazine

JUNE 25, 2021

Malicious hackers are increasingly mobbing the video game industry, with major companies suffering data breaches, having their source code sold or leaked online and games serving as playgrounds to push malware or mine cryptocurrencies. billion attacks tracked by the company across different countries.

Computers and Electronics 121

Computers and Electronics Media Marketing Cryptocurrency 121

Pentester Academy

FEBRUARY 23, 2023

It targeted Microsoft Windows operating system by encrypting the data on the victim’s machine and seeking ransom in exchange for a promise to decrypt all the encrypted files and potentially undo the damage, but that’s far from the truth, as we discuss further! Ransomware damages would cost the world $5 billion (USD) in 2017.

Ransomware 52

Ransomware Encryption Cryptocurrency Banking 52

Security Affairs

APRIL 10, 2019

SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. With that, criminals achieved an important rule of thumb in the malware landscape: no detection.

Banking 61

Banking Malware Antivirus Cyber threats 61

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. According to the experts, the operation is in a consolidation stage, first samples date back to November 2018, with a massive spike in December and January.

Spyware 72

Spyware Adware Malware Accountability 72

Security Affairs

FEBRUARY 7, 2019

Extracting the macro code, shows the malware, in the first instance, checks the victim country using the Application.International MS Office property. As shown in the above figure, the malware tries to download an image from at least one of two embedded URLs: [link] [link]. Part of network traffic containing some encrypted data.

Banking 90

Banking Malware Advertising Encryption 90

SecureList

NOVEMBER 26, 2021

The PyInstaller module for Windows contains a script named “Guard” Interestingly, this malware was developed for both Windows and macOS operating systems. The malware tries to spread to other hosts on the network by infecting USB drives. After this, they were tricked into downloading previously unknown malware.

Malware 86

Malware Banking Energy and Utilities Accountability 86

Security Affairs

MARCH 2, 2019

SI-LAB captured a piece of the FlawedAmmyy malware that leverages undetected XLM macros as an Infection Vehicle to compromise user’s devices. This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines.

Malware 85

Malware Antivirus Technology Phishing 85

SecureList

MAY 31, 2021

Attempts to run malware designed to steal money via online access to bank accounts were stopped on the computers of 118,099 users. At the end of last year, the number of users attacked by malware designed to steal money from bank accounts gradually decreased, a trend that continued in Q1 2021. Top 10 banking malware families.

Mobile 87

Mobile Adware Ransomware Malware 87

SecureList

FEBRUARY 15, 2021

The email antivirus was triggered most frequently by email messages containing members of the Trojan.Win32.Agentb Agentb malware family. Theft of work accounts and infecting of office computers with malware in targeted attacks are the main risk that companies have faced this year. Malware families. per cent).

Phishing 136

Phishing Malware Scams Accountability 136

Krebs on Security

DECEMBER 13, 2021

31, 2021, the HSE’s antivirus software detected the execution of two software tools commonly used by ransomware groups — Cobalt Strike and Mimikatz — on the Patient Zero Workstation. But the antivirus software was set to monitor mode, so it did not block the malicious commands.” Now this is in itself isn’t bad.

Healthcare 267

Healthcare Ransomware Antivirus Software 267

eSecurity Planet

JUNE 8, 2023

Email security consists of the policies, tools, and services deployed to protect against threats specific to email such as spam, phishing attacks, malware-infested attachments, impersonation, and email interception.

Firewall 65

Firewall DNS Authentication Malware 65

Malwarebytes

APRIL 5, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) found that K–12 cyberattacks more than tripled over the pandemic, from 400 reported incidents in 2018 to over 1,300 in 2021. By January 2023, education had claimed over 80 percent of all global malware incidents —a staggering lead that has held since 2020.

Education 60

Education Ransomware Cybersecurity Risk 60

Krebs on Security

NOVEMBER 22, 2019

17, unknown attackers launched a ransomware strain known as Ryuk inside VCPI’s networks, encrypting all data the company hosts for its clients and demanding a whopping $14 million ransom in exchange for a digital key needed to unlock access to the files. At around 1:30 a.m. They didn’t even succeed at first, but they kept trying.”

Ransomware 346

Ransomware Computers and Electronics Healthcare Data breaches 346

Spinone

JANUARY 22, 2020

Although at the end of the 2018 ransomware seemed to be slowing its pace on the cyber threat arena, 2019 has shown that this slowdown wasn’t anything but “the calm before the storm” Ransomware statistics for 2019 vividly illustrated the rapid growth of high-profile ransomware attacks and new, more disrupting ransomware examples.

Ransomware 64

Ransomware Encryption Backups Phishing 64

SecureList

FEBRUARY 26, 2021

Read messages on any messenger, regardless of whether encryption is used. Due to the distribution vector of such applications which are very different from common malware distribution schemes, it is impossible to get infected with a stalkerware through a spam message including a link to stalkerware or a trap via normal web surfing.

Mobile 80

Mobile Surveillance Software Passwords 80

SiteLock

AUGUST 27, 2021

As its name suggests, ransomware is a type of malware that cybercriminals use to hold machines or data hostage until a ransom has been paid. After an unsuspecting victim opens a malicious email or visits an infected site, ransomware begins to encrypt critical files hosted on the victim’s local machine. The malware does the rest.

Ransomware 98

Ransomware Small Business Backups Encryption 98

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 131

Accountability VPN Software Antivirus 131