2018, Antivirus, Hacking and Information Security

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. SecurityAffairs – hacking, BSI).

Antivirus

Antivirus Software Manufacturing Information Security

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

RaaS rollout 2015 – 2018. The GandCrab RaaS that appeared in early 2018 was one of the last high-profile threats targeting individuals on a large scale. It vanished from the radar in June 2018, when the ransomware plague took another sharp turn. Targeting enterprises Late 2018 – present day.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Firefox finally addressed the Antivirus software TLS Errors

Security Affairs

JULY 2, 2019

Firefox finally addressed the issues with antivirus apps crashing HTTPS websites starting with the release of Firefox 68. Mozilla announced that it will resolve the issues that caused antivirus apps crashing HTTPs websites with the release of Firefox 68 version. This is possible by installing root certificates on the device.

Antivirus

Antivirus Software Advertising Information Security

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

“While the Windows system is in safe mode antivirus software doesn’t work. The researchers started investigating the threat after they became aware that the malware was disabling and uninstalling its antivirus from infected devices. “It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Antivirus

Antivirus Cryptocurrency Malware Software

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. was used at the time of the attack), which enabled the attackers to exploit the CVE-2018-13379 vulnerability and gain access to the enterprise network.” ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. SecurityAffairs – Fortinet, hacking). Pierluigi Paganini.

Encryption

Encryption Antivirus DNS Advertising

Crooks made more than $560K with a simple clipboard hijacker

Security Affairs

APRIL 19, 2021

The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018. The tools were published on a Telegram channel named Hack Boss that was created on November 26, 2018, and has over 2,500 subscribers.

Cryptocurrency

Cryptocurrency Malware Hacking Banking

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. SecurityAffairs – hacking, McAfee).

Cryptocurrency

Cryptocurrency Banking Accountability Antivirus

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

With the boom in digital commerce paired with the increased popularity of contactless payment and cloud-stored accountholder data, the Payment Card Industry (PCI) Security Standards Council decided to re-evaluate the existing standard. Test security of systems and networks regularly. The current version, PCI DSS v3.2.1,

Antivirus

Antivirus Retail Software Accountability

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Security Affairs

NOVEMBER 3, 2022

Sentinel Labs found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7. Security researchers at Sentinel Labs shared details about Black Basta ‘s TTPs and assess it is highly likely the ransomware operation has ties with FIN7. SecurityAffairs – hacking, FIN7).

Cybercrime

Cybercrime Ransomware Antivirus Malware

China-linked APT uses a new backdoor in attacks at Russian defense contractor

Security Affairs

APRIL 30, 2021

The weaponized RTF documents generated with the exploit builder are able to trigger the CVE-2017-11882 , CVE-2018-0798 , CVE-2018-0802 vulnerabilities in Microsoft’s Equation Editor. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Russian defense contractor).

Phishing

Phishing Malware Antivirus Encryption

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus , Security Cloud, and Small Office Security products. As in: under some circumstances, antivirus would still crash.

Antivirus

Antivirus Advertising Password Management Passwords

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

The GandCrab ransomware-as-a-service first emerged from Russian crime underground in early 2018. The GandCrab was advertised in the Russian hacking community, researchers from LMNTRIX who discovered it noticed that authors was leveraging the RIG and GrandSoft exploit kits to distribute the malware. Pierluigi Paganini.

Ransomware

Ransomware Advertising Malware Hacking

Mysterious custom malware used to steal 1.2TB of data from million PCs

Security Affairs

JUNE 11, 2021

million Windows systems between 2018 and 2020. The software includes illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.” SecurityAffairs – hacking, custom malware). The post Mysterious custom malware used to steal 1.2TB of data from million PCs appeared first on Security Affairs.

Malware

Malware Computers and Electronics Software Financial Services

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts pointed out that the number of infected systems could be far greater because data provided by AVAST are only related to systems running their antivirus solution. Pierluigi Paganini.

DNS

DNS Cryptocurrency Internet Internet

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 BotenaGo was written in Golang (Go) and at the time of the report published by the experts, it had a low antivirus (AV) detection rate (6/62). Beta, R6400 before 1.0.1.18.Beta,

IoT

IoT Firmware Malware Wireless

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Xbash gets rolling by infecting one device, which then serves as the launch pad for deeper hacking forays limited only by the attacker’s initiative. To be sure, it’s not as if the good guys aren’t also innovating.

Passwords

Passwords Password Management Antivirus Internet

Hackers penetrated NEC defense business division in 2016

Security Affairs

JANUARY 31, 2020

“In July 2018, we succeeded in decrypting encrypted communication with an infected server and an external server that was performing unauthorized communication, and stored it on our internal server for information sharing with other departments used by our defense business division 27,445 files were found to have been accessed illegally.

Data breaches

Data breaches Advertising Antivirus Encryption

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint alert to warn of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. Install and regularly update antivirus and anti-malware software on all hosts. Pierluigi Paganini.

Passwords

Passwords Government Firmware Accountability

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The second half of 2018 saw a drop in the number of malicious programs downloaded via browsers reaching its minimum at less than 5%, while in the first half of 2019 only every 19 th download was initiated via means other than email.

Ransomware

Ransomware Antivirus Malware Banking

Evilnum Group targets European and British fintech companies

Security Affairs

JULY 10, 2020

Evilnum threat actor was first spotted in 2018 while using the homonym malware. Experts observed several variants of the script since May 2018, having different server-side code for the C&C and supporting different commands. SecurityAffairs – hacking, Evilnum). The version 4.0 The image is stored in a file called SC4.P7D

eCommerce

eCommerce Advertising Malware Spyware

Ezuri memory loader used in Linux and Windows malware

Security Affairs

JANUARY 8, 2021

“The loader decrypts the malicious malware and executes it using memfd create (as described in this blog in 2018). “The authors use the open source tool Ezuri, to load its previously seen payloads and avoid antivirus detections on the file.” SecurityAffairs – hacking, Golang). Pierluigi Paganini.

Malware

Malware Encryption Antivirus Passwords

FIN7 Hackers group is back with a new loader and a new RAT

Security Affairs

OCTOBER 12, 2019

FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. In April 2018, FIN7 hackers stole credit and debit card information from millions of consumers who have purchased goods at Saks Fifth Avenue and Lord & Taylor stores.

Identity Theft

Identity Theft Hacking Advertising DNS

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

Security Affairs

MAY 27, 2019

Security researchers are monitoring a new hacking campaign aimed at Joomla and WordPress websites, attackers used.htaccess injector for malicious redirect. A warning message from endpoint antivirus software when users try to visit malicious site redirected by Joomla and WordPress sites. htaccess, hacking).

Advertising

Advertising Malware Antivirus Software

The Hacker Mind Podcast: Hacking Charity

ForAllSecure

JULY 28, 2021

His book, Hacking Google was a best seller, but after, he just wasn't feeling it. Welcome to the hacker mind in original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. Either version, the idea here is to empower others to help themselves, to hack.

Hacking

Hacking Computers and Electronics InfoSec Technology

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

The malware is able to log the users’ keystrokes, collect information through hooking, access clipboard content, and monitor the keystate. The Astaroth Trojan was first spotted by security firm Cofense in late 2018 when it was involved in a campaign targeting Europe and Brazil. SecurityAffairs – hacking, Astaroth Trojan).

Antivirus

Antivirus Malware Advertising Security Intelligence

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. Soon enough, the threat actor started talking about hacking into IBM and Microsoft. On January 17, 2018, the hacker shared exactly how many buyers he had at the time: 18.

Antivirus

Antivirus Advertising Hacking Banking

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. How not to disclosure a Hack. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

Security Affairs

DECEMBER 29, 2019

In August 2018, three members of the notorious cybercrime gang have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. Fin7 is suspected to have hit more than 100 US companies, most of them in the restaurant, hospitality, and industries.

Cybercrime

Cybercrime Antivirus Identity Theft Advertising

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.”

Antivirus

Antivirus Malware Phishing Advertising

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

In March 2018, security researchers at Antivirus firm Dr. Web discovered that 42 models of low-cost Android smartphones are shipped with the Android.Triada.231 The only way to remove the threat is to wipe the smartphone and reinstall the OS. 231 banking malware. ” reads the analysis published by Trend Micro.

Mobile

Mobile Advertising Malware Cybercrime

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

“We have discovered a new version of WatchBog—a cryptocurrency-mining botnet operational since late 2018—that we suspect has compromised more than 4,500 Linux machines in newer campaigns taking place since early June.” ” reads a blog post published by Intezer. ” continues the analysis.

Cryptocurrency

Cryptocurrency Internet Internet Malware

Dutch police arrested the author of Dryad and Rubella Macro Builders

Security Affairs

JULY 19, 2019

.” Both macro builders allow crooks to easily create malicious Office documents that are usually involved in hacking campaigns as a first-stage loader for other malware. The Rubella Macro Builder crimeware kit appeared in the threat landscape on April 2018 and rapidly gained popularity in the cybercriminal underground.

Malware

Malware Social Engineering Advertising Antivirus

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Security Affairs

APRIL 10, 2019

That file was delivered via malscam campaigns around the world and its source-code is obfuscated in order to evade antivirus detection and complicate its analysis. The latter leverages the WinRar/Ace vulnerability ( CVE-2018-20250 ) dropping the malware itself into the Windows startup folder.

Banking

Banking Malware Antivirus Cyber threats

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. 32) and Igor Turashev (38) for distributing the infamous Dridex banking Trojan , and for their involvement in international bank fraud and computer hacking schemes.

Banking

Banking Malware Cybercrime Accountability

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

OCTOBER 15, 2019

The cybercrime organization was first spotted in April 2018 by researchers at Cisco Talos, earlier 2019 researchers from Palo Alto Networks Unit42 found new malware samples used by the Rocke group for cryptojacking that uninstalls from Linux servers cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud.

Cybercrime

Cybercrime DNS Malware Advertising

Astaroth Trojan leverages Facebook and YouTube to avoid detection

Security Affairs

SEPTEMBER 15, 2019

However, at each step of the infection, this campaign uses trusted sources and the end user to help advance to the next stage, ultimately leading to an eventual exfiltration of sensitive information.” According to the experts, LOLbins are very effecting in evading antivirus software. .

Phishing

Phishing Malware Encryption Network Security

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. doc and.xlm) to evade antivirus detection and bypass spam filters as well. That malware is known as FlawedAmmyy RAT and was discovered by Proofpoint researchers in March 2018.

Malware

Malware Antivirus Technology Phishing

A new trojan Lampion targets Portugal

Security Affairs

DECEMBER 29, 2019

SI-LAB noted that Portuguese users were targeted with malscam messages that reported issues related to a debt of the year 2018. This is a clear signal that most of the antivirus engines don’t detect yet the malware signature. The file is extremely large (32 MB), with a lot of junk allowing, thus, to evade antivirus engines as a result.

Malware

Malware Internet Internet Antivirus

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

The US Department of Justice has indicted a hacker named Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks. The US Department of Justice has indicted a hacker that goes online with the moniker Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks.

Hacking

Hacking Antivirus Advertising Cybercrime

Pirate Ship Sailing to Developing World: Group-IB Uncovers Real Captains of Online Piracy Crew

Security Affairs

JULY 28, 2020

Since 2018, when 1xBet started its international expansion with the help of pirates, it sponsored the production of more than 500 camrips, all of which were in English, 14% – in Spanish, 5% – in Tamil, Portuguese, Thai, Hindi, and others. SecurityAffairs – hacking, online piracy). million. . Pierluigi Paganini.

Marketing

Marketing Banking Advertising Cybercrime

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security enthusiast and Linux evangelist Binni Shah consistently offers valuable tutorials, guides, and insights for the cybersecurity community. Eugene Kaspersky | @e_kaspersky.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Related: ‘Cyber Pearl Harbor’ happens every day Some 15 months earlier, in March 2018, Atlanta was hit by a similar assault, and likewise refused to pay a $51,000 ransom, eating $17 million in damage. Meanwhile, the advanced hacking collectives invest in innovation and press forward. mayors attending the U.S.

Ransomware

Ransomware Internet Internet Hacking

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

In July, the US Department of Justice has indicted a hacker that goes online with the moniker Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S.

Accountability

Accountability Cybercrime Hacking Retail

The German BSI agency recommends replacing Kaspersky antivirus software

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Webinars

Trending Sources

Firefox finally addressed the Antivirus software TLS Errors

Webinars

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Some Fortinet products used hardcoded keys and weak encryption for communications

Crooks made more than $560K with a simple clipboard hijacker

John McAfee found dead in prison cell ahead of extradition to US

The Five-Step PCI DSS 4.0 Transition Checklist

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

China-linked APT uses a new backdoor in attacks at Russian defense contractor

Kaspersky addressed multiple issues in online protection solutions

Belarussian authorities arrested GandCrab ransomware distributor

Mysterious custom malware used to steal 1.2TB of data from million PCs

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

BotenaGo botnet targets millions of IoT devices using 33 exploits

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

Hackers penetrated NEC defense business division in 2016

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Evilnum Group targets European and British fintech companies

Ezuri memory loader used in Linux and Windows malware

FIN7 Hackers group is back with a new loader and a new RAT

Crooks leverages.htaccess injector on Joomla and WordPress sites for malicious redirects

The Hacker Mind Podcast: Hacking Charity

A new Astaroth Trojan Campaign uncovered by Microsoft

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Cyber Security Roundup for April 2021

A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor

Microsoft’s case study: Emotet took down an entire network in just 8 days

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Dutch police arrested the author of Dryad and Rubella Macro Builders

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

US authorities charged Dridex gang members for stealing over $100 Million

Chinese-speaking cybercrime gang Rocke changes tactics

Astaroth Trojan leverages Facebook and YouTube to avoid detection

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

A new trojan Lampion targets Portugal

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Pirate Ship Sailing to Developing World: Group-IB Uncovers Real Captains of Online Piracy Crew

Top Cybersecurity Accounts to Follow on Twitter

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

Hundreds of C-level executives credentials available for $100 to $1500 per account

Stay Connected