Security Affairs

MAY 13, 2019

Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. Yoroi Cyber Security Annual Report 2018 analyzes the evolution of the threat landscape observed between January 2018 and December 2018.

Malware 81

Malware DNS Advertising Surveillance 81

SecureList

NOVEMBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 86

Malware Banking Energy and Utilities Accountability 86

CyberSecurity Insiders

JANUARY 13, 2022

US Cyber Command’s Cyber National Mission Force has identified a new hacking group dubbed MuddyWater and tracked its operations to an Iranian intelligence funded company.

Hacking 110

Hacking Spyware DNS Surveillance 110

Security Affairs

NOVEMBER 29, 2019

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018. As for 2019, it has become the year of covert military operations in cyberspace.

Banking 87

Banking Telecommunications Marketing Internet 87

Security Affairs

JULY 7, 2019

China installs a surveillance app on tourists phones while crossing in the Xinjiang. Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Firefox finally addressed the Antivirus software TLS Errors. LooCipher: The New Infernal Ransomware.

Scams 48

Scams Spyware DNS Advertising 48

SecureList

APRIL 27, 2021

Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose. Moreover, the malware mentioned by Google matched ThreatNeedle – malware that we have been tracking since 2018.

Malware 139

Malware Spyware Government Social Engineering 139

SecureList

APRIL 27, 2022

We had initially analyzed this Delphi malware in April 2018. In July 2021, we reported the previously unknown Tomiris Golang backdoor , deployed against government organizations within a CIS country through DNS hijacking. We exposed similarities between DarkHalo’s SunShuttle backdoor and the Tomiris implant.

Malware 131

Malware Firmware Government Phishing 131

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 140

Malware Government Surveillance Spyware 140

Security Affairs

SEPTEMBER 18, 2018

Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that could infect both iPhones and Android devices, it is sold exclusively to the governments and law enforcement agencies. Our technique identified a total of 45 countries where Pegasus operators may be conducting surveillance operations.

Spyware 82

Spyware Mobile Surveillance DNS 82

Security Affairs

JULY 19, 2020

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DNS 80

DNS Advertising Surveillance Malware 80