Security Affairs

SEPTEMBER 28, 2020

Russian Government has published a statement by President Vladimir Putin that proposes to the United States a comprehensive program of measures for restoring the Russia – US cooperation in information security. ” Putin suggested four actions to set up a prolific collaboration on Information security. .

Information Security 104

Information Security Hacking Advertising Government 104

Security Affairs

JULY 25, 2022

Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads. Then the malware contacts the C2 and sends system information (i.e.

Software 112

Software Malware Cybercrime VPN 112

Security Affairs

JANUARY 22, 2023

Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors using an updated variant of their mobile malware Wroba to compromise Wi-Fi routers and hijack DNS settings. Agent.eq (a.k.a

DNS 87

DNS Mobile Malware Hacking 87

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. The vendor explained that the devices haven’t been properly secured, even if the security patches released by MikroTik at the time were installed. If somebody got your password in 2018, just an upgrade will not help.

DDOS 74

DDOS Firewall Passwords Internet 74

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. LFI CVE-2018-16763 Fuel CMS 1.4.1 LFI CVE-2018-16763 Fuel CMS 1.4.1 The new variant of the bot includes exploits for the following security issues: CVE-2022-22954 : Critical RCE flaw in VMware Workspace ONE Access and VMware Identity Manager. .

Malware 138

Malware DDOS IoT Cybercrime 138

Malwarebytes

JANUARY 16, 2024

The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Together, CWRU and the FBI were able to identify that an IP address with which the malware was communicating had also been used to access the alumni email account of a man called Phillip Durachinsky.

Malware 85

Malware Passwords Identity Theft Data collection 85

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Malware 86

Malware Cybercrime Banking Hacking 86

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware 110

Malware Advertising Government Cryptocurrency 110

Security Affairs

NOVEMBER 22, 2019

The Payment solutions giant Edenred disclosed a malware incident that affected some of its computing systems, it immediately started an investigation. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Pierluigi Paganini.

Malware 103

Malware Mobile Advertising Government 103

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 ” reads the report published by the security firm. SecurityAffairs – hacking, Amadey malware).

Malware 84

Malware Ransomware Cybercrime Phishing 84

Security Affairs

DECEMBER 13, 2021

The TinyNuke malware is back and now was used in attacks aimed at French users working in manufacturing, technology, construction, and business services. Proofpoint researchers uncovered a campaign exclusively targeting French entities and organizations with operations in France with the banking malware TinyNuke. Pierluigi Paganini.

Banking 90

Banking Malware Manufacturing Business Services 90

Security Affairs

JUNE 11, 2021

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Threat actors used custom malware to steal data from 3.2 million Windows systems between 2018 and 2020. The malware stole nearly 26 million login credentials holding 1.1

Malware 107

Malware Computers and Electronics Software Financial Services 107

Security Affairs

JULY 13, 2020

President Donald Trump has revealed that in 2018 US have launched a cyberattack against a Russian company suspect to be a Russian troll farm. The attack took place in February 2018 and was launched by the U.S. The post Trump admits to have authorized a cyber attack on Russian troll farm in 2018 appeared first on Security Affairs.

Cyber Attacks 85

Cyber Attacks Internet Internet Advertising 85

Security Affairs

JANUARY 8, 2021

Multiple threat actors have recently started using the Ezuri memory loader as a loader to executes malware directly into the victims’ memory. According to researchers from AT&T’s Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. ” concludes the report.

Malware 129

Malware Encryption Antivirus Passwords 129

Security Affairs

JULY 29, 2019

According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 ” In 2018 Sonicwall had logged more than 2.8 ” In 2018 Sonicwall had logged more than 2.8

IoT 82

IoT Encryption Malware Advertising 82

Security Affairs

DECEMBER 4, 2022

The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. “continues the analysis. Pierluigi Paganini.

Cryptocurrency 85

Cryptocurrency Malware Hacking Information Security 85

Security Affairs

MAY 23, 2024

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Malware 103

Malware Accountability Phishing Data collection 103

Security Affairs

AUGUST 19, 2020

According to the security expert Tal Be’ery , the vulnerability, dubbed GlueBall, has been known since August 2018, because a malware sample exploiting it was uploaded to VirusTotal. ” In June 2020, experts discovered that the GlueBall issue was exploited in attacks in the wild to deliver malware.

Advertising 68

Advertising Malware Internet Internet 68

Security Affairs

DECEMBER 4, 2023

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Storm-0216 has historically used Qakbot malware for initial access, but has switched to other malware for initial access after the takedown of the Qakbot infrastructure.

Ransomware 98

Ransomware Malware Banking Hacking 98

Security Affairs

JULY 4, 2019

Kaspersky experts discovered that Sodinokibi, aka Sodin, Ransomware currently also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows. The body of each Sodin sample includes an encrypted configuration block that stores the settings and data used by the malware. Pierluigi Paganini.

Ransomware 73

Ransomware Encryption Advertising Architecture 73

Security Affairs

OCTOBER 19, 2020

Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. GravityRAT is a malware strain known for checking the CPU temperature of Windows computers to avoid being executed in sandboxes and virtual machines. Pierluigi Paganini.

Malware 106

Malware Computers and Electronics Spyware Advertising 106

Security Affairs

FEBRUARY 23, 2022

UK and US cybersecurity agencies linked Cyclops Blink malware to Russia’s Sandworm APT. US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. appeared first on Security Affairs.

Malware 85

Malware Firmware Architecture Firewall 85

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. ” reads the analysis published by CERT-UA.

Malware 77

Malware Phishing Banking Government 77

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The SentinelOne investigation is based on a previous one conducted by ESET in August , when Lazarus APT has been observed targeting job seekers with macOS malware working also on Intel and M1 chipsets.

Malware 87

Malware Cryptocurrency Architecture Advertising 87

Security Affairs

MARCH 2, 2024

from April 29, 2018, to May 10, 2020). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide.

Spyware 115

Spyware Surveillance Architecture Software 115

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware 99

Malware Ransomware Advertising Encryption 99

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . The experts were alerted about the malware in October and immediately launched an investigation.

Malware 100

Malware Firmware Advertising Manufacturing 100

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. ” concludes the report.

Malware 100

Malware Phishing Government Data collection 100

Krebs on Security

DECEMBER 6, 2023

Meanwhile, security experts argue that even in cases where online abusers provide intentionally misleading or false information in WHOIS records, that information is still extremely useful in mapping the extent of their malware, phishing and scamming operations.

Phishing 237

Phishing Internet Internet Scams 237

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families which is greater than 500 (41%).

Malware 82

Malware Cyber threats Telecommunications Advertising 82

Security Affairs

NOVEMBER 5, 2021

have been hijacked, threat actors replaced them with versions laced with password-stealing malware. The security team of the npm JavaScript package warns that two popular npm libraries, coa and rc. have been hijacked, threat actors replaced them versions laced with password-stealing malware. The last stable coa version 2.0.2

Passwords 92

Passwords Malware Accountability Hacking 92

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 60

Artificial Intelligence Government Banking Advertising 60

Security Affairs

JANUARY 17, 2024

CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to warn of AndroxGh0st malware. ” reads the advisory. ” reported Lacework.

Malware 88

Malware Cybersecurity Hacking Information Security 88

Security Affairs

SEPTEMBER 17, 2021

A new malware written in Golang programming language, tracked as Capoae, is targeting WordPress installs and Linux systems. Akamai researchers spotted a new strain of malware written in Golang programming language, dubbed Capoae, that was involved in attacks aimed at WordPress installs and Linux systems. . Pierluigi Paganini.

Malware 82

Malware Cryptocurrency Encryption Hacking 82

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware 102

Malware Surveillance Phishing Government 102

Security Affairs

FEBRUARY 23, 2022

The code of the recently-emerged Entropy ransomware has similarities with the one of the infamous Dridex malware. The recently-emerged Entropy ransomware has code similarities with the popular Dridex malware. The post Sophos linked Entropy ransomware to Dridex malware. appeared first on Security Affairs.

Ransomware 89

Ransomware Malware Cybercrime Banking 89

Security Affairs

FEBRUARY 27, 2020

Lampion malware is the most critical malware affecting Portuguese users’ last three months. This malware appears to be on the rise at the end of February 2020, after a fresh update where its operators introduced a new obfuscation layer on the first stage of the threat. SecurityAffairs – hacking, malware).

Malware 99

Malware Advertising Government Accountability 99