2019, Accountability, Antivirus and Information Security

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data.

Antivirus

Antivirus Hacking Advertising Media

AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed

Security Affairs

JUNE 2, 2021

Feedback message data contained Account id, feedback rating given, and users’ email addresses. Player profile data included Player id; username; country; total money spent on the game; and even Facebook, Apple, and Google account data if the user linked either account with their game account. What Data Was Leaked?

Data breaches

Data breaches Accountability Mobile Phishing

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

billion in 2019 to $815.4 First launched in 2004 and updated most recently in 2018, the PCI Data Security (PCI DSS) standard is continually updated to reflect the evolving challenges of the cyberthreat landscape. is clearly failing to protect cardholder account details effectively in today’s environment. In fact, the U.S.

Antivirus

Antivirus Retail Software Accountability

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The investigators suppose that the income was directed into bank accounts and cryptocurrency exchange accounts in the names of nominees.

Cryptocurrency

Cryptocurrency Banking Accountability Antivirus

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Security Affairs

DECEMBER 12, 2021

“A Russian national was sentenced today to 48 months in prison for operating a “crypting” service used to conceal the Kelihos malware from antivirus software, which enabled hackers to systematically infect approximately hundreds of thousands of victim computers around the world with malicious software, including ransomware.”

Antivirus

Antivirus Malware Cybercrime Cyber threats

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . ” reads the press release published by DoJ.”The

Antivirus

Antivirus Malware Cryptocurrency Software

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. Links account for 29%, while attachments—for 71%. rar archive files.

Ransomware

Ransomware Antivirus Malware Banking

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. “The lack of timely antivirus database updates for the security solution used on attacked systems also played a key role, preventing the solution from detecting and blocking the threat.

VPN

VPN Ransomware Antivirus Firmware

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Implement the shortest acceptable timeframe for password changes.

Passwords

Passwords Government Firmware Accountability

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. New #Mespinoza #Ransomware [link] Ext: locked R/n: Readme.README Affected users, contact the support forum of @BleepinComputer pic.twitter.com/SbKxVEIXUd — Amigo-A (@Amigo_A_) October 25, 2019.

Education

Education Ransomware Encryption Antivirus

US govt agencies released a joint alert on the Lockbit 3.0 ransomware

Security Affairs

MARCH 18, 2023

” The Lockbit gang has been active since at least 2019 and today it is one of the most active ransomware groups offering a Ransomware-as-a-Service (RaaS) model. ransomware include remote desktop protocol (RDP) exploitation, drive-by compromise, phishing campaigns, abuse of valid accounts, and exploitation of public-facing applications.

Ransomware

Ransomware Penetration Testing Encryption Accountability

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. According to the report issued by the CERT-FR, operators behind the Pysa ransomware launched brute-force attacks against management consoles and Active Directory accounts.

Government

Government Ransomware Encryption Penetration Testing

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.”

Antivirus

Antivirus Malware Phishing Advertising

Belarussian authorities arrested GandCrab ransomware distributor

Security Affairs

AUGUST 3, 2020

The authors of the GandCrab RaaS also offers technical support and updates to its members, they also published a video tutorial that shows how the ransomware is able to avoid antivirus detection. The GandCrab Ransomware-as-a-Service shut down operations in June 2019 and told affiliates to stop distributing the ransomware.

Ransomware

Ransomware Advertising Malware Hacking

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. Fxmsp included one of his Jabber accounts, in his contact information on the forum which helped Group-IB researchers to establish his presumed identity. The big fish.

Antivirus

Antivirus Advertising Hacking Banking

BRATA Android Malware evolves and targets the UK, Spain, and Italy

Security Affairs

JUNE 20, 2022

The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to spy on Brazilian users. These two permissions allows the operators to receive and read the victim’s sms while performing a phishing attack and takeover the victims’ account.

Malware

Malware Banking Antivirus Phishing

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. According to the report issued by the CERT-FR, operators behind the Pysa ransomware launched brute-force attacks against management consoles and Active Directory accounts.

Ransomware

Ransomware Penetration Testing Healthcare Government

Lampion malware v2 February 2020

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. According to legitimate sources, Portuguese banking teams have detected irregular accesses to banking portals usually carried out through compromised accounts via the Lampion infections.

Malware

Malware Banking Antivirus Advertising

Security Affairs newsletter Round 227

Security Affairs

AUGUST 18, 2019

Watch out, your StockX account details may be available in crime forums. Adobe Patch Tuesday for August 2019 fixed 119 flaws in 8 products. Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues. Security Patch Day for August includes the most critical Note released by SAP in 2019.

Banking

Banking Password Management Advertising Antivirus

15 Best Cybersecurity Blogs To Read

Spinone

OCTOBER 10, 2019

Here you can find security-related news on many topics: Apps, IoT, Cloud, and much more. DarkReading Twitter account has more than 200k followers, a very solid number for the cybersecurity industry. Security Through Education Security Through Education is one of the best information security blogs.

Cybersecurity

Cybersecurity IoT Antivirus Education

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

The source code of the Xerxes malware was leaked online around May 2019. ” The malicious code supports multiple commands, it could launch overlay attacks, log keystrokes, send spam the victims’ contact lists with SMS messages, and prevent victims from using antivirus software.

Malware

Malware Banking Mobile Spyware

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

NOVEMBER 11, 2019

ZonaAlarm , the popular security software firm owned by Check Point Technologies, has suffered a data breach. According to the post published by The Hacker News, the security breach exposed the data of ZonaAlarm discussion forum users. ” reads the post published by The Hacker News. .

Hacking

Hacking Data breaches Passwords Advertising

JhoneRAT uses Google Drive, Twitter, ImgBB, and Google Forms to target countries in Middle East

Security Affairs

JANUARY 20, 2020

The first document named “Urgent.docx” is dated back November 2019. . The second document named “fb.docx” is dated January and claims to contain data on a Facebook information leak. OS, disk serial numbers, the antivirus, and more). . ” concludes the report.

Antivirus

Antivirus Malware Advertising Accountability

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. PA Unit 42 found that the average ransom paid by organisations nearly tripled over the past year, from $115,123 in 2019 to $312,493. VULNERABILITIES AND SECURITY UPDATES.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Security Affairs

APRIL 10, 2019

SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. EMOTET spread in Chile targeted financial and banking services. Technical Analysis.

Banking

Banking Malware Antivirus Cyber threats

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

A credible threat actor is offering access to the email accounts of hundreds of C-level executives for $100 to $1500 per account. Access to the email accounts of hundreds of C-level executives is available on the Exploit.in for $100 to $1500 per account. Exploit.in ” reported ZDNet.

Accountability

Accountability Cybercrime Hacking Retail

Pirate Ship Sailing to Developing World: Group-IB Uncovers Real Captains of Online Piracy Crew

Security Affairs

JULY 28, 2020

The shutdown of two major CDNs — Moonwalk and HDGO— in 2019, and the subsequent drop of the Russian piracy market from $87 million to $63.5 A notable example of such stance is the company called ZeroCDN , which belongs to the Russian company Mnogobyte, whose infrastructure was used by up to 60 percent of pirate websites as of late 2019.

Marketing

Marketing Banking Advertising Cybercrime

Do Not Confuse Next Generation Firewall And Web Application Firewall

SiteLock

OCTOBER 21, 2021

Some information security specialists confuse the concepts of WAF and NGFW. Let us start with the abbreviations that define the categories of information security products: WAF stands for Web Application Firewall , NGFW stands for Next Generation Firewall. We have an NGFW, do we need a WAF?" or "Why do we need WAF?"

Firewall

Firewall Information Security Penetration Testing Banking

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

“Cyber Security is so much more than a matter of IT.” ” ― Stephane Nappo The amount of compromised data in August 2019 composed 114,686,290 breached records. In case you want to train your employees, you may need to use a company account to be able to set scheduled lessons for your staff.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. In mid-November 2019, Wisconsin-based Virtual Care Provider Inc. Shipping and postage accounts. In our Dec.

Passwords

Passwords Ransomware Password Management Malware

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

It’s worth noting that.rar also became the second commonly used format to deliver archived malware in H1 2019 and accounted for 25% of all archived malicious files detected by Group-IB’s CERT in the first half of 2019. Unless behavioral analytics is employed, such malware is likely to remain undetected.

Phishing

Phishing Malware Spyware DDOS

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. Startup Est Headquarters Staff Funding Funding Type Abnormal Security 2018 San Francisco, CA 261 $74.0 Series B Apiiro Security 2019 Tel Aviv, Israel 65 $35.0

Cybersecurity

Cybersecurity Threat Detection Artificial Intelligence Risk

Cyber Security Informer

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed

Trending Sources

The Five-Step PCI DSS 4.0 Transition Checklist

John McAfee found dead in prison cell ahead of extradition to US

Russian nation sentenced to 48 months in prison for helping Kelihos Botnet to evade detection

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Ransomware Revival: Troldesh becomes a leader by the number of attacks

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

US govt agencies released a joint alert on the Lockbit 3.0 ransomware

CERT France – Pysa ransomware is targeting local governments

Microsoft’s case study: Emotet took down an entire network in just 8 days

Belarussian authorities arrested GandCrab ransomware distributor

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

BRATA Android Malware evolves and targets the UK, Spain, and Italy

PYSA ransomware gang is the most active group in November

Lampion malware v2 February 2020

Security Affairs newsletter Round 227

15 Best Cybersecurity Blogs To Read

New Android BlackRock malware targets hundreds of apps

ZoneAlarm forum site hack exposed data of thousands of users

JhoneRAT uses Google Drive, Twitter, ImgBB, and Google Forms to target countries in Middle East

Top Cybersecurity Accounts to Follow on Twitter

Cyber Security Roundup for April 2021

[SI-LAB] EMOTET spread in Chile impacted hundreds of users and targeted financial and banking services

Hundreds of C-level executives credentials available for $100 to $1500 per account

Pirate Ship Sailing to Developing World: Group-IB Uncovers Real Captains of Online Piracy Crew

Do Not Confuse Next Generation Firewall And Web Application Firewall

7 Cyber Security Courses Online For Everybody

The Hidden Cost of Ransomware: Wholesale Password Theft

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Top Cybersecurity Startups to Watch in 2022

Stay Connected