Security Affairs

APRIL 11, 2019

Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware. Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with a banking trojan and an information stealer.

Software 67

Software Hacking Banking Malware 67

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. zip) called: FacturaNovembro-4492154-2019-10_8.zip.

Malware 95

Malware Internet Internet Antivirus 95

Malwarebytes

SEPTEMBER 21, 2021

Show them these tips: Never use the same password twice. And if your child uses the same password across multiple accounts, when one gets breached they are all vulnerable. And if your child uses the same password across multiple accounts, when one gets breached they are all vulnerable. This is where a password manager comes in.

Internet 111

Internet Internet Passwords Password Management 111

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. review Active Directory password policy. PA Unit 42 found that the average ransom paid by organisations nearly tripled over the past year, from $115,123 in 2019 to $312,493.

Energy and Utilities 120

Energy and Utilities Ransomware Banking Hacking 120

Malwarebytes

JULY 30, 2021

LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [ 1 ][ 2 ] on the Microsoft Security blog.

Malware 94

Malware Penetration Testing Passwords Antivirus 94

SecureList

FEBRUARY 15, 2021

The email antivirus was triggered most frequently by email messages containing members of the Trojan.Win32.Agentb We assume that those who called the numbers were asked to provide the login and password for the service that the scammers were imitating, or to pay for some diagnostics and troubleshooting services. Figures of the year.

Phishing 143

Phishing Malware Scams Accountability 143

Krebs on Security

FEBRUARY 23, 2019

2, 2019, this blog reported that the company — which had chosen not to pay the ransom and instead restore everything from backups — was still struggling to bring its systems back online. . On Christmas Eve 2018, cloud data hosting firm Dataresolution.net was hit with the Ryuk strain of ransomware.

Backups 232

Backups Ransomware Encryption Internet 232

Krebs on Security

MAY 13, 2024

was used to register at least six domains, including a Russian business registered in Khoroshev’s name called tkaner.com , which is a blog about clothing and fabrics. used the password 225948. A machine-translated ad for ransomware source code from Putinkrab on the Russian language cybercrime forum UFOlabs in 2019.

Ransomware 241

Ransomware Cybercrime Accountability Malware 241

Malwarebytes

DECEMBER 2, 2021

This blog post was authored by Hossein Jazi and the Threat Intelligence Team. In this blog post we are providing additional details about SideCopy that have not been published before. They also exfiltrated documents that are password protected. Newly observed lures.

Government 138

Government Banking Phishing Antivirus 138

Security Boulevard

APRIL 28, 2021

Networks can also be easily breached by social engineering, password theft, or tainted USBs, as in the Stuxnet attack. . . This renders the attacks undetectable and able to bypass conventional security solutions such as EDR, antivirus and other traditional security lines of defense. Blog post: Overcoming Patching Pitfalls.

Energy and Utilities 70

Energy and Utilities Malware DDOS Internet 70

eSecurity Planet

DECEMBER 3, 2021

lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. — Jason Haddix (@Jhaddix) July 27, 2019.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. in , where the group recruited many of its distributors.

Ransomware 258

Ransomware Accountability Cybercrime Passwords 258

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 134

Accountability VPN Software Antivirus 134

SecureList

APRIL 24, 2023

In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. The following table lists all Tomiris malware families we are aware of: Name Type Language Comments Tomiris Downloader Downloader C Mentioned in our original blog post.

Malware 104

Malware DNS Government Software 104

Security Affairs

SEPTEMBER 7, 2020

.” The library can generate files in multiple spreadsheet formats, it also supports Excel 2019. Some antivirus solutions specifically analyze this section look for malicious VBA code in the Excel docs. The lack of this section makes the Excel files generated by Epic Manchego gang hard to detect. EPPlus is such a tool.”

Cybercrime 95

Cybercrime Phishing Advertising Antivirus 95

SecureList

JANUARY 11, 2021

On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In a previous blog, we dissected the method used by Sunburst to communicate with its C2 server and the protocol by which victims are upgraded for further exploitation.

Malware 66

Malware Media Internet Internet 66

Krebs on Security

DECEMBER 14, 2023

Even if one managed to steal (or guess) a user’s DirectConnection password, the login page could not be reached unless the visitor also possessed a special browser certificate that the forum administrator gave only to approved members. A screen shot of the org chart from ChronoPay’s MegaPlan Intranet system.

Cybercrime 230

Cybercrime Accountability Advertising Computers and Electronics 230

Security Affairs

JUNE 4, 2019

The infection chain is composed by different stages of password protected SFX (self extracting archive), each containing vbs or batch scripts. Execution of “ winupd.exe ” (SFX) and relative password (uyjqystgblfhs). cmd” that renames the “win.jpg” into “win.exe” , another password protected SFX. Technical Analysis.

Passwords 62

Passwords DNS Engineering Malware 62

Troy Hunt

MARCH 2, 2020

This is going to be a lengthy blog post so let me use this opening paragraph as a summary of where Project Svalbard is at : Have I Been Pwned is no longer being sold and I will continue running it independently. Per the Project Svalbard announcement blog post, I engaged KPMG to run the merger and acquisition (M&A) process for me.

Data breaches 338

Data breaches Marketing Cyber Insurance InfoSec 338

Fox IT

MAY 4, 2021

Since September 2019, Fox-IT/NCC Group has intensified its research into known active Gozi variants. But if you would like to understand the rather tortured history of this particular malware a little better, the research and blog posts on the subject by Check Point are a good starting point. Q3 2019 – Q2 2020, Classic fraud era.

Banking 98

Banking Malware Encryption Architecture 98