Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. SecurityAffairs – hacking, ransomware).

Ransomware 96

Ransomware Antivirus Encryption Backups 96

The Last Watchdog

JUNE 21, 2020

In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. In November 2019, the criminals behind a ransomware species called Maze started a new trend that is currently gaining momentum on the dark web. pharma giant ExecuPharm.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

DECEMBER 12, 2021

“A Russian national was sentenced today to 48 months in prison for operating a “crypting” service used to conceal the Kelihos malware from antivirus software, which enabled hackers to systematically infect approximately hundreds of thousands of victim computers around the world with malicious software, including ransomware.”

Antivirus 89

Antivirus Malware Cybercrime Cyber threats 89

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. ” A depiction of the Proxygate service.

VPN 299

VPN Computers and Electronics Antivirus Software 299

Security Affairs

JANUARY 6, 2023

“The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. In 2019 other four hospitals in Romania suffered ransomware attacks that were attributed to the PHOBOS extortion group. SecurityAffairs – hacking, Saint Gheorghe Recovery Hospital). Pierluigi Paganini.

Ransomware 85

Ransomware Antivirus Media Encryption 85

Krebs on Security

SEPTEMBER 30, 2023

GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases.

Ransomware 214

Ransomware Accountability Cybercrime Backups 214

Security Affairs

AUGUST 3, 2020

He had no previous criminal records at the time of the arrest, but it is known to be a member of a cybercrime forum to become an affiliate for the GandCrab ransomware operation. Authorities also added that the man was involved in the distribution of cryptominers and wrote malware for other users on the same hacking forums.

Ransomware 120

Ransomware Advertising Malware Hacking 120

Security Affairs

APRIL 27, 2020

The cybercrime gang also apologized for the damages they have caused their victims. The Shade infections increased during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size. SecurityAffairs – Shade Ransomware, hacking).

Ransomware 122

Ransomware Advertising Antivirus Education 122

Security Affairs

JUNE 12, 2019

“During the period of March to May 2019, Morphisec Labs observed a new, highly sophisticated variant of the ShellTea / PunchBuggy backdoor malware that attempted to infiltrate a number of machines within the network of a customer in the hotel-entertainment industry.” SecurityAffairs – FIN8, hacking). Pierluigi Paganini.

Hacking 78

Hacking Malware Advertising Retail 78

Security Affairs

DECEMBER 29, 2019

Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. The samples of BIOLOAD loader analyzed by the experts were compiled in March and July 2019, while the samples of BOOSTWRITE were compiled in May. ” Fortinet concludes.

Cybercrime 61

Cybercrime Antivirus Identity Theft Advertising 61

Security Boulevard

MARCH 31, 2021

How not to disclosure a Hack. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack. PA Unit 42 found that the average ransom paid by organisations nearly tripled over the past year, from $115,123 in 2019 to $312,493. High-end ransoms have gone up significantly too.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Fxmsp’s public activity culminated in April 2019.

Antivirus 87

Antivirus Advertising Hacking Banking 87

Identity IQ

AUGUST 20, 2021

Truth be told: cybercrimes against students continue to rise, especially against those who report to university campuses and use university resources. According to BlueVoyant’s Cybersecurity in Higher Education 2021 report , ransomware attacks on colleges increased twofold between 2019 and 2020. Digital Security and Online Privacy.

Identity Theft 98

Identity Theft Passwords Education Banking 98

Security Affairs

JANUARY 26, 2020

Citrix releases permanent fixes for CVE-2019-19781 flaw in ADC 11.1 Jeff Bezos phone was hacked by Saudi crown prince. Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. SecurityAffairs – Newsletter, hacking). Hackers patch Citrix servers to deploy their own backdoor.

Data breaches 81

Data breaches Advertising Antivirus DDOS 81

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise. CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor. RCE flaw in Electronic Arts Origin client exposes gamers to hack. Kindle Edition. Paper Copy.

Computers and Electronics 63

Computers and Electronics Spyware Data breaches Advertising 63

Security Affairs

DECEMBER 26, 2022

” GuLoader first appeared on the threat landscape in 2019, it was used by threat actors to download multiple remote access trojans (RATs) such as AgentTesla , FormBook , Nanocore , NETWIRE and the Parallax RAT. SecurityAffairs – hacking, GuLoader). “It then maps that section via NtMapViewofSection on the suspended process.”

Malware 96

Malware Antivirus Hacking Cybersecurity 96

Security Affairs

APRIL 17, 2019

The malicious code is under continuous enhancement, it is offered for sale on various hacking forums as a keylogger and stealer, it allows to monitor systems and exfiltrate information. The latest variant appeared in the cybercrime underground in December 2018, it was named HawkEye Reborn v9. ” continues the analysis.

Antivirus 84

Antivirus Malware Advertising Passwords 84

Security Affairs

DECEMBER 19, 2022

Researchers believe that at least five different merchants and exchanges were used to fund the Glupteba addresses since 2019. We also recommend monitoring DNS logs and keeping the antivirus software up to date to help prevent a potential Glupteba infection.” SecurityAffairs – hacking, Glupteba botnet). Pierluigi Paganini.

DNS 101

DNS Antivirus Cryptocurrency Software 101

Security Affairs

MARCH 17, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. New #Mespinoza #Ransomware [link] Ext: locked R/n: Readme.README Affected users, contact the support forum of @BleepinComputer pic.twitter.com/SbKxVEIXUd — Amigo-A (@Amigo_A_) October 25, 2019.

Education 97

Education Ransomware Encryption Antivirus 97

Security Affairs

SEPTEMBER 20, 2019

Experts revealed that the botnet was used by the TA505 cybercrime gang to distribute the FlawedAmmy RAT and some email stealers. “Amadey is a relatively new botnet , first noted late in Q1 of 2019. . “Amadey is a relatively new botnet , first noted late in Q1 of 2019. SecurityAffairs – APT, hacking).

Phishing 83

Phishing Social Engineering Malware Advertising 83

Security Affairs

JUNE 20, 2022

The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to spy on Brazilian users. SecurityAffairs – hacking, BRATA Android malware). The developers behind the BRATA Android malware have implemented additional features to avoid detection.

Malware 101

Malware Banking Antivirus Phishing 101

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. More than 80% of all malicious files were disguised as .zip rar archive files.

Ransomware 72

Ransomware Antivirus Malware Banking 72

Spinone

OCTOBER 10, 2019

Hacking Vision Hacking Vision is a cybersecurity blog with a vision to bring a community of white hat security experts together to learn and gain knowledge. Their main focus is on cybercrime investigations. Antivirus Software 2019 The primary focus of this blog is antivirus software.

Cybersecurity 56

Cybersecurity IoT Antivirus Education 56

Security Affairs

SEPTEMBER 16, 2019

The researchers provided evidence that the threat actors sold the purchased certificates to a cybercrime gang that used them to spread malware. The verification is done using a public antivirus scanning service, then the threat actors use the file scan record as “a clean bill of health” for potential buyers. Pierluigi Paganini.

Adware 81

Adware Advertising Marketing Antivirus 81

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. This new version used the.

Government 108

Government Ransomware Encryption Penetration Testing 108

Security Affairs

MARCH 18, 2023

” The Lockbit gang has been active since at least 2019 and today it is one of the most active ransomware groups offering a Ransomware-as-a-Service (RaaS) model. It also supports a Safe Mode feature to bypass endpoint antivirus and detection. “LockBit 3.0 and LockBit.” The LockBit 3.0

Ransomware 84

Ransomware Penetration Testing Encryption Accountability 84

Krebs on Security

JULY 28, 2022

” Microleaves has long been classified by antivirus companies as adware or as a “potentially unwanted program” (PUP), the euphemism that antivirus companies use to describe executable files that get installed with ambiguous consent at best, and are often part of a bundle of software tied to some “free” download.

Advertising 212

Advertising Software Computers and Electronics Internet 212

Security Affairs

DECEMBER 26, 2022

” GuLoader first appeared on the threat landscape in 2019, it was used by threat actors to download multiple remote access trojans (RATs) such as AgentTesla , FormBook , Nanocore , NETWIRE and the Parallax RAT. SecurityAffairs – hacking, GuLoader). “It then maps that section via NtMapViewofSection on the suspended process.”

Malware 52

Malware Antivirus Hacking Cybersecurity 52

Security Affairs

MAY 10, 2019

A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Fxmsp is a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information.

Antivirus 104

Antivirus Hacking Artificial Intelligence Cybercrime 104

Malwarebytes

MARCH 22, 2021

The PRODAFT Threat Intelligence Team has published a report (pdf) that gives an unusually clear look at the size and structure of organized cybercrime. EvilCorp is the name of a vast, international cybercrime network. It also found evidence of WastedLocker malware and other TTPs that matched with both EvilCorp and SolarWinds.

Cybercrime 121

Cybercrime Malware Social Engineering Marketing 121

Security Affairs

NOVEMBER 11, 2021

181024 CVE-2019-19824 TOTOLINK Realtek SDK based routers, this affects A3002RU through 2.0.0, BotenaGo was written in Golang (Go) and at the time of the report published by the experts, it had a low antivirus (AV) detection rate (6/62). SecurityAffairs – hacking, BotenaGo). CVE-2016-6277 NETGEAR R6250 before 1.0.4.6.Beta,

IoT 125

IoT Firmware Malware Wireless 125

Identity IQ

MAY 7, 2021

It’s one of the fastest-growing cybersecurity threats today, growing a staggering 300% since 2019 and leading to consumer losses of $3.5 The Dark Web: The dark web is where hacked accounts and stolen personal data is bought and sold. Your computer might even be part of a bot-net used to hack other accounts through credential stuffing.

Accountability 105

Accountability Data breaches Passwords Social Engineering 105

Security Affairs

FEBRUARY 17, 2019

620 million accounts stolen from 16 hacked websites available for sale on the dark web. Microsoft Patch Tuesday updates for February 2019 fixes IE Zero-Day. Astaroth Trojan relies on legitimate os and antivirus processes to steal data. Password Checkup Chrome extension warns users about compromised logins.

Advertising 70

Advertising Antivirus Malware Backups 70

Krebs on Security

OCTOBER 1, 2019

A Slovenian man convicted of authoring the destructive and once-prolific Mariposa botnet and running the infamous Darkode cybercrime forum has been arrested in Germany on request from prosecutors in the United States, who’ve recently re-indicted him on related charges. issued international arrest warrant for his extradition.

Cybercrime 39

Cybercrime Malware Antivirus Banking 39

Security Affairs

APRIL 10, 2019

SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. EMOTET spread in Chile targeted financial and banking services. Technical Analysis.

Banking 61

Banking Malware Antivirus Cyber threats 61

Security Affairs

AUGUST 28, 2019

— Gendarmerie nationale (@Gendarmerie) August 28, 2019. Earlier this year, malware researchers from Avast antivirus firm discovered a design flaw in the C&C protocol of the botnet that could have been exploited to remove the malware from infected computers. SecurityAffairs – Retadup botn et , hacking).

Malware 87

Malware Advertising Antivirus Cryptocurrency 87

Security Affairs

JULY 28, 2020

The purpose of this report is to deliver a devastating blow to cybercrime by uncovering key organizations sponsoring pirates and exposing the entire criminal structure of online piracy. The shutdown of two major CDNs — Moonwalk and HDGO— in 2019, and the subsequent drop of the Russian piracy market from $87 million to $63.5 million.

Marketing 68

Marketing Banking Advertising Cybercrime 68