Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. The group typically asked ransoms between $20,000 to $5.8

Ransomware 98

Ransomware Antivirus Encryption Backups 98

Security Affairs

JANUARY 6, 2023

“The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. “We have already notified the National Directorate of Cyber Security and DIICOT. In 2019 other four hospitals in Romania suffered ransomware attacks that were attributed to the PHOBOS extortion group.

Ransomware 91

Ransomware Antivirus Media Encryption 91

Security Affairs

DECEMBER 12, 2021

“A Russian national was sentenced today to 48 months in prison for operating a “crypting” service used to conceal the Kelihos malware from antivirus software, which enabled hackers to systematically infect approximately hundreds of thousands of victim computers around the world with malicious software, including ransomware.”

Antivirus 95

Antivirus Malware Cybercrime Cyber threats 95

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” continues the experts.

Antivirus 60

Antivirus Advertising Security Defenses Hacking 60

Security Affairs

APRIL 22, 2021

Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. Please refer to the information provided by Trend Micro.” ” reads the advisory published by JPCert.

Antivirus 122

Antivirus Hacking Cybersecurity Information Security 122

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. ”The websites promised to render malicious software fully undetectable by nearly every major provider of antivirus software. . ” reads the press release published by DoJ.”The

Antivirus 105

Antivirus Malware Cryptocurrency Software 105

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019. This enhancement appeared in the middle of September 2019.

Malware 115

Malware Retail Advertising Antivirus 115

Security Affairs

MARCH 26, 2022

. – to its list of communications equipment and services that have been deemed a threat to national security, consistent with requirements in the Secure and Trusted Communications Networks Act of 2019.” ” reads the FCC’s press release.

Risk 104

Risk Telecommunications Mobile Antivirus 104

Security Affairs

JULY 1, 2019

On June 26, 2019, experts at eSentire Threat Intelligence discovered a C2 infrastructure pointing to a similar Dridex variant that was undetected by most of the antivirus listed in VirusTotal service. At the time of discovery, using data from VirusTotal, only six antivirus solutions of about 60 detected suspicious behavior [ 2 ].

Banking 80

Banking Antivirus Advertising Encryption 80

CyberSecurity Insiders

JANUARY 6, 2023

billion in 2019 to $815.4 Test security of systems and networks regularly. Support information security within organizational policies and programs. Requirement 5: It is no longer sufficient to just have standard antivirus software. In fact, the U.S. billion in 2020, a 43% increase. Changes in PCI DSS 4.0.

Antivirus 138

Antivirus Retail Software Accountability 138

Security Affairs

SEPTEMBER 28, 2020

Universal Health Services (UHS) is an American Fortune 500 company that provides hospital and healthcare services, in 2019, its annual revenues were $11.37 billion in 2019. “When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity.

Ransomware 121

Ransomware Healthcare Advertising Antivirus 121

Security Affairs

AUGUST 26, 2019

” 2019-08-24: #Nemty #Ransomware version '1.0' ' Mutex "hate" | "fuckav" Link to Putin Photo Backup & Shadow Copy Removal | Extension Blacklist | File/Folder Blacklist | 'isRu' check | Stats Git -> [link] pic.twitter.com/fMmAWIfvWv — Vitali Kremez (@VK_Intel) August 24, 2019.

Ransomware 99

Ransomware Malware Antivirus Encryption 99

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. More than 80% of all malicious files were disguised as .zip rar archive files.

Ransomware 71

Ransomware Antivirus Malware Banking 71

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. “Kaspersky reported these issues to be resolved as of July 2019.

Antivirus 84

Antivirus Advertising Password Management Passwords 84

Security Affairs

APRIL 7, 2021

“The lack of timely antivirus database updates for the security solution used on attacked systems also played a key role, preventing the solution from detecting and blocking the threat. It should also be noted that some components of the antivirus solution were disabled, further reducing the quality of protection.

VPN 105

VPN Ransomware Antivirus Firmware 105

Security Affairs

MARCH 17, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. New #Mespinoza #Ransomware [link] Ext: locked R/n: Readme.README Affected users, contact the support forum of @BleepinComputer pic.twitter.com/SbKxVEIXUd — Amigo-A (@Amigo_A_) October 25, 2019.

Education 102

Education Ransomware Encryption Antivirus 102

Security Affairs

APRIL 4, 2020

The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week.”

Antivirus 123

Antivirus Malware Phishing Advertising 123

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. The DoJ announced the charges after the US Securities and Exchange Commission (SEC) also charged McAfee with fraudulently touting ICOs.

Cryptocurrency 139

Cryptocurrency Banking Accountability Antivirus 139

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Disable hyperlinks in received emails.

Passwords 70

Passwords Government Firmware Accountability 70

Security Affairs

AUGUST 3, 2020

The authors of the GandCrab RaaS also offers technical support and updates to its members, they also published a video tutorial that shows how the ransomware is able to avoid antivirus detection. The GandCrab Ransomware-as-a-Service shut down operations in June 2019 and told affiliates to stop distributing the ransomware.

Ransomware 126

Ransomware Advertising Malware Hacking 126

Security Affairs

JANUARY 31, 2020

Recently another Japanese multinational electronics giant disclosed a data breach, last week Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information about defense contracts.

Data breaches 98

Data breaches Advertising Antivirus Encryption 98

Security Affairs

DECEMBER 26, 2022

. “New redundant code injection mechanism means to ensure code execution by using inline assembly to bypass user mode hooks from security solutions.” The researchers also noticed the use of a redundant code injection mechanism to avoid NTDLL.dll hooks used by antivirus and EDR solutions to detect malicious activities.

Malware 98

Malware Antivirus Hacking Cybersecurity 98

Security Affairs

JULY 25, 2019

Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). ” reads a blog post published by Intezer. ” continues the analysis.

Cryptocurrency 73

Cryptocurrency Internet Internet Malware 73

Security Affairs

DECEMBER 19, 2022

Researchers believe that at least five different merchants and exchanges were used to fund the Glupteba addresses since 2019. We also recommend monitoring DNS logs and keeping the antivirus software up to date to help prevent a potential Glupteba infection.” Pierluigi Paganini. SecurityAffairs – hacking, Glupteba botnet).

DNS 103

DNS Antivirus Cryptocurrency Software 103

Security Affairs

NOVEMBER 14, 2019

Symantec addressed a local privilege escalation flaw, tracked as CVE-2019-12758 , that affects all Symantec Endpoint Protection client versions prior to 14.2 The flaws could allow attackers to bypass the self-defense mechanism of the antivirus solutions and deliver persisten t malicious payloads. RU2 on October 22, 2019.

Antivirus 83

Antivirus Advertising Hacking Information Security 83

Security Affairs

JUNE 23, 2020

Fxmsp gained worldwide fame in May 2019, after it was reported that the networks belonging to leading antivirus software companies had been compromised. In mid-March 2019, the co-conspirators resumed their activity on forums. Fxmsp’s public activity culminated in April 2019. Geography and victims. The big fish.

Antivirus 93

Antivirus Advertising Hacking Banking 93

Security Affairs

DECEMBER 29, 2019

The samples of BIOLOAD loader analyzed by the experts were compiled in March and July 2019, while the samples of BOOSTWRITE were compiled in May. Experts pointed out that the BIOLOAD’s WinBio.dll is still detected by a limited number of antivirus on VirusTotal scanning platform despite it was compiled nine months ago.

Cybercrime 66

Cybercrime Antivirus Identity Theft Advertising 66

Security Affairs

JUNE 20, 2022

The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to spy on Brazilian users. ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Malware 105

Malware Banking Antivirus Phishing 105

Security Affairs

JULY 28, 2021

The earliest THOR sample that was spotted by the experts is dated back to August 2019. PKPLUG used a technique known as “ living off the land ” to bypass antivirus detection and target Microsoft Exchange servers. The Thor variant also implements new features such as an enhanced mechanism to deliver malicious payloads.

Encryption 110

Encryption Antivirus Malware Hacking 110

Security Affairs

JANUARY 26, 2020

Citrix releases permanent fixes for CVE-2019-19781 flaw in ADC 11.1 Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack. Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online. Hackers patch Citrix servers to deploy their own backdoor. Govn Agency.

Data breaches 79

Data breaches Advertising Antivirus DDOS 79

Security Affairs

JUNE 12, 2019

The recently released Microsoft Patch Tuesday security updates for June 2019 failed to address a flaw in SymCrypt , a core cryptographic function library currently used by Windows. Ormandy privately reported the flaw to Microsoft in March 2019, but the tech giant failed into fixing it after 90 days.

Encryption 74

Encryption Advertising Antivirus Hacking 74

Spinone

OCTOBER 10, 2019

Threat Post Threat Post is a portal, with news about everything related to recurring cybersecurity themes: attacks, cloud security, malware and ransomware, vulnerabilities, and so on. Security Through Education Security Through Education is one of the best information security blogs.

Cybersecurity 56

Cybersecurity IoT Antivirus Education 56

Security Affairs

AUGUST 18, 2019

Adobe Patch Tuesday for August 2019 fixed 119 flaws in 8 products. Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues. Security Patch Day for August includes the most critical Note released by SAP in 2019. A flaw in Kaspersky Antivirus allowed tracking its users online.

Banking 55

Banking Password Management Advertising Antivirus 55

Security Affairs

MARCH 18, 2023

” The Lockbit gang has been active since at least 2019 and today it is one of the most active ransomware groups offering a Ransomware-as-a-Service (RaaS) model. It also supports a Safe Mode feature to bypass endpoint antivirus and detection. ransomware appeared first on Security Affairs. “LockBit 3.0 and LockBit.”

Ransomware 90

Ransomware Penetration Testing Encryption Accountability 90

Security Affairs

AUGUST 22, 2019

“For example, disabling firewall and antivirus, rootkit installation, concealing of process-miner, theft any PC user’s private data — is just a small portion of what could be done. Rus – [link] Eng – [link] — Felix aka [xi-tauw] (@PsiDragon) August 20, 2019. ” wrote Kravetz. Another #0day.

Advertising 102

Advertising Antivirus Firewall Information Security 102

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. As observed below, the size of the junk lines presented in these samples is major related to the initial file observed in mid-December 2019. The reason behind that is simple: to evade antivirus detection.

Malware 79

Malware Banking Antivirus Advertising 79

Security Affairs

MARCH 19, 2020

” According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. This new version used the.

Government 112

Government Ransomware Encryption Penetration Testing 112