Security Affairs

AUGUST 26, 2019

A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. ” Victims could upload their configuration file, in turn, the operators behind the ransomware will provide with the link to another website that comes with a chat function and more information on the demands.

Ransomware 92

Ransomware Malware Antivirus Encryption 92

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 107

Malware Hacking Government Telecommunications 107

Security Affairs

JANUARY 6, 2023

Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware allowing its victims to restore their data for free. Antivirus firm Bitdefender released a decryptor for the MegaCortex ransomware , which can allow victims of the group to restore their data for free. The group typically asked ransoms between $20,000 to $5.8

Ransomware 96

Ransomware Antivirus Encryption Backups 96

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Figure 1: Lampion malware email templates. 2020-02-13] #Lampion v2 #portugal #malware #ATA 0998f6473004e0ba54ead5784ba62db8 h}//vrau-x.s3.us-east-2.amazonaws.[com/0.zip zip h//oiurx14x.s3.us-east-2.amazonaws.}com/P-14-7.dll

Malware 78

Malware Banking Antivirus Advertising 78

Security Affairs

MAY 6, 2021

Chinese military unit PLA Unit 61419 is suspected to be involved in cyber-espionage campaigns against multiple antivirus companies. Experts speculate the cyberspies have purchased the security software to study them and find zero-day vulnerabilities that could be exploited in an attack or to test the detection of new malware.

Antivirus 53

Antivirus Software Hacking Malware 53

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation.

Malware 115

Malware Passwords Advertising Antivirus 115

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. Security experts from ThreatFabric have discovered a new Android banking trojan dubbed BlackRock that steals credentials and credit card data from a list of 337 apps.

Malware 89

Malware Banking Mobile Spyware 89

Security Affairs

DECEMBER 12, 2021

Russian national Oleg Koshkin was convicted in January for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection. He has been in custody since 2019, when he was arrested in California. ” reads the press release published by DoJ.

Antivirus 87

Antivirus Malware Cybercrime Cyber threats 87

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection.

Antivirus 103

Antivirus Malware Cryptocurrency Software 103

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. Emotet , the most widespread malware worldwide and Ryuk , a ransomware type, are growing threats and real concerns for businesses and internet users in 2020.

Malware 110

Malware Retail Advertising Antivirus 110

Security Affairs

DECEMBER 26, 2022

Cybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented by an advanced malware downloader called GuLoader (aka CloudEyE ). ” reads the analysis published by CrowdStrike.

Malware 96

Malware Antivirus Hacking Cybersecurity 96

CyberSecurity Insiders

JANUARY 6, 2023

billion in 2019 to $815.4 Test security of systems and networks regularly. Support information security within organizational policies and programs. Requirement 5: It is no longer sufficient to just have standard antivirus software. In fact, the U.S. billion in 2020, a 43% increase. Changes in PCI DSS 4.0.

Antivirus 138

Antivirus Retail Software Accountability 138

Security Affairs

APRIL 4, 2020

The attack described by Microsoft begun with a phishing message that was opened by an internal employee, the malware infected its systems and made lateral movements infected other systems in the same network. The virus halted core services by saturating the CPU usage on Windows devices. ” reads the Microsoft DART announcement.

Antivirus 116

Antivirus Malware Phishing Advertising 116

Security Affairs

AUGUST 3, 2020

He allegedly subscribed the GandCrab ransomware-as-a-service to create his own version of the malware and spread it running a spam campaign. The authors of the GandCrab RaaS also offers technical support and updates to its members, they also published a video tutorial that shows how the ransomware is able to avoid antivirus detection.

Ransomware 118

Ransomware Advertising Malware Hacking 118

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. Another trend was disguising malware in emails. rar archive files.

Ransomware 71

Ransomware Antivirus Malware Banking 71

Security Affairs

JULY 1, 2019

Malware researcher Brad Duncan first observed a new variant of Dridex on June 17 that leverage an Application Whitelisting technique to bypass mitigation via disabling or blocking of Windows Script Host. “On June 26, 2019, eSentire Threat Intelligence discovered new infrastructure pointing to a similar Dridex variant (see IOCs below).

Banking 77

Banking Antivirus Advertising Encryption 77

Security Affairs

JANUARY 6, 2023

“The attack is similar to the one in the summer of 2019, when four other hospitals in Romania were targeted. “We have already notified the National Directorate of Cyber Security and DIICOT. In 2019 other four hospitals in Romania suffered ransomware attacks that were attributed to the PHOBOS extortion group.

Ransomware 83

Ransomware Antivirus Media Encryption 83

Security Affairs

OCTOBER 23, 2019

Flaws in Avast, AVG, and Avira Antivirus could be exploited by an attacker to load a malicious DLL file to bypass defenses and escalate privileges. The Antivirus implements a self-defense mechanism that prevents malicious code to write and implant a DLL to its folders. ” reads the analysis published by the experts.

Antivirus 54

Antivirus Advertising Security Defenses Hacking 54

Security Affairs

APRIL 22, 2021

Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. Please refer to the information provided by Trend Micro.” ” reads the advisory published by JPCert.

Antivirus 124

Antivirus Hacking Cybersecurity Information Security 124

Security Affairs

JULY 25, 2019

Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). ” reads a blog post published by Intezer. ” continues the analysis. gooobb ” file.

Cryptocurrency 70

Cryptocurrency Internet Internet Malware 70

Security Affairs

MARCH 17, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products. This new version used the.

Education 95

Education Ransomware Encryption Antivirus 95

Security Affairs

NOVEMBER 11, 2021

181024 CVE-2019-19824 TOTOLINK Realtek SDK based routers, this affects A3002RU through 2.0.0, BotenaGo was written in Golang (Go) and at the time of the report published by the experts, it had a low antivirus (AV) detection rate (6/62). “To deliver its exploit, the malware first queries the target with a simple “GET” request.

IoT 123

IoT Firmware Malware Wireless 123

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. zip) called: FacturaNovembro-4492154-2019-10_8.zip.

Malware 96

Malware Internet Internet Antivirus 96

Security Affairs

APRIL 7, 2021

Upon compromising the domain administrator account, threat actors could distributee malware to other systems on the same network. “The lack of timely antivirus database updates for the security solution used on attacked systems also played a key role, preventing the solution from detecting and blocking the threat. .

VPN 98

VPN Ransomware Antivirus Firmware 98

Security Affairs

DECEMBER 19, 2022

Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes. Researchers believe that at least five different merchants and exchanges were used to fund the Glupteba addresses since 2019. “For this campaign we were not able to find any samples for 3 of the addresses we gathered. .

DNS 99

DNS Antivirus Cryptocurrency Software 99

Security Affairs

DECEMBER 26, 2022

Cybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented by an advanced malware downloader called GuLoader (aka CloudEyE ). ” reads the analysis published by CrowdStrike.

Malware 52

Malware Antivirus Hacking Cybersecurity 52

Security Affairs

DECEMBER 22, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. Operators behind the Pysa malware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products.

Ransomware 100

Ransomware Penetration Testing Healthcare Government 100

Security Affairs

DECEMBER 29, 2019

The BIOLOAD loader shares similarities with BOOSTWRITE , another loader associated with the FIN7 group that is able to drop the malware directly in memory. The samples of BIOLOAD loader analyzed by the experts were compiled in March and July 2019, while the samples of BOOSTWRITE were compiled in May. SecurityAffairs – FIN7, malware).

Cybercrime 61

Cybercrime Antivirus Identity Theft Advertising 61

Security Affairs

MARCH 18, 2023

.” The Lockbit gang has been active since at least 2019 and today it is one of the most active ransomware groups offering a Ransomware-as-a-Service (RaaS) model. ransomware is a modular malware that is more evasive than its previous versions, its shared similarities with Blackmatter and Blackcat ransomware. The LockBit 3.0

Ransomware 82

Ransomware Penetration Testing Encryption Accountability 82

Security Affairs

JULY 9, 2019

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan.

Antivirus 74

Antivirus Malware Advertising Security Intelligence 74

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Disable hyperlinks in received emails.

Passwords 66

Passwords Government Firmware Accountability 66

Security Affairs

SEPTEMBER 28, 2020

Universal Health Services (UHS) is an American Fortune 500 company that provides hospital and healthcare services, in 2019, its annual revenues were $11.37 billion in 2019. “When the attack happened multiple antivirus programs were disabled by the attack and hard drives just lit up with activity.

Ransomware 117

Ransomware Healthcare Advertising Antivirus 117

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing 82

Phishing Social Engineering Malware Advertising 82

Security Affairs

JULY 28, 2021

Researchers from Palo Alto Networks Unit 42 team tracked the new version of the PlugX malware as Thor, they reported that the RAT was used as a post-exploitation tool deployed on one of the compromised servers. The earliest THOR sample that was spotted by the experts is dated back to August 2019.

Encryption 111

Encryption Antivirus Malware Hacking 111

Security Affairs

OCTOBER 15, 2019

The group has been observed using new tactics, techniques, and procedures (TTPs), it is also using updated malware to evade detection. The malicious code is used by the hackers to deliver a Moner (XMR) crypto miner that is not detected by almost any antivirus solution. ” reads the analysis published by the security firm Anomaly.

Cybercrime 64

Cybercrime DNS Malware Advertising 64

Security Affairs

APRIL 10, 2019

SI-LAB detected hundreds of users that were impacted by this malware between March 18th and 26th of 2019. The last days of March 2019 are making headlines due to a targeted cyber attack involving a new variant of infamous EMOTET malware. CSIRT emite actualización de la Alerta de Ciberseguridad por Malware EMOTET.

Banking 60

Banking Malware Antivirus Cyber threats 60

Security Affairs

MARCH 2, 2019

SI-LAB captured a piece of the FlawedAmmyy malware that leverages undetected XLM macros as an Infection Vehicle to compromise user’s devices. In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0

Malware 85

Malware Antivirus Technology Phishing 85