eSecurity Planet

AUGUST 10, 2022

From mass production of cheap malware to ransomware as a service (RaaS) , cyber criminals have industrialized cybercrime, and a new HP Wolf Security report warns that cybercriminals are adapting advanced persistent threat (APT) tactics too. EDR gains visibility on what’s happening on an organization’s endpoints by capturing activity data.

Ransomware 132

Ransomware Digital transformation Malware Internet 132

Security Affairs

DECEMBER 29, 2023

Under Christmas tree you can find great gifts such as significant improvements of user interface (panel), modal windows on loading and expansion of data collection objects. Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management 129

Password Management Cryptocurrency Passwords Authentication 129

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. rar archive files.

Ransomware 71

Ransomware Antivirus Malware Banking 71

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. “In September 2019, we started a repository of Critical Infrastructures Ransomware Attacks (CIRWAs).

Ransomware 114

Ransomware Advertising Data collection Healthcare 114

Security Affairs

FEBRUARY 3, 2022

” xPack allowed threat actors to run WMI commands remotely and mount shares over SMB to transfer data from C2 servers to them. The malware was also used by the attackers to browse the web, likely using it as a proxy to mask their IP address. In some cases threat actors staged stolen data for further exfiltration.

Manufacturing 93

Manufacturing Malware Data collection Encryption 93

Security Affairs

OCTOBER 30, 2019

The news is shocking, the Kudankulam Nuclear Power Plant (KNPP) that initially denied a malware infection, now admits the security breach. Some users are claiming on the social media that a piece of the ‘DTrack’ malware has infected the systems at the KKNPP. The NPCIL also added that the two networks were isolated.

Malware 50

Malware Cyber Attacks Advertising Data collection 50

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

There are three major threat vectors that harm IoT deployments: Devices are hijacked by malicious software; Data collected and processed in IoT ecosystems is tampered with and impacts the confidentiality, integrity and availability of the information; and, Weak user and device authentication.

IoT 96

IoT Manufacturing Energy and Utilities Data collection 96

Security Affairs

SEPTEMBER 18, 2020

Ransomware , the headliner of the previous half-year, walked off stage: only 1 percent of emails analyzed by Group-IB’s Computer Emergency Response Team (CERT-GIB) contained this kind of malware. They are followed by banking Trojans , whose share in the total amount of malicious attachments showed growth for the first time in a while.

Phishing 105

Phishing Ransomware Spyware Banking 105

Security Affairs

FEBRUARY 6, 2020

based specification for a suite of high-level communication protocols used to create personal area networks with small, low-power digital radios, such as for home automation, medical device data collection, and other low-power low-bandwidth needs, designed for small scale projects which need wireless connection.

Hacking 123

Hacking IoT Wireless Firmware 123

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. Brovko was involved in the illegal practice between 2007 and 2019. In some cases, the man manually chacked the stolen information.

Accountability 106

Accountability Banking Advertising Data collection 106

Security Affairs

DECEMBER 30, 2020

Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. In November 2019, the US branch of the telecommunications giant disclosed a security breach that impacted a small number of customers of its prepaid service.

Data breaches 137

Data breaches Mobile Telecommunications Wireless 137

The Last Watchdog

AUGUST 14, 2019

With all the talk of escalating cyber warfare , the spread of counterfeit smartphones and new forms of self-replicating malware , I came away from Black Hat USA 2019 (my 15 th ) marveling, once more, at the panache of modern cyber criminals. More data had to be collected, stored and analyzed, ideally by experienced analysts.

Antivirus 147

Antivirus Digital transformation Firmware Software 147

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. For instance, malicious spam campaigns targeting organizations grew 10-fold in April 2022, spreading Qbot and Emotet malware. of all phishing attacks in 2022.

Banking 75

Banking Phishing Cryptocurrency Mobile 75

SecureList

SEPTEMBER 28, 2022

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. Active since 2014, in 2016, the group decided to give up ATM malware and focus all of their attacks on PoS systems, targeting the core of the payment industry. Evolving into PoS malware.

Malware 102

Malware Banking Software Encryption 102

SecureList

OCTOBER 7, 2022

Using LOLBINS, common legitimate pentesting tools, and fileless malware; misleading security researchers by placing false flags—these and other anti-forensic tricks often make threat attribution a matter of luck. The malware spreads through spear-phishing emails with a malicious Microsoft Office document as attachment.

Malware 142

Malware Computers and Electronics Telecommunications Encryption 142

Krebs on Security

JULY 18, 2022

re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. The Exe Clean service made malware look like goodware to antivirus products. su between 2016 and 2019. “The 911[.]re

VPN 300

VPN Computers and Electronics Antivirus Software 300

Krebs on Security

MAY 2, 2023

.” US JOB SERVICES KrebsOnSecurity was alerted to the data exposure by Patrick Barry , chief information officer at Charlotte, NC based Rebyc Security. Barry shared screenshots of that back-end database, which show the email address for the administrator of US Job Services is tab.webcoder@gmail.com. .”

Marketing 262

Marketing Advertising Scams Telecommunications 262

The Last Watchdog

SEPTEMBER 11, 2019

I had the chance to meet with him again at Black Hat 2019 in Las Vegas. Here are my takeaways: Skills deficit Over the past 20 years, enterprises have shelled out small fortunes in order to stock their SOCs with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can buy.

Big data 159

Big data Firewall Digital transformation Software 159

SiteLock

AUGUST 27, 2021

This tricks the database into allowing an attacker unauthorized access to the sensitive data collected on your website. In the “ SiteLock 2019 Website Security Report ,” we found that 6% of the 6 million websites we evaluated had SQLi vulnerabilities.

Backups 98

Backups Encryption Firewall Small Business 98

Thales Cloud Protection & Licensing

SEPTEMBER 5, 2019

The report found that for IoT in Europe, the primary data security threats lie with attacks on IoT devices, loss or theft of IoT devices, and more broadly a lack of established security frameworks for IoT – all of which ranked higher in Europe than in our global sample.

Technology 91

Technology Digital transformation IoT Big data 91

Security Affairs

MARCH 14, 2019

The malicious code was detected in early March 2019. In the course of further research it was revealed that GMO JS Sniffer has presumably been collecting customer payment data since November 2018. We dubbed this JS Sniffer family GMO because the malware uses gmo[.]li According to Alexa.com, the number of fila.co [.]uk

eCommerce 88

eCommerce Marketing Data breaches Advertising 88

SecureList

MARCH 13, 2024

Not unlike malware, stalkerware apps are much less frequent on iPhones than on Android devices due to the proprietary and closed nature of iOS. Global detection figures: affected users Using global and regional statistics, Kaspersky has been able to compare data collected in 2023 with the previous four years.

Mobile 83

Mobile Passwords Surveillance Technology 83

Security Affairs

APRIL 14, 2021

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020. FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. “Just 3.4%

Data collection 64

Data collection Malware Hacking Ransomware 64

Malwarebytes

JUNE 30, 2022

The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon stealer is malware as a service, with the developers selling it to would-be users. If files end up on malware scanning services, the malware authors know exactly who the leak has come from.

Cryptocurrency 77

Cryptocurrency Malware Data collection Passwords 77

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 133

Threat Reports Phishing Banking Malware 133

Security Affairs

NOVEMBER 28, 2020

Experts from threat intelligence firm KELA , speculate the threat actor could have obtained the credentials buying “Azor logs,” which are lots of data stolen from computers infected with the AzorUlt info-stealer trojan.

Accountability 107

Accountability Cybercrime Hacking Retail 107

Security Affairs

APRIL 5, 2021

Cybersecurity firm Kaspersky has published the Industrial Control System Threat Landscape report for H2 2020 which is based on statistical data collected by the distributed antivirus Kaspersky Security Network (KSN). . The same percentage was 7% in 2019, and H1 2020 compared to H2 2019. than in 2019).

Cyber Attacks 78

Cyber Attacks Ransomware Engineering Data collection 78

eSecurity Planet

JANUARY 28, 2021

Bitglass secured Series D funding of $70 million in August 2019 bringing its total venture capital funding to $150 million. Morgan Asset Management, Andreessen Horowitz, General Catalyst, Formation 8, BlackRock Funds, Accel Partners, and Data Collective, as well as individual investors such as Microsoft Chairman John W.

Cybersecurity 111

Cybersecurity Artificial Intelligence Threat Detection Marketing 111

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is a novel open sharing database with the ability to collect indicators from multiple sources, developed by Segurança-Informática. The campaigns were classified as either phishing or malware. Phishing and Malware Q1 2020.

Threat Reports 100

Threat Reports Phishing Banking Malware 100

Security Affairs

JANUARY 26, 2021

Threat Report Portugal Q4 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. Malware by Numbers.

Threat Reports 117

Threat Reports Phishing Malware Banking 117

Security Affairs

AUGUST 2, 2019

“Between July 19 and July 25, 2019, several spear-phishing emails were identified?targeting The LookBack malware is composed of a remote access Trojan (RAT) module and a proxy mechanism used for command and control (C&C) communication.? The RAT is written in C++ and relies on a proxy to relay data? The malware sets up?a?Registry?Run

Phishing 80

Phishing Malware Advertising Engineering 80

Krebs on Security

DECEMBER 29, 2022

This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware. The two hackers involved pleaded guilty in 2019; by this time, it has become a nearly everyday occurrence for victim companies to pay to keep a ransomware attack quiet.

Cryptocurrency 229

Cryptocurrency Cybercrime Computers and Electronics Scams 229

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. Malware by Numbers.

Threat Reports 84

Threat Reports Phishing Malware Banking 84

SecureList

JUNE 20, 2022

Such ‘objects’, as referred to here, point to things such as malware and hijacked servers, which, when put together and ‘manipulated’, inform the technical attribution process. within network activity logs collected by the Internet Service Provider (ISP), etc.). Tool-based attribution (i.e.,

Energy and Utilities 88

Energy and Utilities Data collection Malware Cybersecurity 88

SecureList

SEPTEMBER 28, 2021

We were unable to cluster those packages until the middle of 2019 when we found a host that served these installers among FinSpy Mobile implants for Android. The Pre-Validator ensures that the victim machine is not used for malware analysis. Each shellcode collects specific system information (e.g. MacOS Infection.

Encryption 143

Encryption Malware Spyware Architecture 143

Security Affairs

JULY 21, 2019

SAP Patch Day – July 2019 addresses a critical flaw in Diagnostics Agent. CVE-2019-6342 flaw allows hackers to fully compromise Drupal 8.7.4 Israel surveillance firm NSO group can mine data from major social media. Poland and Lithuania fear that data collected via FaceApp could be misused. Paper Copy.

Small Business 57

Small Business Media Spyware DNS 57

Krebs on Security

JANUARY 11, 2022

Wazawaka used multiple email addresses and nicknames on several Russian crime forums, but data collected by cybersecurity firm Constella Intelligence show that Wazawaka’s alter egos always used one of three fairly unique passwords: 2k3x8x57 , 2k3X8X57 , and 00virtual. ” WHO IS WAZAWAKA?

DDOS 259

DDOS Accountability Cybercrime Ransomware 259