SecureList

DECEMBER 18, 2020

For instance, before making the first internet connection to its C2s, the Sunburst malware lies dormant for a long period, of up to two weeks, which prevents an easy detection of this behavior in sandboxes. In the initial phases, the Sunburst malware talks to the C&C server by sending encoded DNS requests. avsvmcloud[.]com”

DNS 75

DNS Telecommunications Malware Encryption 75

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. .” Follow me on Twitter: @securityaffairs and Facebook.

IoT 102

IoT DNS Manufacturing Firmware 102

Security Affairs

OCTOBER 5, 2020

The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT). ” When the botnet was first detected in 2019, experts noticed it was exploiting the Tenda zero-day flaw tracked as CVE-2020-10987.

IoT 137

IoT Firmware DNS Advertising 137

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware 104

Malware Adware Spyware Antivirus 104

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. “ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. ” reads a blog post published by Avast.

DNS 72

DNS Passwords Advertising Banking 72

Security Affairs

NOVEMBER 1, 2021

The number of infected devices is impressive, on 2019-11-30 a trusted security partner in the US informed Qihoo 360’s Netlab Cybersecurity reported to have observed 1,962,308 unique daily active IPs from the Pink botnet targeting its systems. According to the experts, Pink is the largest botnet they have observed in the last six years.

Architecture 121

Architecture DDOS Advertising Firmware 121

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine. Targeted attacks.

Phishing 110

Phishing Spyware Firmware Malware 110