2019, Malware and Security Intelligence

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs

APRIL 30, 2020

Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic. Crooks are attempting to take advantage of COVID-19 pandemic spreading malware via pirate streaming services and movie piracy sites during the COVID-19 outbreak, Microsoft warns.

Malware

Malware Adware Security Intelligence Social Engineering

Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

Security Affairs

APRIL 21, 2025

While investigating a security breach, the AhnLab SEcurity intelligence Center (ASEC) researchers discovered a North Korea-linked group Kimsuky ‘s campaign, tracked as Larva-24005. “In some systems, initial access was gained through exploiting the RDP vulnerability (BlueKeep, CVE-2019-0708).

Phishing

Phishing Malware Security Intelligence Hacking

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS

DNS Penetration Testing Malware Hacking

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. . — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. SecurityAffairs – FlawedAmmyy, malware).

Security Intelligence

Security Intelligence Advertising Malware Banking

Emotet botnet surges back after months of absence

Security Affairs

JULY 18, 2020

In 2019, security experts haven’t detected any activity associated with Emotet since early April, when researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and uses them as Proxy C2 servers. ” states BleepingComputer. TNW and Be safe!

Advertising

Advertising Malware Banking Security Intelligence

A week in security (June 28 – June 4)

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance

Cyber Insurance Social Engineering Scams Insurance

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, just opening the RTF documents. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019.

Security Intelligence

Security Intelligence Advertising Malware Information Security

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.”

Small Business

Small Business Malware Cryptocurrency Advertising

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

Security Affairs

JULY 1, 2022

Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. “We observed notable updates to the long-running malware campaign targeting Linux systems by a group known as the 8220 gang.”

Security Intelligence

Security Intelligence Hacking Malware Information Security

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

I had the chance at RSA 2019 to sit down with Lucy CEO Colin Bastable, to discuss the wider context. In short, it’s a perfect environment for cybercriminals to gather intelligence about us, then craft creative ruses to trick victims into installing malware that gives them a foothold.

Social Engineering

Social Engineering Engineering Phishing Banking

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan.

Antivirus

Antivirus Malware Advertising Security Intelligence

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

pic.twitter.com/VdiKoqAwkr — Kevin Beaumont (@GossiTheDog) November 2, 2019. The vulnerability , tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft with May 2019 Patch Tuesday updates. huh, the EternalPot RDP honeypots have all started BSOD'ing recently.

Penetration Testing

Penetration Testing Malware Advertising Spyware

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Cashdollar will be at Defcon (@_larry0) August 6, 2019. Nothing interesting so far.

IoT

IoT Wireless Advertising Surveillance

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime

Cybercrime Cyber threats Hacking Software

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. ” reads the analysis published by Microsoft.

Authentication

Authentication Advertising Architecture Cyber Attacks

Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Security Affairs

MARCH 19, 2021

In the 2020 Cloud Native Survey , 91% of respondents told the Cloud Native Computing Foundation (CNCF) that they were using Kubernetes—an increase from 78% in 2019 and 58% a year earlier. For more information about other aspects of Amazon EKS security, click here.

Information Security

Information Security Security Intelligence Hacking Accountability

Staying a Step Ahead of the Hack

Webroot

DECEMBER 11, 2020

Social engineering and business email compromise (BEC) are two related cyberattack vectors that rely on human error to bypass the technology defenses businesses deploy to deter malware. According to the FBI, BEC attacks resulted in more than $26 billion (you read that right) between June 2016 and July 2019. Social Engineering.

Hacking

Hacking Social Engineering Phishing Engineering

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking

Banking Malware Security Intelligence Advertising

Cyber Security Informer

Crooks spread malware via pirated movies during COVID-19 outbreak

Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

Trending Sources

French Firms Rocked by Kasbah Hacker?

Purple Lambert, a new malware of CIA-linked Lambert APT group

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Emotet botnet surges back after months of absence

A week in security (June 28 – June 4)

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

A new Astaroth Trojan Campaign uncovered by Microsoft

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

The number of exploits in the Echobot botnet reached 59

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Iran-linked APT is exploiting the Zerologon flaw in attacks

Why Focusing on Container Runtimes Is the Most Critical Piece of Security for EKS Workloads?

Staying a Step Ahead of the Hack

Emotet operators are running Halloween-themed campaigns

Stay Connected