Security Affairs

APRIL 5, 2021

H2 2020 – Kaspersky observed an increase in ransomware attacks on industrial control system (ICS) systems in developed countries. T he percentage of ICS computers hit by a cyber attack in the second half of the year on a global scale was 33.4%, (+0.85% than H1 2020). Which are most secure countries in H2 2020?

Cyber Attacks 69

Cyber Attacks Ransomware Engineering Data collection 69

Security Affairs

APRIL 22, 2021

Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. The CVE-2020-24557 vulnerability affects the Apex One and OfficeScan XG enterprise security products.

Antivirus 120

Antivirus Hacking Cybersecurity Information Security 120

Security Affairs

MARCH 11, 2020

Antivirus maker Avast has disabled a core component of its antivirus to address a severe vulnerability that would have allowed attackers to control users’ PC. link] — Tavis Ormandy (@taviso) March 11, 2020. Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM.

Engineering 109

Engineering Antivirus Advertising Hacking 109

Security Affairs

JUNE 27, 2021

“While the Windows system is in safe mode antivirus software doesn’t work. The researchers started investigating the threat after they became aware that the malware was disabling and uninstalling its antivirus from infected devices. “It also uses WQL to query all antivirus software installed SELECT * FROM AntiVirusProduct.”

Antivirus 104

Antivirus Cryptocurrency Malware Software 104

Security Affairs

JANUARY 4, 2021

pic.twitter.com/Qlska7DteM — Arkbird (@Arkbird_SOLG) December 27, 2020. The EICAR Anti-Virus Test File, or EICAR test file, is a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization (CARO), to test the response of computer antivirus (AV) programs.

Antivirus 114

Antivirus Malware Accountability Hacking 114

Security Affairs

AUGUST 12, 2021

In April, the security firm revealed that attackers were actively exploiting a vulnerability, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. The CVE-2020-24557 vulnerability affects the Apex One and OfficeScan XG enterprise security products. .

Antivirus 104

Antivirus Authentication Hacking Information Security 104

Security Affairs

APRIL 21, 2024

The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269. The operators frequently disable security software to evade detection and for lateral movement. Akira operators were also observed using external-facing services such as Remote Desktop Protocol (RDP), spear phishing, and the abuse of valid credentials.

Ransomware 99

Ransomware Encryption Antivirus VPN 99

CyberSecurity Insiders

JANUARY 6, 2023

billion in 2020, a 43% increase. billion in payment card-related losses occurred in 2020 (over one-third of them in the U.S.). Test security of systems and networks regularly. Support information security within organizational policies and programs. billion in 2019 to $815.4 The Nilson Report  estimated $28.6

Antivirus 138

Antivirus Retail Software Accountability 138

Security Affairs

JUNE 22, 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts pointed out that the number of infected systems could be far greater because data provided by AVAST are only related to systems running their antivirus solution.

DNS 122

DNS Cryptocurrency Internet Internet 122

Security Affairs

DECEMBER 18, 2023

They may use various tactics to evade antivirus and other security measures. Ransomware was discovered in late 2020, while info stealer was discovered in June 2021. Info stealers can be delivered through various means, including malicious email attachments, infected websites, or as a payload delivered by other types of malware.

Banking 108

Banking Cybercrime Malware Accountability 108

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. — Dave Kennedy (@HackingDave) July 15, 2020. link] pic.twitter.com/cVIyB44o6q — Eugene Kaspersky (@e_kaspersky) June 22, 2020. Eugene Kaspersky | @e_kaspersky.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Security Affairs

NOVEMBER 23, 2020

likely a pun ) and was published to npm registry around November 11, 2020. Here’s how the malware execution sequence would appear to a Windows user: The “Windows NT is not supported” message shown in the screenshot, however, is a false error thrown by the malware in an attempt to fool both antivirus products and the end-user.

Malware 131

Malware Engineering Antivirus Software 131

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. CVE-2020-10173 Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m

IoT 115

IoT Firmware Malware Wireless 115

Security Affairs

MARCH 18, 2020

The first issue, tracked as CVE-2020-8467 , impacts the migration tool component of Apex One and OfficeScan. The second vulnerability exploited in the wild, tracked as CVE-2020-8468 is a content validation escape issue that affects the agents for Worry-Free Business Security, Apex One and OfficeScan.

Authentication 102

Authentication Advertising Antivirus Cybercrime 102

Security Affairs

OCTOBER 6, 2020

The alert published by CISA was based on data provided by the Multi-State Information Sharing & Analysis Center (MS-ISAC) and the CISA itself since July 2020. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. ” reads that alert published by CISA.

Government 132

Government Banking Advertising Malware 132

Security Affairs

OCTOBER 16, 2022

The vulnerability is due to the method (cpio) in which Zimbra’s antivirus engine (Amavis) scans inbound emails. The experts pointed out that the vulnerability is due to the method ( cpio ) used by Zimbra’s antivirus engine ( Amavis ) to scan the inbound emails. reported Rapid7.

Hacking 111

Hacking Antivirus Telecommunications Engineering 111

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware 117

Malware Phishing Antivirus Hacking 117

Security Affairs

JULY 9, 2020

“Account accesses for antivirus programs garner the second-highest prices: around $21.67. According to the report, Sentry MBA is the most popular credential stuffing tool, but OpenBullet tool has accounted for 35 percent of references across cyber criminal forums so far in 2020. ” reads the report published by the experts.

Cybercrime 114

Cybercrime Antivirus Marketing Accountability 114

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Disable hyperlinks in received emails. Pierluigi Paganini.

Passwords 63

Passwords Government Firmware Accountability 63

Security Affairs

MARCH 4, 2021

based entity to a public malware repository in August 2020.” ” “Mandiant Threat Intelligence discovered a sample of the SUNSHUTTLE backdoor uploaded to an online multi-Antivirus scan service.” The new malware is dubbed Sunshuttle , and it was “uploaded by a U.S.-based

Malware 112

Malware Hacking Antivirus Information Security 112

Security Affairs

JANUARY 8, 2021

“In October 2020, Palo Alto Networks Unit42 identified new variants of the cryptomining malware used by TeamTNT named “Black-T.” . The decrypted payload is an ELF file packed with UPX, which is a known sample from TeamTNT, first seen in June 2020 ( e15550481e89dbd154b875ce50cc5af4b49f9ff7b837d9ac5b5594e5d63966a3 ).”

Malware 129

Malware Encryption Antivirus Passwords 129

Security Affairs

APRIL 26, 2020

Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Are Maze operators behind the attack on the IT services giant Cognizant? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 92

Spyware Hacking Advertising Antivirus 92

Security Affairs

OCTOBER 26, 2021

The gang has been active since at least 2020, threat actors hit organizations from various industries. Install and regularly update antivirus software on all hosts, and enable real time detection. “Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021.

Ransomware 122

Ransomware Firmware Antivirus Accountability 122

Security Affairs

APRIL 7, 2021

“The lack of timely antivirus database updates for the security solution used on attacked systems also played a key role, preventing the solution from detecting and blocking the threat. It should also be noted that some components of the antivirus solution were disabled, further reducing the quality of protection.

VPN 90

VPN Ransomware Antivirus Firmware 90

eSecurity Planet

DECEMBER 30, 2020

To ease these burdens, SECaaS and SOCaaS vendors have emerged as cloud-based security as a service that can collect, analyze, and correlate your information from diverse systems and applications — turning former headaches into actionable information security intelligence. Security as a Service (SECaaS) .

Penetration Testing 116

Penetration Testing Cybersecurity Antivirus Network Security 116

Security Affairs

JUNE 23, 2021

One of the fathers of antivirus software, the entrepreneur John McAfee has been found dead in a Barcelona prison cell while he was waiting for extradition to the US. On October 6, 2020, McAfee was arrested in Spain over tax evasion charges while he was about to board a plane to Turkey. .

Cryptocurrency 126

Cryptocurrency Banking Accountability Antivirus 126

The Security Ledger

JUNE 30, 2021

In this week’s episode of the podcast (#219) we speak with four cybersecurity professionals about what it means to be Queer in the industry: their various paths to the information security community, finding support among their peers and the work still left to do to make information security inclusive.

InfoSec 52

InfoSec Information Security Cybersecurity Engineering 52

Security Affairs

MARCH 17, 2021

In March 2020, CERT France cyber-security agency warned about a new wave of ransomware attack that was targeting the networks of local government authorities. Operators behind the Pysa ransomware, also employed a version of the PowerShell Empire penetration-testing tool, they were able to stop antivirus products.

Education 87

Education Ransomware Encryption Antivirus 87

Security Affairs

SEPTEMBER 7, 2020

link] — CERT-FR (@CERT_FR) September 7, 2020. “For several days, ANSSI has observed the targeting of French companies and administrations by the Emotet malware,” reads the alert issued by the ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information). Send the samples (.doc

Malware 106

Malware Advertising Antivirus Banking 106

Security Affairs

OCTOBER 8, 2022

“ The vulnerability is due to the method (cpio) in which Zimbra’s antivirus engine (Amavis) scans inbound emails. ” The experts pointed out that the vulnerability is due to the method ( cpio ) used by Zimbra’s antivirus engine ( Amavis ) to scan the inbound emails. .” ” reported Rapid7.

Antivirus 82

Antivirus Engineering Hacking Accountability 82

Security Affairs

DECEMBER 1, 2020

New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020.

Cryptocurrency 91

Cryptocurrency Antivirus Manufacturing Government 91

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. In early 2020, several cybercriminals groups followed suit.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

AUGUST 15, 2022

The package describes itself as “secrets matching and verification made easy,” it has a total of 93 downloads since August 6, 2020. Sonatype researchers have discovered a new PyPI package named ‘ secretslib ‘ that drops fileless cryptominer to the memory of Linux machine systems. ” continues the analysis.

Malware 69

Malware Antivirus Engineering Hacking 69

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. Emotet , the most widespread malware worldwide and Ryuk , a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. DOWNLOAD FULL REPORT.

Malware 104

Malware Retail Advertising Antivirus 104

Security Affairs

SEPTEMBER 22, 2020

US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a notable increase in the use of LokiBot malware by threat actors since July 2020. “CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020. ” reads the CISA’s advisory.

Malware 63

Malware Passwords Advertising Antivirus 63

Security Affairs

MAY 22, 2021

A joint report published by Rostelecom-Solar and the FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have stolen information from Russian federal agencies. The malware supports two authentication methods: basic (with login and password) and oauth (with using a token).”

Computers and Electronics 106

Computers and Electronics Malware Antivirus Government 106

Security Affairs

JUNE 11, 2021

million Windows systems between 2018 and 2020. Researchers from NordLocker have discovered an unsecured database containing 1.2-terabyte terabyte of stolen data. Threat actors used custom malware to steal data from 3.2 The database includes 6.6 The top 10 targeted apps are as follows: Google Chrome (19.4 million entries) Mozilla FireFox (3.3

Malware 107

Malware Computers and Electronics Software Financial Services 107