Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware 131

Malware DNS Retail Education 131

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Hacking 114

Hacking Risk Mobile Banking 114

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 124

Cybercrime Ransomware DDOS Encryption 124

Security Affairs

JULY 23, 2020

CVE-2020-1147 is a critical vulnerability in.NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET

Hacking 111

Hacking Advertising Software Information Security 111

Security Affairs

MAY 25, 2020

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The databases appear to have been leaking in May 2020.

Hacking 134

Hacking Data breaches Advertising Cybercrime 134

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with.NET and C#. Google promptly removed the malware-laced apps from Google Play.

Malware 111

Malware Encryption Social Engineering Marketing 111

Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. SecurityAffairs – hacking, SideWinder).

Encryption 98

Encryption Malware Phishing Hacking 98

Security Affairs

DECEMBER 20, 2020

This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. December 10 – Russia-linked APT28 uses COVID19 lures to deliver Zebrocy malware. Russia-link cyberespionage APT28 leverages COVID19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware.

Malware 110

Malware Phishing Hacking Information Security 110

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware 103

Malware DDOS Hacking Cybercrime 103

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org domain and they were not containing any malware. org subdomain. .”

Malware 120

Malware Software Cryptocurrency Passwords 120

Security Affairs

MARCH 20, 2021

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Google researchers observed two separate waves of attacks that took place in February and October 2020, respectively. The exploit chains targeted Android, Windows, and iOS devices.

Hacking 138

Hacking Software Information Security Malware 138

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware 105

Malware Identity Theft Banking Ransomware 105

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. March 26 – WordPress WP-VCD malware delivered via pirated Coronavirus plugins. March 26 – Hackers hijack D-Link and Linksys routers to point users to COVID1 9 -themed sites serving malware.

Scams 114

Scams Mobile Advertising Malware 114

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking 92

Hacking Government Phishing Malware 92

Security Affairs

MAY 27, 2020

The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks. Cybercriminals attempt to compromise computers to generate revenue by exfiltrating information from victims’ devices, typically banking-related information. Technical Analysis. 100:51224/$rdgate?

Malware 69

Malware Banking Advertising Data collection 69

Security Affairs

NOVEMBER 4, 2020

Cyber Defense Magazine November 2020 Edition has arrived. 150 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. SecurityAffairs – hacking, Cyber Defense Magazine November 2020 ).

InfoSec 123

InfoSec DNS Advertising Marketing 123

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report , FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. SecurityAffairs – hacking, malware).

Malware 93

Malware Cyber threats Telecommunications Advertising 93

Security Affairs

DECEMBER 9, 2020

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. In 2020, the IT giant has released a total of 1,250 CVEs.

Hacking 131

Hacking Information Security Malware 131

Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. 45% of breaches involved Hacking. Hacking, social, and malware have fallen the most. Errors are now as common as social attacks, and more common than malware attacks. Hacking types and vectors. Key numbers.

Data breaches 130

Data breaches Phishing Malware Hacking 130

Security Affairs

MARCH 3, 2021

The Perl.com domain was hijacked in January, but a senior editor at the site revealed that the hackers took control of the domain in September 2020. The Perl.com domain was hijacked in January 2021, but according to Brian Foy , senior editor of Perl.com, the attack took place months before, in September 2020. Pierluigi Paganini.

Social Engineering 110

Social Engineering Malware Hacking Engineering 110

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). SecurityAffairs – hacking, ZeroLogon).

Authentication 145

Authentication Advertising Architecture Passwords 145

Security Affairs

DECEMBER 4, 2020

VMware addressed CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. VMware has finally released security updates to fix the CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

Passwords 120

Passwords Accountability Malware Hacking 120

Security Affairs

OCTOBER 21, 2020

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999.

Advertising 120

Advertising Engineering Hacking Software 120

Security Affairs

NOVEMBER 23, 2020

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. Pierluigi Paganini.

Hacking 133

Hacking Cybersecurity Information Security Malware 133

Security Affairs

NOVEMBER 7, 2020

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. SecurityAffairs – hacking, CVE-2020-14882).

Ransomware 92

Ransomware Malware Internet Internet 92

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 133

Engineering VPN Accountability Software 133

Security Affairs

OCTOBER 28, 2021

AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu , with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e.

Malware 100

Malware Cybercrime Mobile Banking 100

Security Affairs

DECEMBER 4, 2021

Cuba ransomware has been active since at least January 2020. Cuba ransomware has been actively distributed through the Hancitor malware , a commodity malware that partnered with ransomware gangs to help them gain initial access to target networks. SecurityAffairs – hacking, ransomware). ” states the alert.

Ransomware 141

Ransomware Hacking Malware Encryption 141

Security Affairs

NOVEMBER 5, 2020

VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. SecurityAffairs – hacking, ESXi).

Advertising 127

Advertising Hacking Information Security Malware 127

Security Affairs

NOVEMBER 13, 2020

Netskope security researchers have spotted a new credential stealer dubbed TroubleGrabber that spreads via Discord attachments and uses Discord webhooks to transfer stolen data to its operators. The malware sends information back to the attacker via webhook as a chat message to his Discord server. ” continues the report.

Malware 115

Malware Passwords Hacking Accountability 115

Security Affairs

MARCH 12, 2020

Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware. On March 10, 2019, Microsoft accidentally leaked info on a security update for a wormable vulnerability in the Microsoft Server Message Block (SMB) protocol.

Advertising 112

Advertising Internet Internet Malware 112

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job. ”

Hacking 342

Hacking Ransomware Banking Accountability 342

Security Affairs

APRIL 19, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Consumer reports received since January 2020 revealed that that approximately $12 million were lost due to Coronavirus-related scams, FTC says. Coronavirus-themed attacks April 05 – April 11, 2020. Pierluigi Paganini.

Scams 108

Scams Malware Phishing Surveillance 108

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. SecurityAffairs – North Korea, hacking).

Malware 123

Malware Advertising Government Cryptocurrency 123

Security Affairs

DECEMBER 10, 2020

Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages.

Malware 135

Malware Advertising Media Engineering 135

Security Affairs

DECEMBER 6, 2020

This post includes the details of the COVID-19 themed attacks launched from October 1 to December 5, 2020. Below a list of attacks detected between October 1 to December 5, 2020. November 30 – Exploring malware to bypass DNA screening and lead to ‘biohacking’ attacks. SecurityAffairs – hacking, COVID).

Cyber Attacks 93

Cyber Attacks Manufacturing Healthcare Data breaches 93

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. Data that emerged from the report are worrisome, in 2020 the reported losses exceeded $4.2 ” reads 2020 Internet Crime Report. billion in losses.

Internet 110

Internet Internet Scams Identity Theft 110