Krebs on Security

MARCH 10, 2020

Twenty-six of those earned Microsoft’s most-dire “critical” rating, meaning malware or miscreants could exploit them to gain complete, remote control over vulnerable computers without any help from users. CVE-2020-0852 is one just four remote execution flaws Microsoft patched this month in versions of Word.

Backups 245

Backups Software Hacking Malware 245

Security Affairs

NOVEMBER 9, 2020

Many popular OS and applications have been hacked during this year’s edition of the Tianfu Cup hacking competition. This year’s edition of the Tianfu Cup hacking competition was very prolific, bug bounty hackers have discovered multiple vulnerabilities in multiple software and applications. Pierluigi Paganini.

Hacking 134

Hacking Firmware Software Government 134

Security Affairs

NOVEMBER 11, 2020

Mozilla and Google have already fixed the critical flaws in Firefox and Chrome exploited by bug bounty hunters at 2020 Tianfu Cup hacking contest. Mozilla and Google have already addressed the critical Firefox and Chrome vulnerabilities that were recently exploited by white hat hackers at the 2020 Tianfu Cup hacking contest.

Hacking 102

Hacking Government Accountability Cybersecurity 102

Security Affairs

MARCH 4, 2021

FireEye researchers spotted a new sophisticated second-stage backdoor that was likely linked to threat actors behind the SolarWinds hack. The new malware is dubbed Sunshuttle , and it was “uploaded by a U.S.-based based entity to a public malware repository in August 2020.” ” continues FireEye.

Malware 115

Malware Hacking Antivirus Information Security 115

Krebs on Security

DECEMBER 16, 2020

13, cyber incident response firm FireEye published a detailed writeup on the malware infrastructure used in the SolarWinds compromise, presenting evidence that the Orion software was first compromised back in March 2020. FireEye said hacked networks were seen communicating with a malicious domain name — avsvmcloud[.]com

Hacking 342

Hacking Malware Software Cybercrime 342

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Figure 1: Lampion malware email templates. 2020-02-13] #Lampion v2 #portugal #malware #ATA 0998f6473004e0ba54ead5784ba62db8 h}//vrau-x.s3.us-east-2.amazonaws.[com/0.zip zip h//oiurx14x.s3.us-east-2.amazonaws.}com/P-14-7.dll

Malware 79

Malware Banking Antivirus Advertising 79

The Hacker News

DECEMBER 10, 2022

Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe.

Hacking 85

Hacking Malware 85

Malwarebytes

JULY 28, 2021

The 2020 Olympics are, after a bit of a delayed start , officially in full swing. And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. 2010 Vancouver.

Scams 138

Scams Hacking Malware Mobile 138

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. Now some statistic facts about malware. In the first half of 2020 alone, SonicWall registered over 3.2

Firewall 132

Firewall Malware IoT Software 132

Security Affairs

MARCH 15, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from February 1 to March 15, 2020. February 1, 2020 – Crooks start exploiting Coronavirus as bait to spread malware. February 25, 2020 – South Korea suffers from the spread of people infected with Corona 19. ‘

Malware 125

Malware Advertising Scams Cybercrime 125

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Hacking 115

Hacking Risk Mobile Banking 115

Security Affairs

JULY 23, 2020

CVE-2020-1147 is a critical vulnerability in.NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET

Hacking 112

Hacking Advertising Software Information Security 112

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware 132

Malware DNS Retail Education 132

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 125

Cybercrime Ransomware DDOS Encryption 125

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. Image: Microsoft.

Hacking 185

Hacking Cybercrime Ransomware Government 185

Security Affairs

MAY 25, 2020

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The databases appear to have been leaking in May 2020.

Hacking 136

Hacking Data breaches Advertising Cybercrime 136

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with.NET and C#. Google promptly removed the malware-laced apps from Google Play.

Malware 112

Malware Encryption Social Engineering Marketing 112

Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. SecurityAffairs – hacking, SideWinder).

Encryption 99

Encryption Malware Phishing Hacking 99

Security Affairs

DECEMBER 20, 2020

This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. December 10 – Russia-linked APT28 uses COVID19 lures to deliver Zebrocy malware. Russia-link cyberespionage APT28 leverages COVID19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware.

Malware 109

Malware Phishing Hacking Information Security 109

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware 104

Malware DDOS Hacking Cybercrime 104

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware 107

Malware Identity Theft Banking Ransomware 107

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. March 26 – WordPress WP-VCD malware delivered via pirated Coronavirus plugins. March 26 – Hackers hijack D-Link and Linksys routers to point users to COVID1 9 -themed sites serving malware.

Scams 116

Scams Mobile Advertising Malware 116

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org domain and they were not containing any malware. org subdomain. .”

Malware 120

Malware Software Cryptocurrency Passwords 120

Security Affairs

MARCH 20, 2021

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Google researchers observed two separate waves of attacks that took place in February and October 2020, respectively. The exploit chains targeted Android, Windows, and iOS devices.

Hacking 137

Hacking Software Information Security Malware 137

Security Affairs

MAY 27, 2020

The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks. During April and May 2020, a new Grandoreiro variant was identified. This piece of malware includes improvements in the way it is operating. Figure 1: Grandoreiro email template Q2 2020 (Portugal).

Malware 69

Malware Banking Advertising Data collection 69

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. One of the scripts, the “c.js”, was containing an exploit for the CVE-2020-12641 vulnerability.

Hacking 94

Hacking Government Phishing Malware 94

Security Affairs

MARCH 9, 2020

Multiple state-sponsored hacking groups are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers. Cybersecurity firm Volexity is warning that nation-state actors are attempting to exploit a vulnerability recently addressed in Microsoft Exchange email servers tracked as CVE-2020-0688.

Authentication 141

Authentication Advertising Hacking Malware 141

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report , FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. SecurityAffairs – hacking, malware).

Malware 94

Malware Cyber threats Telecommunications Advertising 94

Security Affairs

APRIL 12, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from April 05 to April 11, 2020. April 09 – Phishers prefer Tesla, top 3 malware strains in COVID19 phishing campaigns. April 09 – Australian Signals Directorate (ASD) is hacking crooks behind COVID19-themed attacks.

Scams 97

Scams Advertising Malware Phishing 97

Security Affairs

DECEMBER 9, 2020

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. In 2020, the IT giant has released a total of 1,250 CVEs. Pierluigi Paganini.

Hacking 132

Hacking Information Security Malware 132

Security Affairs

DECEMBER 4, 2020

VMware addressed CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. VMware has finally released security updates to fix the CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

Passwords 122

Passwords Accountability Malware Hacking 122

Security Affairs

AUGUST 3, 2020

2020 Cost of a Data Breach Report: the global total cost of a data breach averaged $3.86 million in 2020, down about 1.5% This year the researchers analyzed 524 breaches that occurred between August 2019 and April 2020, in organizations of all sizes, across 17 geographies and 17 industries. million in 2020, down about 1.5%

Data breaches 118

Data breaches Advertising Malware Hacking 118

Security Affairs

MARCH 3, 2021

The Perl.com domain was hijacked in January, but a senior editor at the site revealed that the hackers took control of the domain in September 2020. The Perl.com domain was hijacked in January 2021, but according to Brian Foy , senior editor of Perl.com, the attack took place months before, in September 2020. Pierluigi Paganini.

Social Engineering 110

Social Engineering Malware Hacking Engineering 110

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. SecurityAffairs – hacking, ZeroLogon). Pierluigi Paganini.

Authentication 145

Authentication Advertising Architecture Passwords 145

Security Affairs

OCTOBER 28, 2021

AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu , with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e.

Malware 102

Malware Cybercrime Mobile Banking 102

Security Affairs

JULY 22, 2021

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products.

Malware 129

Malware Antivirus Passwords Firewall 129

Security Affairs

NOVEMBER 7, 2020

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. SecurityAffairs – hacking, CVE-2020-14882).

Ransomware 91

Ransomware Malware Internet Internet 91