Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. ” states Kaspersky.

Encryption 98

Encryption Malware Phishing Hacking 98

Security Boulevard

FEBRUARY 24, 2021

Our thanks to BSides Calgary and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSides Calgary 2020 Conference , and on the Organization's YouTube Channel.

Malware 62

Malware Education Information Security 62

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 122

Cybercrime Ransomware DDOS Encryption 122

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware 129

Malware DNS Retail Education 129

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with.NET and C#. Google promptly removed the malware-laced apps from Google Play.

Malware 108

Malware Encryption Social Engineering Marketing 108

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org domain and they were not containing any malware. org subdomain. .”

Malware 118

Malware Software Cryptocurrency Passwords 118

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report , FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. SecurityAffairs – hacking, malware).

Malware 91

Malware Cyber threats Telecommunications Advertising 91

Security Affairs

DECEMBER 20, 2020

This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. December 10 – Russia-linked APT28 uses COVID19 lures to deliver Zebrocy malware. Russia-link cyberespionage APT28 leverages COVID19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware.

Malware 108

Malware Phishing Hacking Information Security 108

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware 101

Malware DDOS Hacking Cybercrime 101

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. March 26 – WordPress WP-VCD malware delivered via pirated Coronavirus plugins. March 26 – Hackers hijack D-Link and Linksys routers to point users to COVID1 9 -themed sites serving malware.

Scams 112

Scams Mobile Advertising Malware 112

Security Affairs

APRIL 19, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. Consumer reports received since January 2020 revealed that that approximately $12 million were lost due to Coronavirus-related scams, FTC says. Coronavirus-themed attacks April 05 – April 11, 2020. Pierluigi Paganini.

Scams 107

Scams Malware Phishing Surveillance 107

Security Affairs

JANUARY 26, 2024

The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40) has been sentenced in the US to 64 months in prison for his role in the development and distribution of the TrickBot malware. in October 2021.

Malware 103

Malware Identity Theft Banking Ransomware 103

Security Affairs

NOVEMBER 4, 2020

Cyber Defense Magazine November 2020 Edition has arrived. 150 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. SecurityAffairs – hacking, Cyber Defense Magazine November 2020 ).

InfoSec 121

InfoSec DNS Advertising Marketing 121

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Pierluigi Paganini.

Authentication 145

Authentication Advertising Architecture Passwords 145

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 131

Engineering VPN Accountability Software 131

Security Affairs

DECEMBER 4, 2020

VMware addressed CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. VMware has finally released security updates to fix the CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

Passwords 118

Passwords Accountability Malware Hacking 118

Security Affairs

MARCH 20, 2021

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Google researchers observed two separate waves of attacks that took place in February and October 2020, respectively. ” wrote the popular Project Zero researcher Maddie Stone.

Hacking 136

Hacking Software Information Security Malware 136

Security Affairs

DECEMBER 9, 2020

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. In 2020, the IT giant has released a total of 1,250 CVEs.

Hacking 129

Hacking Information Security Malware 129

Security Affairs

NOVEMBER 7, 2020

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. SecurityAffairs – hacking, CVE-2020-14882). Pierluigi Paganini.

Ransomware 90

Ransomware Malware Internet Internet 90

Security Affairs

APRIL 5, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. March 30, 2020 – Your colleague was infected with COVID19, this is the latest phishing lure. The Zeus Sphinx malware is back, operators are now spreading it exploiting the interest in the COVID19 outbreak.

Advertising 93

Advertising Phishing Malware Cybercrime 93

Security Affairs

NOVEMBER 23, 2020

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. Pierluigi Paganini.

Hacking 131

Hacking Cybersecurity Information Security Malware 131

Security Affairs

MARCH 12, 2020

Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware. On March 10, 2019, Microsoft accidentally leaked info on a security update for a wormable vulnerability in the Microsoft Server Message Block (SMB) protocol.

Advertising 110

Advertising Internet Internet Malware 110

Security Affairs

MARCH 3, 2021

The Perl.com domain was hijacked in January, but a senior editor at the site revealed that the hackers took control of the domain in September 2020. The Perl.com domain was hijacked in January 2021, but according to Brian Foy , senior editor of Perl.com, the attack took place months before, in September 2020. Pierluigi Paganini.

Social Engineering 108

Social Engineering Malware Hacking Engineering 108

Security Affairs

OCTOBER 28, 2021

AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security researchers at the Lookout Threat Labs have discovered a new Android malware, dubbed AbstractEmu , with rooting capabilities that is distributed on Google Play and prominent third-party stores (i.e.

Malware 98

Malware Cybercrime Mobile Banking 98

Security Affairs

MARCH 22, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 15 to March 21, 2020. March 21, 2020 – New Coronavirus-themed attack uses fake WHO chief emails. March 19, 2020 – Coronavirus news used by Emotet and Trickbot to evade detection. Pierluigi Paganini.

Advertising 104

Advertising Cybercrime Scams Phishing 104

Security Affairs

OCTOBER 21, 2020

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999.

Advertising 118

Advertising Engineering Hacking Software 118

SiteLock

AUGUST 27, 2021

We’re excited to announce SiteLock received Gold and Bronze recognition in the 2020 Cybersecurity Excellence Awards for Best Website Security and Most Innovative Cybersecurity Company! SiteLock also earned Bronze recognition for Most Innovative Cybersecurity Company.

Cybersecurity 98

Cybersecurity Marketing Malware Engineering 98

Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. Hacking, social, and malware have fallen the most. Errors are now as common as social attacks, and more common than malware attacks. The top malware type is Password Dumper, because it really is about getting those creds.

Data breaches 130

Data breaches Phishing Malware Hacking 130

Security Affairs

NOVEMBER 13, 2020

Netskope security researchers have spotted a new credential stealer dubbed TroubleGrabber that spreads via Discord attachments and uses Discord webhooks to transfer stolen data to its operators. The malware sends information back to the attacker via webhook as a chat message to his Discord server. ” continues the report.

Malware 112

Malware Passwords Hacking Accountability 112

Security Affairs

JANUARY 8, 2021

Multiple threat actors have recently started using the Ezuri memory loader as a loader to executes malware directly into the victims’ memory. According to researchers from AT&T’s Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. ” concludes the report.

Malware 139

Malware Encryption Antivirus Passwords 139

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

Advertising 123

Advertising InfoSec Government Healthcare 123

Security Affairs

NOVEMBER 5, 2020

VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. Pierluigi Paganini.

Advertising 126

Advertising Hacking Information Security Malware 126

Security Affairs

JULY 16, 2021

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Since 2019 experts found many Joker apps on Google Play store, in September 2019 security experts at Google removed from the store 24 apps. ” states a post published by the experts. explained. “If

Malware 140

Malware Mobile Spyware Encryption 140

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. Data that emerged from the report are worrisome, in 2020 the reported losses exceeded $4.2 ” reads 2020 Internet Crime Report. billion in losses.

Internet 109

Internet Internet Scams Identity Theft 109

Security Affairs

DECEMBER 10, 2020

Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages.

Malware 133

Malware Advertising Media Engineering 133

Security Affairs

MAY 13, 2020

The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT , it has uploaded the malicious code to VirusTotal. ” reads the DHS CISA’s advisory.

Malware 121

Malware Advertising Government Cryptocurrency 121

Security Affairs

JUNE 3, 2022

An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware called WinDealer via man-on-the-side attacks. The activity of the group was first documented by TeamT5 researchers that also reported the use of three malware families: SpyDealer, Demsty and WinDealer. To nominate, please visit:?.

Malware 136

Malware Telecommunications Internet Internet 136