Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 126

Ransomware Firmware Antivirus Accountability 126

Security Boulevard

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. The antivirus server was later encrypted in the attack).

Hacking 98

Hacking Antivirus CISO Ransomware 98

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. FatFace CEO Liz Evans released a statement which said “ On 17th January 2021 FatFace identified some suspicious activity within its IT systems. Covid Fraud: £34.5m

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Affairs

FEBRUARY 2, 2022

Antivirus firm ESET addressed a local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. Antivirus firm ESET released security patches to address a high severity local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients.

Antivirus 84

Antivirus Internet Internet Hacking 84

Security Affairs

MARCH 21, 2021

Microsoft announced that its Defender Antivirus and System Center Endpoint Protection now protects users against attacks exploiting Exchange Server vulnerabilities. “Today, we have taken an additional step to further support our customers who are still vulnerable and have not yet implemented the complete security update. .

Antivirus 122

Antivirus Small Business Security Intelligence Hacking 122

Security Affairs

MARCH 9, 2021

Microsoft released ProxyLogon security updates for Microsoft Exchange servers running vulnerable unsupported Cumulative Update versions. Now Microsoft has released security updates for Microsoft Exchange servers running unsupported Cumulative Update versions that are affected by the above vulnerabilities, collectively tracked as ProxyLogon.

Antivirus 129

Antivirus Accountability Software Hacking 129

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Security Affairs

AUGUST 12, 2021

On July 28, Trend Micro released security patches for multiple incorrect permission assignment privilege escalation, incorrect permission preservation authentication bypass, arbitrary file upload, and local privilege escalation vulnerabilities in Apex One and Apex One as a Service products.

Antivirus 105

Antivirus Authentication Hacking Information Security 105

Security Affairs

MARCH 7, 2022

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. SharkBot is a banking trojan that has been active since October 2021, it allows to steal banking account credentials and bypass multi-factor authentication mechanisms. sellsourcecode.supercleaner).

Banking 79

Banking Antivirus Mobile Malware 79

Security Affairs

JANUARY 14, 2022

A weakness in the Microsoft Defender antivirus can allow attackers to retrieve information to use to avoid detection. Threat actors can leverage a weakness in Microsoft Defender antivirus to determine in which folders plant malware to avoid the AV scanning.

Malware 138

Malware Antivirus Hacking Information Security 138

Security Affairs

MARCH 21, 2022

Italy’s data privacy watchdog launched an investigation into the “potential risks” associated with the use of Russian antivirus software Kaspersky. Italy’s data privacy watchdog has launched an investigation into potential risks associated with the use of the Kaspersky antivirus.

Data privacy 84

Data privacy Antivirus Software Risk 84

Security Affairs

MARCH 24, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues collectively tracked as ProxyLogon (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild.

Data collection 116

Data collection Antivirus Internet Internet 116

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Russian software engineer Eugene Kaspersky’s frustration with the malware of the 80s and 90s led to the founding of antivirus and cybersecurity vendor Kaspersky Lab.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Security Affairs

DECEMBER 18, 2023

They may use various tactics to evade antivirus and other security measures. Ransomware was discovered in late 2020, while info stealer was discovered in June 2021. Info stealers can be delivered through various means, including malicious email attachments, infected websites, or as a payload delivered by other types of malware.

Banking 112

Banking Cybercrime Malware Accountability 112

Security Affairs

APRIL 9, 2022

Experts discovered malicious Android apps on the Google Play Store masqueraded as antivirus solutions spreading the SharkBot Trojan. Sharkbot is an information stealer steals used by crooks to siphon credentials and banking information. .

Banking 87

Banking Antivirus Malware Accountability 87

Security Affairs

OCTOBER 13, 2023

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing support for encrypting Linux systems, specifically VMware ESXi servers. bat) scripts [T1059.003] for lateral movement, privilege escalation, and disabling antivirus software.

Ransomware 114

Ransomware System Administration Antivirus Malware 114

Security Affairs

MAY 16, 2021

The campaign has begun in April 2021 and is still ongoing, experts pointed out that it has low or zero detections. “The threat actors behind this campaign used fileless delivery as a way to bypass security measures, and this technique is used by actors for a variety of objectives and motivations,” concludes Anomali.

Antivirus 115

Antivirus Malware Engineering Software 115

Security Affairs

MARCH 16, 2021

The information may have been obtained through “private disclosures it [Microsoft] made with some of its security partners.” PoC exploit code was sent to partner cybersecurity firms and antivirus on February 23, prior Redmond giant released the patches. 23, investigators at security companies say.”

Antivirus 96

Antivirus Cyber Attacks Hacking Accountability 96

SecureList

OCTOBER 18, 2023

Each phishing document contains an external link to fetch a remote page containing a CVE-2021-26411 exploit. Next, they were able to access the control panels of two security solutions simultaneously. The attackers continued to send malicious documents via email until the end of September 2022.

Malware 105

Malware Phishing Internet Internet 105

Security Affairs

JANUARY 7, 2022

Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. — Maxius (@mAxius) December 31, 2021. Norton "Antivirus" now sneakily installs cryptomining software on your computer, and then SKIMS A COMMISSION. This is f **g wild.

Energy and Utilities 91

Energy and Utilities Cryptocurrency Antivirus Hacking 91

Security Affairs

NOVEMBER 30, 2021

Researchers from ThreatFabric discovered four distinct Android banking trojans that were spread via the official Google Play Store between August and November 2021. Threat actors are refining their techniques to bypass security checks implemented by Google for the app in its Play Store. ” concludes the report.

Banking 91

Banking Antivirus Malware Authentication 91

The Security Ledger

JUNE 30, 2021

In this week’s episode of the podcast (#219) we speak with four cybersecurity professionals about what it means to be Queer in the industry: their various paths to the information security community, finding support among their peers and the work still left to do to make information security inclusive.

InfoSec 52

InfoSec Information Security Cybersecurity Engineering 52

Security Affairs

JUNE 14, 2021

Microsoft 365 Defender data shows that the SEO poisoning technique is effective, given that Microsoft Defender Antivirus has detected and blocked thousands of these PDF documents in numerous environments. — Microsoft Security Intelligence (@MsftSecIntel) June 11, 2021.

Antivirus 67

Antivirus Security Intelligence Malware Insurance 67

Security Affairs

JULY 28, 2022

“In 2021, MSRC received a report of two Windows privilege escalation exploits ( CVE-2021-31199 and CVE-2021-31201 ) being used in conjunction with an Adobe Reader exploit ( CVE-2021-28550 ), all of which were patched in June 2021. ” reads the report. £We or later to detect the related indicators.

Surveillance 89

Surveillance Malware Authentication DNS 89

Security Affairs

FEBRUARY 14, 2022

Secret Service (USSS) to provide information on BlackByte ransomware. As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture).” ” reads the advisory.

Ransomware 88

Ransomware Accountability Firmware Antivirus 88

Security Affairs

FEBRUARY 4, 2021

On January 25, 2021, researchers at 360 netlab detected a suspicious ELF file, initially attributed to Mirai , but that later revealed his nature, a new bot tracked as Matryosh. “On January 25, 2021, 360 netlab BotMon system labeled a suspicious ELF file as Mirai, but the network traffic did not match Mirai’s characteristics.

DDOS 127

DDOS DNS Antivirus Malware 127

Security Affairs

JULY 3, 2021

Researchers from Sophos published a security advisory for their customers running Kaseya, telling them what should they look for. . Mark Loman, a Sophos malware analyst, who is investigating the incident explained that the REvil ransomware operator disables antivirus software to deploy a fake Windows Defender app that runs ransomware binary.

Ransomware 125

Ransomware Antivirus Software Encryption 125

Security Affairs

DECEMBER 16, 2021

Microsoft researchers reported that Nation-state actors from China, Iran, North Korea, and Turkey are now abusing the Log4Shell (CVE-2021-44228) in the Log4J library in their campaigns. Microsoft also confirmed that the exploitation of the Log4Shell to deploy the Khonsari ransomware , as discussed by Bitdefender recently.

Ransomware 83

Ransomware DNS Antivirus Hacking 83

Security Affairs

JULY 8, 2022

If your current antivirus solution fails to detect the malware, it can be quarantined using the free trial version of Emsisoft Anti-Malware.” AstraLocker is based on the source code of the Babuk Locker (Babyk) ransomware that was leaked online on June 2021. ” reads the guide.

Ransomware 120

Ransomware Encryption Malware Accountability 120

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 96

Ransomware DDOS Passwords Backups 96

Security Affairs

MARCH 29, 2023

The attackers take advantage of the fact that the official Tor Project has been banned in Russia since the end of 2021, so users in Russia search for third-party repositories to download the Tor browser. Malware authors have created trojanized Tor Browser bundles and are distributing them among Russian-speaking users.

Malware 85

Malware Passwords Cryptocurrency Antivirus 85

Security Affairs

APRIL 7, 2021

mike [link] pic.twitter.com/fkU2USEZis — Swisscom CSIRT (@swisscom_csirt) January 26, 2021. “The lack of timely antivirus database updates for the security solution used on attacked systems also played a key role, preventing the solution from detecting and blocking the threat. ” continues Kaspersky.

VPN 94

VPN Ransomware Antivirus Firmware 94

Security Affairs

MAY 2, 2021

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. According to Palo Alto Networks, the author of WeSteal, that goes online as “ComplexCodes,” started advertising the cryptocurrency stealer on underground forums in mid-February 2021.

Cryptocurrency 105

Cryptocurrency Malware Advertising System Administration 105

Security Affairs

JULY 6, 2022

Researchers from Palo Alto Networks Unit 42 discovered that a sample uploaded to the VirusTotal database on May 19, 2022 and considered benign by almost all the antivirus, was containing a payload associated with Brute Ratel C4 (BRc4), a new red-teaming and adversarial attack simulation tool.

Antivirus 98

Antivirus Penetration Testing Phishing Manufacturing 98

Security Affairs

JULY 4, 2021

Now new details about the attack are emerging, the Dutch Institute for Vulnerability Disclosure (DIVD) reported a zero-day vulnerability, tracked as CVE-2021-30116] and affecting Kaseya VSA servers, to the company. link] — Victor Gevers (@0xDUDE) July 4, 2021. “So ransomware can push itself to systems.

Retail 128

Retail Ransomware Antivirus Internet 128

Security Affairs

NOVEMBER 15, 2021

At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. The malware has been active at least since late October 2021, it targeting the mobile users of banks in Italy, the UK, and the US.

Banking 123

Banking Mobile Social Engineering Malware 123

Security Affairs

JUNE 9, 2022

The malware was first spotted in November 2021, experts believe it was designed to target the financial sector in Latin America, such as Banco do Brasil and Caixa. Once the malware has infected all the running processes, it provides the threat actor with rootkit capability and supports data-stealing capabilities. ” concludes the report.

Malware 144

Malware DNS Antivirus Passwords 144