Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. ” reads CISA’s advisory. Pierluigi Paganini.

Malware 130

Malware VPN Authentication Hacking 130

Security Affairs

DECEMBER 31, 2021

The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their credentials have been stolen. The malicious code can also act as a first-stage malware.

Accountability 133

Accountability Malware Data breaches Passwords 133

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN 304

VPN Computers and Electronics Antivirus Software 304

Security Affairs

JULY 31, 2022

The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. The DawDropper apps are masqueraded as productivity and utility apps such as document scanners, VPN services, QR code readers, and call recorders. ” concludes the report.

Banking 118

Banking Malware VPN Hacking 118

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 98

Artificial Intelligence VPN Hacking Firewall 98

Security Affairs

JULY 31, 2023

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021. The AVrecon malware was written in C to ensure portability and designed to target ARM-embedded devices. 509 certificates, we assess that some of these second stage C2s have been active since at least October 2021.

Malware 92

Malware Small Business Advertising Passwords 92

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros. Pierluigi Paganini.

Hacking 97

Hacking VPN Passwords Ransomware 97

Security Affairs

NOVEMBER 8, 2023

Chatham-Kent Health Alliance reported that threat actors had access to data belonging to 1446 employees who worked in the hospital as of February 2021. In October, CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S.

Ransomware 115

Ransomware Healthcare VPN Insurance 115

BH Consulting

DECEMBER 14, 2021

Digital takeup drives accelerated cybercrime activity: IOCTA. Growing use of digital technologies, accelerated by the Covid-19 pandemic, has led to a sharp increase in cybercrime. IOCTA also warned of evolving mobile malware that’s allowing criminals to try to get around additional security measures such as two-factor authentication.

Cybercrime 59

Cybercrime Mobile DDOS CISO 59

Security Affairs

JULY 14, 2023

A new malware dubbed AVrecon targets small office/home office (SOHO) routers, it infected over 70,000 devices from 20 countries. Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. “Based on information associated with their x.509

Malware 83

Malware Advertising Cybercrime Passwords 83

Security Affairs

DECEMBER 14, 2023

anti-cybercrime (Ofac).” The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 115

Ransomware Cryptocurrency Cybercrime VPN 115

Security Affairs

JANUARY 14, 2022

The gang was targeting organizations via spam campaigns to spread ransomware, however, the police did not disclose the malware family used by the group in its attacks. The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization.

Ransomware 115

Ransomware DDOS Telecommunications Malware 115

Malwarebytes

JANUARY 19, 2022

VPNLab had been around since 2008 and had built its service around the OpenVPN technology, used strong encryption, and provided double VPN, with servers located in many different countries. What is double VPN? Double VPN is basically what the name suggests. Double VPN is not a common feature, because it is very slow.

VPN 74

VPN Encryption Cybercrime Technology 74

Security Affairs

JULY 6, 2022

The operators of the Hive ransomware upgraded their malware by migrating the malware to the Rust language and implementing a more sophisticated encryption method, Microsoft researchers warn. ” These upgrades prove that Hive is one of the fastest evolving ransomware families in the cybercrime ecosystem. .”

Encryption 117

Encryption Ransomware Cybercrime Malware 117

Security Affairs

MAY 9, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager UNC2529, a new sophisticated cybercrime gang that targets U.S.

Data breaches 89

Data breaches DDOS VPN Hacking 89

SecureList

NOVEMBER 23, 2021

Then we will go through the key events of 2021 relating to attacks on financial organizations. Analysis of forecasts for 2021. The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We also saw attackers relying on 0-days.

Cryptocurrency 106

Cryptocurrency Banking Cybercrime Ransomware 106

Vipre

JANUARY 25, 2021

Here are 5 common security tools that you must have in 2021 to protect your digital world. According to the independent institute AV-TEST , the number of total new malware in 2020 increased by 13% compared to the last year, and malware for macOS by 1200% for the same period. Identity Theft Protection Tools.

Identity Theft 40

Identity Theft Backups VPN Antivirus 40

Security Affairs

DECEMBER 22, 2022

Zerobot operators are offering the botnet as a malware-as-a-service model, one domain (zerostresser[.]com) The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities.

IoT 116

IoT DDOS Malware Firmware 116

Security Affairs

JUNE 20, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here.

Data breaches 100

Data breaches DDOS Small Business Ransomware 100

Malwarebytes

MAY 11, 2021

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. In a separate advisory (pdf) , the ACSC says it is also aware of an ongoing ransomware campaign using the Avaddon Ransomware malware.

Ransomware 107

Ransomware VPN Encryption Cybercrime 107

Security Affairs

MAY 17, 2022

The Facestealer spyware was first spotted on July 2021 by Dr. Web researchers, the development team behind the threat has frequently changed its code. Most of the malicious apps were VPN software (42), followed by Camera (20), and Photo Editing (13). SecurityAffairs – malware, Facestealer). To nominate, please visit:?

Spyware 90

Spyware Cryptocurrency VPN Malware 90

Security Affairs

AUGUST 29, 2023

Citrix reported that successful exploitation requires that the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server. Then threat actors sent data as an image file to a web-accessible path: cp /var/tmp/test.tar.gz /netscaler/ns_gui/vpn/medialogininit.png. php) on victim machines.

VPN 105

VPN Ransomware DNS Malware 105

Security Affairs

JANUARY 26, 2023

The authorities reported that from June 2021 through at least November 2022, threat actors targeted a wide range of businesses and critical infrastructure sectors, including Government Facilities, Communications, Critical Manufacturing, Information Technology, and especially Healthcare and Public Health (HPH).

Ransomware 92

Ransomware VPN Manufacturing Healthcare 92

Security Affairs

DECEMBER 18, 2022

Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia Social Blade discloses security breach Data of 5.7M Samba addressed multiple high-severity vulnerabilities Former Twitter employee sentenced to 3.5

Data breaches 93

Data breaches Hacking DDOS VPN 93

Identity IQ

DECEMBER 20, 2023

As the year comes to an end, the total number of breaches is set to completely overshadow the previous annual high set in 2021. Businesses faced constant threats with phishing scams , malware , and other tactics. But the numbers alone tell only part of the story. IdentityIQ is a top choice for protecting you and your family.

Data breaches 72

Data breaches Identity Theft Cybercrime Social Engineering 72

SecureList

NOVEMBER 1, 2022

We can confirm a Maui ransomware incident in 2022, but we would expand their “first seen” date from the reported May 2021 to April 15, 2021, and the geolocation of the target to Japan and India. At the beginning of 2021, Kaspersky published a private report about the A41APT campaign. Russian-speaking activity.

Malware 140

Malware Ransomware Spyware Encryption 140

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 94

Spyware Data breaches VPN Hacking 94

Security Affairs

DECEMBER 16, 2021

The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked Lazarus APT group in attacks aimed at the defense industry. The PseudoManuscrypt loader is delivered via a Malware-as-a-Service (MaaS) platform that distributes the malicious code in pirated software installer archives.

Spyware 111

Spyware Energy and Utilities Malware Engineering 111

Security Affairs

JULY 18, 2021

Read more at [link] #Cybersecurity #InfoSec #Ransomware — US-CERT (@USCERT_gov) July 15, 2021. Other groups targeted known vulnerabilities in SonicWall devices in the past, such as the UNC2447 cybercrime gang that exploited the CVE-2021-20016 zero-day bug in SonicWall SMA 100 Series VPN appliances to deliver the FiveHands ransomware.

Ransomware 117

Ransomware Firmware Mobile InfoSec 117

Security Affairs

JULY 9, 2021

The systems at the company were infected with the Phoenix Locker, a variant of ransomware tracked as Hades that was part of the arsenal of the cybercrime group known as Evil Corp. “The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021.

Data breaches 142

Data breaches Insurance Ransomware Identity Theft 142

Security Affairs

AUGUST 8, 2021

Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna VMware addresses critical flaws in its products CVE-2021-20090 actively exploited to target millions of IoT devices worldwide RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE.

VPN 99

VPN Ransomware Manufacturing IoT 99

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

SecureList

SEPTEMBER 6, 2022

In this report, we provide the latest statistics on cyberthreats to gamers, as well as detailed information on the most widespread and dangerous types of malware that players must be aware of. Methodology. Top game titles by number of related threats.

Mobile 97

Mobile Passwords Software Accountability 97

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” 35) on port 6666.

DDOS 86

DDOS Digital transformation Malware Advertising 86

eSecurity Planet

AUGUST 23, 2021

Ransomware attackers, who use myriad methods to get their malware into the systems of businesses large and small in hopes of pulling down millions of dollars, are now going directly to the source. million ransomware attacks in the first six months of 2021, compared with 121.5 million ransom the company would pay. There were 304.7

Ransomware 127

Ransomware Social Engineering Engineering VPN 127

SecureList

NOVEMBER 17, 2021

Let’s start by looking at the predictions we made for 2021. Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. When we wrote this prediction, we were mainly thinking about a continuation of all the malicious activities targeting VPN appliances. More disruptive attacks.

Mobile 130

Mobile Surveillance Ransomware Government 130

SecureWorld News

DECEMBER 8, 2021

Use of credentials likely obtained from an info-stealer malware campaign by a third-party actor to gain initial access to organizations.". Use of accounts with Application Impersonation privileges to harvest sensitive mail data since Q1 2021.".

VPN 79

VPN Authentication Mobile Internet 79