eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware 140

Malware Ransomware Antivirus Internet 140

Security Affairs

JUNE 9, 2022

Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Once the malware has infected all the running processes, it provides the threat actor with rootkit capability and supports data-stealing capabilities. “Symbiote is a malware that is highly evasive.

Malware 142

Malware DNS Antivirus Passwords 142

Security Affairs

MAY 5, 2023

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022. Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is hidden in photo editing apps, smartphone wallpaper packs, and other general-purpose apps.

Malware 74

Malware Mobile Antivirus Hacking 74

Security Affairs

JANUARY 16, 2023

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. It is also recommendable to check the virus vault of your antivirus.

Ransomware 87

Ransomware Malware Antivirus Encryption 87

Krebs on Security

AUGUST 8, 2023

The large language models (LLMs) made by ChatGPT parent OpenAI or Google or Microsoft all have various safety measures designed to prevent people from abusing them for nefarious purposes — such as creating malware or hate speech. “In 2015, my love for coding started, learning c# and more.net programming languages.

Malware 220

Malware Cybercrime Advertising Phishing 220

Security Affairs

SEPTEMBER 5, 2022

Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware. on September 4, 2022. SecurityAffairs – hacking, Windows Defender). Microsoft addressed the issue with the release of Version: 1.373.1537.0 Pierluigi Paganini.

Antivirus 90

Antivirus Ransomware Malware Software 90

Security Affairs

APRIL 28, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 90

Cybercrime Spyware Data breaches Antivirus 90

Security Affairs

MAY 6, 2022

Researchers discovered a sophisticated malware framework, dubbed NetDooka, distributed via a pay-per-install (PPI) malware service known as PrivateLoader. The PrivateLoader malware is a downloader used by threat actors for downloading and installing multiple malware. ” reads a report published by Trend Micro.

Malware 84

Malware Antivirus DDOS Hacking 84

eSecurity Planet

JUNE 7, 2022

They earned the highest score among providers named "Customer's Choice" in Gartner's 2022 "Voice of the Customer” Security Awareness Computer-Based Training report. It also includes advanced features such as SAML-based single sign-on (SSO) and the company's security architecture has never been hacked. Learn more about Dashlane.

Cybersecurity 124

Cybersecurity Identity Theft Encryption Antivirus 124

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. SecurityAffairs – hacking, Log4Shell). Pierluigi Paganini.

Banking 85

Banking Malware Antivirus Phishing 85

Malwarebytes

JUNE 3, 2022

Although LockBit remained the most widely-deployed ransomware in May 2022, it was, typically, Conti that sucked all of the air out of the room. Not long after, a hacking group began using the leaked source code to attack targets inside Russia , violating one of ransomware’s unspoken rules. Ransomware attacks in May 2022.

Ransomware 102

Ransomware Accountability Technology Firmware 102

SecureList

NOVEMBER 18, 2022

IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. IT threat evolution in Q3 2022. Rootkits are malware implants that are installed deep in the operating system. Nevertheless, in our APT predictions for 2022 , we noted that more attackers would reach the sophistication level required to develop such tools.

Malware 105

Malware Computers and Electronics Adware Cryptocurrency 105

Security Affairs

SEPTEMBER 29, 2022

The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Scandinavian_Defense.tar.gz" [link] h/t @darkcoders_mrx for the pic pic.twitter.com/OhfRMZBzVl — Will (@BushidoToken) September 28, 2022. SecurityAffairs – hacking, Brute Ratel).

Hacking 98

Hacking Cybercrime Ransomware Antivirus 98

Security Affairs

JUNE 20, 2022

The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented more features to make their attacks stealthy. “TAs are modifying their code in order to tailor their malware on specific banking institutions.

Malware 91

Malware Banking Antivirus Phishing 91

Security Affairs

MAY 3, 2022

A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. SecurityAffairs – hacking, APT).

Software 98

Software Malware Telecommunications Antivirus 98

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance 85

Surveillance Malware Authentication DNS 85

Security Affairs

AUGUST 31, 2022

A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure. Securonix Threat researchers uncovered a persistent Golang-based malware campaign tracked as GO#WEBBFUSCATOR that leveraged the deep field image taken from the James Webb telescope. Pierluigi Paganini.

Malware 77

Malware DNS Antivirus Encryption 77

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 82

Malware Banking Healthcare Penetration Testing 82

SecureList

JANUARY 17, 2024

To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022. Notable among these was BunnyLoader , inexpensive and feature-rich malware capable of stealing sensitive data and cryptocurrency.

Marketing 111

Marketing Cryptocurrency Malware Ransomware 111

Security Affairs

DECEMBER 6, 2023

“While Lockdown Mode effectively reduces the attack surface on an iOS device, it’s important to remember that once a device is already compromised, Lockdown Mode doesn’t stop malware from operating.” The researchers pointed out that even malware lacking a persistence mechanism can persistently run and spy on the user.

Malware 102

Malware Antivirus Mobile Internet 102

Security Affairs

FEBRUARY 28, 2023

Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Ransomware 85

Ransomware Antivirus Backups Malware 85

Security Affairs

JUNE 16, 2022

Researchers at antivirus firm Dr. Web discovered malware in the Google Play Store that was downloaded two million times. An investigation conducted by the antivirus firm Dr. Web in May resulted in the discovery of multiple adware and information-stealing malware on the official Google Play Store. Pierluigi Paganini.

Adware 82

Adware Antivirus Malware Software 82

Security Affairs

NOVEMBER 19, 2022

The DEV-0569 group carries out malvertising campaigns to spread links to a signed malware downloader posing as software installers or fake updates embedded in spam messages, fake forum pages, and blog comments. The downloader, tracked as BATLOADER , shares similarities with another malware called ZLoader. anydeskos[.]com

Ransomware 124

Ransomware Malware Antivirus Phishing 124

Security Affairs

OCTOBER 13, 2023

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. This joint CSA updates the advisory published by the US Government on March 17, 2022. AvosLocker affiliates were observed using custom PowerShell [T1059.001] and batch (.bat)

Ransomware 111

Ransomware System Administration Antivirus Malware 111

Security Affairs

FEBRUARY 19, 2023

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy discloses a new data breach Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb German airport websites hit by DDos attacks once again Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine CISA adds Cacti, Office, Windows (..)

DDOS 79

DDOS Data breaches Surveillance Ransomware 79

Security Affairs

MAY 4, 2022

The security researcher John Page aka ( hyp3rlinx ) discovered that malware from multiple ransomware operations, including Conti , REvil , LockBit , AvosLocker , and Black Basta, are affected by flaws that could be exploited block file encryption. SecurityAffairs – hacking, DLL hijacking). To nominate, please visit:?

Ransomware 97

Ransomware Antivirus Malware Encryption 97

Krebs on Security

APRIL 18, 2022

” On April 13, Microsoft said it executed a legal sneak attack against Zloader , a remote access trojan and malware platform that multiple ransomware groups have used to deploy their malware inside victim networks. I asked the source. It’s more like one a day,” the source confided.

Healthcare 293

Healthcare Ransomware Cybersecurity Malware 293

Security Affairs

NOVEMBER 3, 2022

Sentinel Labs found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7. Further evidence linking the two includes IP addresses and specific TTPs (tactics, techniques, and procedures) used by FIN7 in early 2022 and seen months later in actual Black Basta attacks. Pierluigi Paganini.

Cybercrime 90

Cybercrime Ransomware Antivirus Malware 90

Security Affairs

APRIL 9, 2022

Experts discovered malicious Android apps on the Google Play Store masqueraded as antivirus solutions spreading the SharkBot Trojan. The banking Trojan uses Domain Generation Algorithm (DGA), which is rarely used by Android malware. This is the exact case we observed with the Sharkbot malware.” To nominate, please visit:?

Banking 83

Banking Antivirus Malware Accountability 83

SecureList

MAY 11, 2023

In 2022, Kaspersky solutions detected over 74.2M On the eve of the global Anti-Ransomware Day, Kaspersky looks back on the events that shaped the ransomware landscape in 2022, reviews the trends that were predicted last year, discusses emerging trends, and makes a forecast for the immediate future.

Ransomware 121

Ransomware Malware Architecture Telecommunications 121

Security Affairs

JULY 8, 2022

The security firm states that the AstraLocker decryptor works for ransomware versions based on the Babuk malware that appends the.Astra or.babyk extensions to the name of the encrypted files. 2/4 — Emsisoft (@emsisoft) July 7, 2022. SecurityAffairs – hacking, ransomware). ” reads the guide. Pierluigi Paganini.

Ransomware 117

Ransomware Encryption Malware Accountability 117

Krebs on Security

JULY 11, 2023

July marks the sixth month this year that Apple has released updates for zero-day vulnerabilities — those that get exploited by malware or malcontents before there is an official patch available. “Exploitation of CVE-2023-36884 may lead to installation of the eponymous RomCom trojan or other malware,” Barnett said.

Software 213

Software Malware Antivirus Ransomware 213

Security Affairs

APRIL 13, 2022

. “ZLoader is made up of computing devices in businesses, hospitals, schools, and homes around the world and is run by a global internet-based organized crime gang operating malware as a service that is designed to steal and extort money.” SecurityAffairs – hacking, ZLoader malware). ” concludes Microsoft.

Banking 107

Banking Malware Telecommunications Antivirus 107

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com ” continues the report.

Encryption 82

Encryption Malware Cryptocurrency Software 82

Security Affairs

MARCH 3, 2023

The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars. “After gaining access to victims’ networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems.”

Ransomware 85

Ransomware Healthcare Antivirus Encryption 85

Security Affairs

APRIL 25, 2022

The BlackCat/ALPHV a Ransomware was first discovered in December by malware researchers from Recorded Future and MalwareHunterTeam. The malware is the first professional ransomware strain that was written in the Rust programming language. Review antivirus logs for indications they were unexpectedly turned off.

Ransomware 98

Ransomware Antivirus Passwords Malware 98

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below. It emerges that email marketing giant Mailchimp got hacked.

Cryptocurrency 239

Cryptocurrency Cybercrime Computers and Electronics Scams 239