2022, Cybercrime, DDOS and Firmware - Cyber Security Informer

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. Similarly, at the beginning of February 2022, we noticed a huge spike in the amount of activity related to Gamaredon C&C servers. It directly affected satellite modems firmwares , but was still to be understood as of mid-March.

DDOS

DDOS Ransomware Government Energy and Utilities

APT trends report Q2 2022

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). The most remarkable findings.

Malware

Malware Firmware Phishing Cryptocurrency

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019).

Phishing

Phishing Spyware Firmware Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. CVE-2022-26186 targets TOTOLINK N600R and A7100RU.

DDOS

DDOS Firmware Surveillance IoT

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. A DIRECT QUOT The domain quot[.]pw “On Twitter, more spam and crypto scam.”

Scams

Scams DDOS Cryptocurrency Accountability

APT trends report Q1 2022

SecureList

APRIL 27, 2022

This is our latest installment, focusing on activities that we observed during Q1 2022. Subsequently, DDoS attacks hit several government websites. In late February 2022, we identified two archives submitted from network addresses in Ukraine to an online multi-scanner service. We named this malware Elections GoRansom.

Malware

Malware Firmware Government Phishing

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The Zerobot botnet first appeared in the wild in November 2022 targeting devices running on Linux operating system. “Since the release of Zerobot 1.1, ” reads the analysis published by Microsoft.

IoT

IoT DDOS Malware Firmware

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. “Probably, they wanted to keep that revenue stream going.”

Malware

Malware VPN Internet Internet

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. This can be used to launch a Valve Source Engine (VSE) distributed denial-of-service (DDoS) attack against game servers.”

DDOS

DDOS Engineering Firmware Architecture

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches Cybercrime Ransomware Passwords

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Security Affairs newsletter Round 384

Security Affairs

SEPTEMBER 18, 2022

billion Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems Some firmware bugs in HP business devices are yet to be fixed Albania was hit by a new cyberattack and blames Iran Iran-linked APT42 is behind over 30 espionage attacks. Follow me on Twitter: @securityaffairs and Facebook.

Firmware

Firmware DDOS Healthcare Hacking

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. Is it fake news? Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Firmware Hacking Ransomware

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

Since 2008, antivirus and cybersecurity software testers AV-TEST have kept track of the number of newly-developed malware worldwide, totaling at nearly 1 billion as of September 2022. An August 2022 Statista report counted 2.8 billion malware attacks worldwide in the first half of 2022 alone.

Malware

Malware Adware Spyware Antivirus

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. To sum up, although we did not see the same volume as we had in 2022, clearly there were some significant attacks. Verdict: prediction fulfilled ✅ 8.

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

Reassessing cyberwarfare. Lessons learned in 2022

APT trends report Q2 2022

Webinars

Trending Sources

IT threat evolution Q1 2022

Webinars

Beastmode Mirai botnet now includes exploits for Totolink routers

Interview With a Crypto Scam Investment Spammer

APT trends report Q1 2022

A new Zerobot variant spreads by exploiting Apache flaws

Who and What is Behind the Malware Proxy Service SocksEscort?

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 384

Security Affairs newsletter Round 357 by Pierluigi Paganini

What is Malware? Definition, Purpose & Common Protections

Advanced threat predictions for 2024

Stay Connected