eSecurity Planet

MAY 27, 2025

While Luna Moth has targeted several industries, the FBI reports that US-based law firms have become a prime target since spring 2023, likely due to the valuable and confidential data they handle. Traditional antivirus systems usually fail to detect suspicious activity due to this. Connections from WinSCP or Rclone to outside networks.

Phishing 65

Phishing Scams Antivirus Backups 65

SecureList

APRIL 23, 2025

The South Korean National Cyber Security Center published its own security advisory in 2023 against such incidents, and also published additional joint security advisories in cooperation with the UK government. SIGNBT The SIGNBT we documented in 2023 was version 1.0, The data is sent and received in JSON format. Unlike versions 1.0

Malware 142

Malware Software Encryption Internet 142

Security Affairs

FEBRUARY 19, 2023

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy discloses a new data breach Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb German airport websites hit by DDos attacks once again Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine CISA adds Cacti, Office, Windows (..)

DDOS 98

DDOS Data breaches Ransomware Hacking 98

Security Affairs

AUGUST 15, 2023

The Uptycs Threat Research team discovered the QwixxRAT (aka Telegram RAT) in early August 2023 while it was advertised through Telegram and Discord platforms. “To avoid detection by antivirus software, the RAT employs command and control functionality through a Telegram bot.

Malware 98

Malware Antivirus Cryptocurrency Advertising 98

Webroot

OCTOBER 4, 2024

Cryptojacking : Hides on your device and steals its computing resources to mine cryptocurrencies like Bitcoin. Use antivirus software like Webroot Premium to protect all your devices. Adware : Installs itself on your device and displays unwanted online advertisements and pop-ups. Don’t visit suspicious websites, just block them!

Malware 115

Malware Backups Adware Ransomware 115

CyberSecurity Insiders

AUGUST 24, 2022

Acronis, a firm that offers cybersecurity protection for IT infrastructure, has made a study and concludes that ransomware attacks will cause $30 billion in damage to governments across the world by 2023 and the estimate might double by the year 2026.

Ransomware 107

Ransomware Encryption Digital transformation Social Engineering 107

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. ViperSoftX also checks for active antivirus products running on the machine. c2 arrowlchat[.]com

Encryption 98

Encryption Malware Cryptocurrency Software 98

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. During that time, it had effectively evaded analysis and had previously been misclassified as a cryptocurrency miner.

Malware 144

Malware DNS Encryption Cryptocurrency 144

SecureList

APRIL 10, 2023

The offers presented in this report were published between 2019 and 2023 and were collected from the nine most popular forums for the purchase and sale of goods and services related to malware and unwanted software. It is also clear of alerts from Google Protect and built-in antivirus on devices from different vendors.

Malware 134

Malware Encryption Accountability Mobile 134

CyberSecurity Insiders

JANUARY 5, 2023

But for reasons they made the information public in Jan 2023. Though Fortinet that is into the business of selling security solutions such as firewalls and antivirus solutions has fixed the flaw, it appears to be too late, as hackers are buying and selling details of compromised devices on some hacking forums.

VPN 52

VPN Ransomware Antivirus Firewall 52

Security Boulevard

JUNE 15, 2023

Oftentimes this is credential data, but it can be any data that may have financial value to an adversary; this includes paid online service accounts, cryptocurrency wallets, instant messenger, or email contacts lists, etc. Key Mystic Stealer functions include its ability to extract data from web browsers and cryptocurrency wallets.

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

Digital Shadows

NOVEMBER 26, 2024

Attackers exploiting cloud accounts pose significant risks, targeting virtual machines (VMs) for activities like cryptocurrency mining, leading to unexpected costs for organizations. ” APLHV disbanded in late December 2023 after conducting an exit scam against its affiliates.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Digital Shadows

OCTOBER 29, 2024

To complicate detection, they clear system logs, disable antivirus software using Windows Management Instrumentation (WMI), and shut down endpoint detection and response (EDR) systems with proprietary tools. A recent example of APT29’s technological capabilities was its 2023 campaign targeting cloud-based Microsoft products.

Ransomware 88

Ransomware Encryption Technology Cybercrime 88

eSecurity Planet

DECEMBER 7, 2023

ECC is used for email encryption, cryptocurrency digital signatures, and internet communication protocols. Better antivirus (AV), endpoint detection and response (EDR), and extended detection and response (XDR) solutions can detect and block some attacks. It was updated by Chad Kime on December 7, 2023.

Encryption 113

Encryption Passwords IoT Firewall 113

Digital Shadows

OCTOBER 29, 2024

To complicate detection, they clear system logs, disable antivirus software using Windows Management Instrumentation (WMI), and shut down endpoint detection and response (EDR) systems with proprietary tools. A recent example of APT29’s technological capabilities was its 2023 campaign targeting cloud-based Microsoft products.

Ransomware 52

Ransomware Encryption Technology Cybercrime 52

Digital Shadows

NOVEMBER 26, 2024

Attackers exploiting cloud accounts pose significant risks, targeting virtual machines (VMs) for activities like cryptocurrency mining, leading to unexpected costs for organizations. ” APLHV disbanded in late December 2023 after conducting an exit scam against its affiliates.

Cyber Attacks 52

Cyber Attacks Phishing Ransomware Cyber Insurance 52

SecureList

JUNE 5, 2023

The main purpose of the malware that is dropped by the Satacom downloader is to steal BTC from the victim’s account by performing web injections into targeted cryptocurrency websites. Threat actor’s BTC wallet address To get hold of the victim’s cryptocurrency, the threat actors use web injects on the targeted websites.

Cryptocurrency 112

Cryptocurrency DNS Malware Encryption 112

SecureList

JANUARY 17, 2024

In 2023, for instance, there was a significant rise in posts offering login credentials and passwords for various personal and work accounts. To be more specific, in 2023, the volume of malware log files containing compromised user data and posted for free on the dark web surged by almost 30% compared to 2022.

Marketing 143

Marketing Cryptocurrency Malware Ransomware 143

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 124

Cybercrime Spyware Data breaches Antivirus 124

Security Affairs

SEPTEMBER 29, 2024

CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw International law enforcement operation dismantled criminal communication platform Ghost U.S.

Hacking 115

Hacking Antivirus Cybercrime Ransomware 115

Malwarebytes

MAY 21, 2023

For example, Malwarebytes asked ChatGPT to write the opening paragraph of a novel about an antiquated antivirus program that relies on signature-based detection to stop new and emerging threats. Here's what the program came back with: “The antivirus program blinked to life, its archaic interface flickering on the outdated CRT monitor.

Cybersecurity 91

Cybersecurity Artificial Intelligence Social Engineering Engineering 91

Security Boulevard

JUNE 3, 2023

Key Points Bandit is a new information stealer that harvests stored credentials from web browsers, FTP clients, email clients, and targets cryptocurrency wallet applications. Bandit has been marketed and sold as a service on underground criminal forums since April 2023. Lastly, Bandit targets desktop cryptocurrency wallet applications.

Computers and Electronics 64

Computers and Electronics Cryptocurrency Malware Data collection 64

SecureList

FEBRUARY 19, 2025

Cryptocurrency: don’t mistake scams for real deals One of last year’s most sensational stories was the cryptocurrency game Hamster Kombat. The growing anticipation for the new cryptocurrency’s market launch was frequently exploited by cybercriminals to steal seed phrases from crypto wallets.

Phishing 87

Phishing Scams Cryptocurrency Computers and Electronics 87

Security Affairs

JUNE 1, 2025

Czech Republic accuses China’s APT31 of a cyberattack on its Foreign Ministry New PumaBot targets Linux IoT surveillance devices App Store Security: Apple stops $2B in fraud in 2024 alone, $9B over 5 years Crooks use a fake antivirus site to spread Venom RAT and a mix of malware Iranian Man pleaded guilty to role in Robbinhood Ransomware attacks (..)

Data breaches 62

Data breaches Scams Surveillance Cybercrime 62