Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. Pierluigi Paganini.

DDOS 140

DDOS Encryption DNS Advertising 140

Security Affairs

OCTOBER 25, 2020

Researchers from MalwareHunterTeam have spotted a new piece of remote access trojan (RAT) dubbed ‘Abaddon’ that is likely the first malware using the Discord platform as command and control. The Abaddon malware connects to the Discord command and control server to check for new commands to execute. "Abaddon"

Malware 129

Malware Advertising Ransomware Encryption 129

Security Affairs

DECEMBER 26, 2019

Experts spotted a new strain of the Ryuk Ransomware that was developed to avoid encrypting folders commonly seen in *NIX operating systems. The popular malware researcher Vitali Kremez that analyzed the sample involved in the attack discovered a new feature implemented in this new variant of malware. Pierluigi Paganini.

Encryption 59

Encryption Ransomware Malware Advertising 59

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. ” reads the analysis published by the experts.

Malware 98

Malware Passwords Encryption Advertising 98

Security Affairs

DECEMBER 10, 2021

Malware researchers from Recorded Future and MalwareHunterTeam discovered ALPHV (aka BlackCat), the first professional ransomware strain that was written in the Rust programming language. Another one used to encrypt companies' networks. Filemarker 19 47 B7 4D at EOF and before the encrypted key, which is JSON with some settings.

Ransomware 98

Ransomware Malware Cybercrime Encryption 98

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Custom Ragnar Locker ransom note (Source: Sophos).

Encryption 101

Encryption Ransomware Energy and Utilities Advertising 101

Security Affairs

JUNE 11, 2021

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Threat actors used custom malware to steal data from 3.2 NordLocker experts speculate the malware campaign leveraged tainted Adobe Photoshop versions, pirated games, and Windows cracking tools.

Malware 114

Malware Computers and Electronics Software Financial Services 114

Security Affairs

SEPTEMBER 27, 2021

According to the experts, ERMAC is operated by threat actors behind the BlackRock mobile malware. On August 17, two forum members named “ermac” and “DukeEugene” started advertising the malware. ERMAC differs from Cerberus in the usage of different obfuscation techniques and Blowfish encryption algorithm.

Banking 80

Banking Malware Mobile Encryption 80

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware.

Malware 120

Malware Scams Social Engineering Phishing 120

Security Affairs

SEPTEMBER 28, 2022

North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. Last week, SentinelOne researchers discovered a decoy documents advertising positions for the popular cryptocurrency exchange Crypto.com. The second-stage malware extracts and executes the third-stage binary.

Malware 92

Malware Cryptocurrency Architecture Advertising 92

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS.

Malware 106

Malware Firmware Advertising Manufacturing 106

Security Affairs

JANUARY 5, 2020

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. ” continues the report. .

Encryption 63

Encryption Ransomware Malware Scams 63

Security Affairs

OCTOBER 13, 2020

Members of the Five Eyes intelligence alliance once again call for tech firms to engineer backdoors into end-to-end and device encryption. The statements reinforce the importance of the encryption in protecting data, privacy, and IP, but highlights the risks of abusing it for criminal and terrorist purposes. Pierluigi Paganini.

Encryption 68

Encryption Data privacy Advertising Technology 68

Security Affairs

SEPTEMBER 10, 2020

ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call data records (CDR). The VoIP platform Linknat VOS2009 and VOS3000 targeted by the malware is used by two China-produced softswitches (software switches). ” reads the analysis published by ESET.

Malware 68

Malware Encryption Advertising Passwords 68

Security Affairs

NOVEMBER 23, 2019

The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain.The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain. Pierluigi Paganini.

Malware 102

Malware Data breaches Advertising Encryption 102

Security Affairs

JANUARY 11, 2022

AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers, Bleeping computed reported. ” reported BleepingComputer. Pierluigi Paganini.

Ransomware 121

Ransomware Encryption Advertising Malware 121

Security Affairs

APRIL 7, 2020

xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. and Russia. ” continues the report.

Malware 121

Malware Firmware Manufacturing Mobile 121

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware 100

Malware Ransomware Advertising Encryption 100

Security Affairs

AUGUST 26, 2019

A new ransomware, called Nemty ransomware, has been discovered over the weekend by malware researchers. The name of the ransomware comes after the extension it adds to the encrypted file names, the malicious code also deletes their shadow copies to make in impossible any recovery procedure. Pierluigi Paganini.

Ransomware 91

Ransomware Malware Antivirus Encryption 91

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” continues the analysis.

Cybercrime 92

Cybercrime Malware Cryptocurrency Advertising 92

Security Affairs

JANUARY 22, 2020

The library did not disclose the family of malware that infected its system, but experts believe that the computers were infected with ransomware. “Some Californian libraries are also affected by a ransomware attack that encrypted computers at 26 community libraries in Contra Costa County on January 3.” Pierluigi Paganini.

Malware 99

Malware Cyber Attacks Advertising Ransomware 99

Security Affairs

AUGUST 27, 2019

Security experts from Kaspersky spotted a malware in the free version of the popular PDF creator application CamScanner app. Experts from Kaspersky have discovered malware in the free Android version of the CamScanner app that could be used by attackers to remotely hack Android devices and steal targets’ data.

Malware 97

Malware Advertising Mobile Hacking 97

Security Affairs

AUGUST 2, 2020

The Taiwanese vendor QNAP urges its users to update the Malware Remover app following the alert on the QSnatch malware. The Taiwanese company QNAP is urging its users to update the Malware Remover app to prevent NAS devices from being infected by the QSnatch malware. Webshell functionality for remote access.

Malware 100

Malware Advertising Passwords Manufacturing 100

Security Boulevard

MAY 15, 2024

However, while these apps may provide mental health resources and benefits, they may be harvesting considerable amounts of information and sharing health-related data with third parties for advertising and tracking purposes. This post is for informational purposes only. and actively used/shared. Specifically, they.

Advertising 52

Advertising Insurance Accountability Data Analyst 52

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government 82

Government Malware Computers and Electronics Advertising 82

Security Affairs

JANUARY 30, 2021

FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground.

Ransomware 136

Ransomware Encryption Malware Cybercrime 136

Security Affairs

JUNE 6, 2023

In an unprecedented move, the group is also offering a separate information-stealer malware that can be used to steal sensitive data from infected systems. The Cyclops group is advertising the ransomware on multiple cybercrime forums, the gang requests a share of profits from those using its malware in financially motivated attacks.

Ransomware 71

Ransomware Encryption Cybercrime Malware 71

Security Affairs

JULY 20, 2022

Luna ransomware is the third ransomware family that is written in Rust language, other malware strains are BlackCat and Hive. The Luna ransomware was first spotted in June by the Kaspersky Darknet Threat Intelligence active monitoring system that spotted a new advertisement on a darknet ransomware forum. ” concludes the report.

Ransomware 134

Ransomware Encryption Malware Advertising 134

Security Affairs

OCTOBER 11, 2020

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. The ransomware attack took place on September 23, the threat actors breached the network of the company and deployed the malware. Tyler Technologies, Inc. ” reported BleepingComputer.

Technology 141

Technology Ransomware Encryption Advertising 141

Security Affairs

SEPTEMBER 28, 2019

Microsoft researchers observed a campaign delivering malware, dubbed Nodersok, relying on advanced techniques and elusive network infrastructure. Microsoft experts observed a malware campaign, tracked as Nodersok, relying on advanced techniques and elusive network infrastructure. based payload, and a bunch of encrypted files.

Malware 80

Malware Advertising Retail Healthcare 80

Security Affairs

JULY 8, 2020

Good news for the victims of the ThiefQuest (EvilQuest) ransomware, they can recover their encrypted files for free. The victims of the ThiefQuest (EvilQuest) ransomware victims can recover their encrypted files without needing to pay the ransom due to the availability of a free decryptor. macOS ransomware #decryptor ( #EvilQuest )! |

Ransomware 106

Ransomware Encryption Malware InfoSec 106

Security Affairs

OCTOBER 13, 2019

Confiant researchers have discovered a new Mac malware dubbed Tarmac distributed via malvertising campaigns in the US, Italy, and Japan. Security experts at Confiant have discovered a new Mac malware dubbed Tarmac that is distributed via malvertising campaigns in the US, Italy, and Japan. Pierluigi Paganini.

Malware 80

Malware Advertising Encryption Software 80

Security Affairs

SEPTEMBER 17, 2020

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. Pierluigi Paganini.

Ransomware 145

Ransomware Encryption Advertising Malware 145

Security Affairs

AUGUST 5, 2019

Recently a data-wiping malware tracked as GermanWiper has been targeting German organizations, the malicious code is pushed via phishing messages. Anyway, the operators behind this campaign tell to the victims that their data was encrypted and not deleted, they used a set of Bitcoin addresses for the payment. Pierluigi Paganini.

Malware 71

Malware Ransomware Encryption Advertising 71

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. ” reads the analysis published by Kaspersky.

Malware 84

Malware Banking Advertising Encryption 84

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. The Attor malware makes sophisticated use of encryption to hide its components.

Malware 79

Malware Encryption Advertising Mobile 79

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to the popular malware researchers Michael Gillespie , the Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key.

Ransomware 135

Ransomware Encryption Advertising Engineering 135