Advertising, Malware, Passwords and VPN

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. Image: spur.us.

Malware

Malware Passwords Accountability Advertising

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Recent samples of the malware include specific code to collect app configuration data and credentials from several apps.

Passwords

Passwords Spyware VPN Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Experts link AVRecon bot to the malware proxy service SocksEscort

Security Affairs

JULY 31, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. The AVrecon malware was written in C to ensure portability and designed to target ARM-embedded devices. The popular investigator Brian Krebs and Spur.us “ SocksEscort[.]com

Malware

Malware Small Business Advertising Passwords

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN

VPN Hacking IoT Advertising

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Security Affairs

SEPTEMBER 16, 2022

Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners. Researchers from Kaspersky have spotted a self-extracting archive, served to gamers looking for cheats on YouTube, that was employed to deliver the RedLine Stealer information-stealing malware and crypto miners.

Malware

Malware Cryptocurrency Hacking Passwords

Credential-stealing malware disguises itself as Telegram, targets social media users

Malwarebytes

APRIL 11, 2022

A credential-stealing Windows-based malware, Spyware.FFDroider , is after social media credentials and cookies, according to researchers at ThreatLabz. The malware also plans to steal saved VPN/dial up credentials from the AppdataMicrosoftNetworkConnectionsPbkrasphone.pbk and Pbkrasphone.pbk phonebooks if present. Social media.

Media

Media Malware Spyware Accountability

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. The attack chain starts with an phishing emails containing a malicious URL or malicious attachment that lead to deployment of WasabiSeed and Screenshotter malware.

Malware

Malware Phishing Spyware Cybercrime

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Security Affairs

JULY 14, 2023

A new malware dubbed AVrecon targets small office/home office (SOHO) routers, it infected over 70,000 devices from 20 countries. Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. ” concludes the report. ” concludes the report.

Malware

Malware Advertising Cybercrime Passwords

7 Cyber Safety Tips to Outsmart Scammers

Webroot

FEBRUARY 26, 2024

They’ll try to sweet-talk you into clicking on suspicious links or divulging sensitive information like passwords or credit card details. Your 7 tips to stay safe online Use strong passwords Let’s kick things off with the basics. Remember: real companies don’t ask for your personal data via email. But fear not!

Scams

Scams VPN Passwords Phishing

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

“Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).” “Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).”

Ransomware

Ransomware VPN Advertising Government

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

Security Boulevard

MARCH 30, 2022

Malware-as-a-service has contributed substantially to the growth of ransomware and phishing attacks (among other attack types) in the past year, as they lower the technical barrier to entry for criminals to carry out attacks. Blackguard is currently being sold as malware-as-a-service with a lifetime price of $700 and a monthly price of $200.

Malware

Malware Hacking Antivirus Passwords

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

Threat actors implanted a malware in the network of an unnamed federal agency that was able to avoid detection. The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server.

VPN

VPN Malware Cyber threats Accountability

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. exe,’ which is the Kpot password-stealing Trojan. One of these files is, ‘file1.exe,’

Ransomware

Ransomware Cryptocurrency Advertising Passwords

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day. Security analysts and U.S.

Antivirus

Antivirus Hacking Government Software

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” 35) on port 6666.

DDOS

DDOS Digital transformation Malware Advertising

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” Passwords associated with external authentication systems such as AD or LDAP are unaffected. ” concludes the report.

Firewall

Firewall Ransomware Passwords VPN

A week in security (March 29 – April 4)

Malwarebytes

APRIL 5, 2021

Last week on Malwarebytes Labs, our podcast featured Malwarebytes senior security researcher JP Taggart, who talked to us about why you need to trust your VPN. But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things.

VPN

VPN Scams Internet Internet

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report (MAR) that includes technical details about web shells employed by Iranian hackers. The malware used by the threat actors includes the ChunkyTuna, Tiny, and China Chopper web shells. Pierluigi Paganini. SecurityAffairs – hacking, web shells).

VPN

VPN Passwords Advertising Password Management

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

The BlackCat/ALPHV a Ransomware was first discovered in December by malware researchers from Recorded Future and MalwareHunterTeam. The malware is the first professional ransomware strain that was written in the Rust programming language. Regularly back up data, air gap, and password-protect backup copies offline.

Ransomware

Ransomware Antivirus Passwords Malware

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

How Can You Keep Your Personal Information Safe?

CyberSecurity Insiders

OCTOBER 29, 2021

Giants like Facebook and Target have suffered breaches and password leaks, so it’s safe to say data from at least one of your online accounts could have been leaked. Use a password manager to generate and remember complex, different passwords for each of your accounts. Be Wary of Targeted Advertising.

Passwords

Passwords Advertising Data breaches Accountability

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Security Affairs

APRIL 8, 2020

The memo was obtained by the website SpaceRef, it warns of both phishing attacks and malware-based attacks. According to the advisory issued by NASA, the number of phishing attempts doubled in the past few days, at the same time the number of malware attacks on its systems has grown exponentially. ” reads the memo.

Cyber Attacks

Cyber Attacks Computers and Electronics VPN Phishing

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

“As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion.” Regularly back up data, password protect backup copies offline. Avoid reusing passwords for multiple accounts.

Ransomware

Ransomware DDOS Passwords Backups

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

Install and regularly update anti-virus or anti-malware software on all hosts. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Ransomware

Ransomware VPN Advertising Marketing

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Security Affairs

SEPTEMBER 9, 2020

Install and regularly update anti-virus or anti-malware software on all hosts. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Ransomware

Ransomware Energy and Utilities VPN Advertising

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

ESET researchers also said the attackers also attempt to exploit RDP connections to try to install coin-mining malware or create a backdoor. ” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection.

Passwords

Passwords Internet Internet Advertising

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

The intention behind hacking your identity might be to attack your connection with malware or to trace your location for some malicious activities in the future. VPN or Virtual Private Network is the most secure way of connecting with the online world. The only drawback is that many free VPNs are not secure as we think.

Hacking

Hacking VPN Internet Internet

Netwalker Ransomware hit Argentina’s official immigration agency

Security Affairs

SEPTEMBER 6, 2020

Install and regularly update anti-virus or anti-malware software on all hosts. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Ransomware

Ransomware VPN Advertising Passwords

How to stay safe from cybercriminals and avoid data breaches

IT Security Guru

AUGUST 9, 2022

Secure your accounts with complex passwords. Are your passwords so strong you struggle to remember them? If not, it might be time you shift to new password and cryptography strategies. . This method works because many people set ordinary and easy-to-remember passwords, often using the same one for multiple accounts.

Data breaches

Data breaches Passwords Antivirus Accountability

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

Security Affairs

SEPTEMBER 30, 2020

Nikulin first breached LinkedIn between March 3 and March 4, 2012, the hacker first infected an employee’s laptop with malware then used the employee’s VPN to access LinkedIn’s internal network. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. Pierluigi Paganini.

Identity Theft

Identity Theft Cybercrime Advertising Hacking

U.S. Bookstore giant Barnes & Noble hit by cyberattack

Security Affairs

OCTOBER 15, 2020

At the time of writing this post, the company hasn’t provided details of the attack, such as the family of malware that infected its systems. In August, the website ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks VPN Backups Ransomware

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” ” continues the report.

Cybercrime

Cybercrime Antivirus Marketing Accountability

FBI warns of education sector credentials on dark web forums

Malwarebytes

MAY 31, 2022

From the summary: The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publicly accessible forums. May 2021 : Over 36,000 email/password combinations for.edu addresses were observed on a “publicly available instant messaging platform.”

Education

Education Social Engineering VPN Accountability

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

Nikulin first breached LinkedIn between March 3 and March 4, 2012, the hacker first infected an employee’s laptop with malware then used employee’s VPN to access the LinkedIn’s internal network. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails.

Hacking

Hacking Cybercrime Data breaches Advertising

Netwalker ransomware operators leaked files stolen from K-Electric

Security Affairs

OCTOBER 1, 2020

Install and regularly update anti-virus or anti-malware software on all hosts. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Ransomware

Ransomware Advertising Engineering VPN

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Security Affairs

AUGUST 21, 2020

The campaign is worrisome due to the ongoing COVID-19 pandemic that caused the spike in the number of employees working from home and the increase in the use of corporate VPN and elimination of in-person verification. Restrict VPN access hours, where applicable, to mitigate access outside of allowed times. Pierluigi Paganini.

Social Engineering

Social Engineering VPN Phishing Authentication

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

Most of APT28s’ campaigns leveraged spear-phishing and malware-based attacks, the recent mass scanning activity represents a change in the modus operandi of the group. “This report aims to shed light on some of Pawn Storm’s attacks that did not use malware in the initial stages. Pierluigi Paganini.

Phishing

Phishing Accountability Advertising DNS

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

Install and regularly update anti-virus or anti-malware software on all hosts. Consider installing and using a VPN. Use two-factor authentication with strong passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Ransomware

Ransomware VPN Data breaches Advertising

REvil ransomware attack against MSPs and its clients around the world

SecureList

JULY 5, 2021

REvil ransomware has been advertised on underground forums for three years and it is one of the most prolific RaaS operations. Decryption of files affected by this malware is impossible without the cybercriminals’ keys due to the secure cryptographic scheme and implementation used in the malware.

Ransomware

Ransomware Encryption VPN Software

Why Freelancers Should Prioritise Cybersecurity

Security Boulevard

JUNE 11, 2021

Not only will taking the proper precautions keep you out of financial trouble, but you could also advertise in your job pitches how secure your business really is. Start with smart passwords. Start by installing antivirus software and use it to scan your system every week for malware and viruses.

Cybersecurity

Cybersecurity Scams Backups Passwords

50 Ways to Avoid Getting Scammed on Black Friday

Adam Levin

NOVEMBER 17, 2020

Make sure your smartphone, tablet and laptop are password-protected, particularly if you’re in the habit of carrying them around wherever you go. Protect yourself from malware by purchasing, updating, and upgrading antivirus software. Create long and strong passwords. Change passwords repeatedly. Lock your devices.

Scams

Scams Retail Banking Passwords

Who and What is Behind the Malware Proxy Service SocksEscort?

Giving a Face to the Malware Proxy Service ‘Faceless’

Webinars

Trending Sources

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Webinars

Experts link AVRecon bot to the malware proxy service SocksEscort

Fortinet VPN with default certificate exposes 200,000 businesses to hack

A Deep Dive Into the Residential Proxy Service ‘911’

Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube

Credential-stealing malware disguises itself as Telegram, targets social media users

New TA886 group targets companies with custom Screenshotter malware

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

7 Cyber Safety Tips to Outsmart Scammers

FBI issued a flash alert about Netwalker ransomware attacks

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

CISA says federal agency compromised by malicious cyber actor

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Crooks target Ukraine’s IT Army with a tainted DDoS tool

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

A week in security (March 29 – April 4)

US CISA report shares details on web shells used by Iranian hackers

BlackCat Ransomware gang breached over 60 orgs worldwide

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

How Can You Keep Your Personal Information Safe?

NASA warns of a significant increase in cyber attacks during Coronavirus outbreak

Avoslocker ransomware gang targets US critical infrastructure

Netwalker ransomware operators claim to have stolen data from Forsee Power

Netwalker ransomware hit K-Electric, the major Pakistani electricity provider

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

5 Ways to Protect Yourself from IP Address Hacking

Netwalker Ransomware hit Argentina’s official immigration agency

How to stay safe from cybercriminals and avoid data breaches

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

U.S. Bookstore giant Barnes & Noble hit by cyberattack

15 billion credentials available in the cybercrime marketplaces

FBI warns of education sector credentials on dark web forums

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Netwalker ransomware operators leaked files stolen from K-Electric

Hackers are targeting teleworkers with vishing campaign, CISA and FBI warn

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Colocation data centers giant Equinix data hit by Netwalker Ransomware

REvil ransomware attack against MSPs and its clients around the world

Why Freelancers Should Prioritise Cybersecurity

50 Ways to Avoid Getting Scammed on Black Friday

Stay Connected