The Hacker News

APRIL 4, 2022

A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200.

Malware 93

Malware VPN Hacking Advertising 93

Malwarebytes

APRIL 4, 2024

In this blog post, we look at a very recent malvertising campaign impersonating the popular VPN software NordVPN. A malicious advertiser is capturing traffic from Bing searches and redirecting users to a decoy site that looks almost identical to the real one. This is true here as well, where we have a redirect to besthord-vpn[.]com

VPN 106

VPN Advertising DNS Malware 106

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN 310

VPN Computers and Electronics Antivirus Software 310

SecureWorld News

JANUARY 20, 2022

The most recent win for the good guys fighting ransomware threat actors comes from Europol, who successfully took out a VPN service, known as VPNLab.net, that was used by criminals to distribute ransomware, malware, and other types of cyberattacks. At the same time, investigators found the service advertised on the dark web itself.".

VPN 88

VPN Ransomware Cybercrime Data breaches 88

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. State-sponsored hackers used a zero-day vulnerability in Sangfor SSL VPN servers to gain access to victims’ networks. Up to now, a large number of VPN users have been attacked.”

VPN 130

VPN Government Advertising Firmware 130

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes.

VPN 111

VPN Hacking IoT Advertising 111

Malwarebytes

MARCH 29, 2021

In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things. Source: ComputerWeekly).

VPN 82

VPN Internet Internet Manufacturing 82

Security Affairs

JULY 31, 2023

Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. The AVrecon malware was written in C to ensure portability and designed to target ARM-embedded devices. The popular investigator Brian Krebs and Spur.us “ SocksEscort[.]com

Malware 93

Malware Small Business Advertising Passwords 93

Security Affairs

NOVEMBER 14, 2019

APT33 , the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. The targeted malware campaigns aimed at organizations in the Middle East, the U.S., “APT33 likely uses its VPN exit nodes exclusively. ” continues the post.

VPN 85

VPN Malware Advertising Hacking 85

eSecurity Planet

OCTOBER 28, 2022

GitHub proofs of concept (PoCs) for known vulnerabilities could themselves contain malware as often as 10% of the time, security researchers have found. These “proofs” advertised exploits for vulnerabilities that have been publicly disclosed between 2017 and 2021. See the Top Vulnerability Management Tools. Signs of Malicious PoCs.

Malware 142

Malware VPN Education Advertising 142

Malwarebytes

APRIL 11, 2022

A credential-stealing Windows-based malware, Spyware.FFDroider , is after social media credentials and cookies, according to researchers at ThreatLabz. The malware also plans to steal saved VPN/dial up credentials from the AppdataMicrosoftNetworkConnectionsPbkrasphone.pbk and Pbkrasphone.pbk phonebooks if present. Social media.

Media 135

Media Malware Spyware Accountability 135

Security Affairs

FEBRUARY 10, 2023

A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. The attack chain starts with an phishing emails containing a malicious URL or malicious attachment that lead to deployment of WasabiSeed and Screenshotter malware.

Malware 85

Malware Phishing Spyware Cybercrime 85

Security Affairs

SEPTEMBER 23, 2019

Security researcher Peleg Hadar of SafeBreach Labs discovered a privilege escalation flaw that impacts all versions of Forcepoint VPN Client for Windows except the latest release. “In our exploration, we found that after the Forcepoint VPN Client Service was started, the sgvpn.exe signed process was executed as NT AUTHORITYSYSTEM.”

VPN 64

VPN Advertising Hacking Malware 64

Security Affairs

SEPTEMBER 16, 2022

Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners. Researchers from Kaspersky have spotted a self-extracting archive, served to gamers looking for cheats on YouTube, that was employed to deliver the RedLine Stealer information-stealing malware and crypto miners.

Malware 88

Malware Cryptocurrency Hacking Passwords 88

Security Affairs

AUGUST 12, 2020

Experts found new variants of Agent Tesla Trojan that include modules to steal credentials from popular web browsers, VPN software, as well as FTP and email clients. Recent samples of the malware include specific code to collect app configuration data and credentials from several apps.

Passwords 137

Passwords Spyware VPN Malware 137

Security Affairs

NOVEMBER 4, 2020

KPOT Stealer is a “stealer” malware that focuses on exfiltrating account information and other data from web browsers, instant messengers, email, VPN, RDP, FTP, cryptocurrency, and gaming software. The KPOT Stealer was written in C/C++, it was offered in the cybercrime underground as a Malware-as-a-Service (MaaS).

Ransomware 139

Ransomware Malware Advertising Cybercrime 139

Security Affairs

SEPTEMBER 25, 2020

Threat actors implanted a malware in the network of an unnamed federal agency that was able to avoid detection. The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server.

VPN 96

VPN Malware Cyber threats Accountability 96

Security Affairs

JULY 14, 2023

A new malware dubbed AVrecon targets small office/home office (SOHO) routers, it infected over 70,000 devices from 20 countries. Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. ” concludes the report. ” concludes the report.

Malware 84

Malware Advertising Cybercrime Passwords 84

Security Boulevard

MARCH 30, 2022

Malware-as-a-service has contributed substantially to the growth of ransomware and phishing attacks (among other attack types) in the past year, as they lower the technical barrier to entry for criminals to carry out attacks. Blackguard is currently being sold as malware-as-a-service with a lifetime price of $700 and a monthly price of $200.

Malware 98

Malware Hacking Antivirus Passwords 98

Security Affairs

MARCH 10, 2022

Threat actors are spreading password-stealing malware disguised as a security tool to target Ukraine’s IT Army. Cisco Talos researchers have uncovered a malware campaign targeting Ukraine’s IT Army , threat actors are using infostealer malware mimicking a DDoS tool called the “Liberator.” 35) on port 6666.

DDOS 87

DDOS Digital transformation Malware Advertising 87

Security Affairs

AUGUST 2, 2020

“Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).” “Two of the most common vulnerabilities exploited by actors using Netwalker are Pulse Secure VPN (CVE-2019-11510) and Telerik UI (CVE-2019-18935).”

Ransomware 134

Ransomware VPN Advertising Government 134

Malwarebytes

JANUARY 19, 2022

VPNLab.net was a virtual private network provider that mostly advertised its services on the criminal side of the Dark Web, and provided services for various cybercriminals, including ransomware gangs. What is double VPN? Double VPN is basically what the name suggests. Double VPN is not a common feature, because it is very slow.

VPN 79

VPN Encryption Cybercrime Technology 79

Malwarebytes

SEPTEMBER 15, 2023

“Phishing emails containing malware, Remote Desktop Protocol (RDP) brute forcing and Virtual Private Network (VPN) vulnerability exploitation are the most common intrusion tactics used by cybercriminals. Other notable facts: Mobile malware campaigns are less prolific after the takedown of Flubot. Prevent intrusions.

Cybercrime 109

Cybercrime Ransomware DDOS Backups 109

Security Affairs

JUNE 7, 2023

However, the threat actors involved can easily switch tactics to redirect users to other types of malware, such as banking Trojans to steal credentials and financial information or ransomware.” ” The malware has been able to remain undetected since October 2022. ” reads the report published by Bitdefender.

Adware 89

Adware Mobile Malware Advertising 89

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day.

Antivirus 359

Antivirus Hacking Government Software 359

Security Affairs

APRIL 2, 2020

Microsoft is sending notifications to dozens of hospitals about vulnerable VPN devices and gateways exposed online in their network. Microsoft is warning dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. ” reads the post published by Microsoft. Pierluigi Paganini.

Ransomware 107

Ransomware VPN Healthcare Cyber Attacks 107

Malwarebytes

APRIL 5, 2021

Last week on Malwarebytes Labs, our podcast featured Malwarebytes senior security researcher JP Taggart, who talked to us about why you need to trust your VPN. But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things.

VPN 79

VPN Scams Internet Internet 79

Security Affairs

JULY 29, 2020

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers. ” The botnet is scanning the Internet for misconfigured Docker API endpoints, Experts noticed that the Ngrok malware has already infected many vulnerable servers.

Cryptocurrency 139

Cryptocurrency Malware Advertising VPN 139

Security Affairs

APRIL 8, 2020

The memo was obtained by the website SpaceRef, it warns of both phishing attacks and malware-based attacks. According to the advisory issued by NASA, the number of phishing attempts doubled in the past few days, at the same time the number of malware attacks on its systems has grown exponentially. ” reads the memo.

Cyber Attacks 145

Cyber Attacks Computers and Electronics VPN Phishing 145

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 92

Hacking VPN Advertising Financial Services 92

Malwarebytes

AUGUST 16, 2023

Based on our tracking, it is a new trend for these malvertising campaigns dropping infostealers and other malware used by initial access brokers in ransomware operations. Conclusion By using better filtering before redirecting potential victims to malware, threat actors ensure that their malicious ads and infrastructure remain online longer.

Malware 90

Malware Advertising VPN Engineering 90

Security Affairs

APRIL 21, 2024

Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 99

Data breaches Phishing Ransomware Malware 99

Security Affairs

MARCH 17, 2020

Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware 99

Ransomware Cryptocurrency Advertising Passwords 99

Krebs on Security

MAY 22, 2023

Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. That user advertised a service called “ Quot Project ” which said they could be hired to write programming scripts in Python and C++. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 249

Scams DDOS Cryptocurrency Accountability 249

Security Affairs

APRIL 6, 2020

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. ” The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency, hackers exploit unprotected open Docker API port to instantiate an Ubuntu container. “The spre.

Cryptocurrency 101

Cryptocurrency Malware Advertising VPN 101

Security Affairs

JULY 28, 2020

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The samples have been deployed over the network of the target enterprises brute-forcing the SMB service on every discovered machine and using the MATA malware framework (aka Dacls ). Pierluigi Paganini.

Ransomware 100

Ransomware Malware Advertising VPN 100

Security Affairs

SEPTEMBER 27, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT 102

IoT Banking Advertising Ransomware 102