Krebs on Security

MAY 28, 2025

This wasnt just a scam operation – it was essentially a cybercrime university that empowered fraudsters globally, NCCIA Director Abdul Ghaffar said at a press briefing. Prior to folding their operations behind WeCodeSolutions, Shahzad and others arrested this month operated as a web hosting group calling itself The Manipulaters.

Malware

Security Affairs

APRIL 2, 2025

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. Delivered via phishing and hosted on compromised SharePoint sites, it remains undetected by most antivirus solutions, posing a serious security risk. ” concludes the report.

Antivirus

Security Affairs

JANUARY 10, 2025

The malicious code was advertised on cybercrime forums for $3,000 per month. A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November.

Malware

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Advertising

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Security Affairs

MARCH 24, 2025

The FBI Denver Field Office advises staying cautious online, being aware of potential risks, and keeping antivirus software updated to scan files before opening them. .” Victims often realize too late that malware has infected their devices, leading to ransomware or identity theft. The FBI urges reporting to IC3.gov.

Malware

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The DarkWatchman malware can evade detection by standard antivirus software.

Malware

Security Affairs

MAY 24, 2025

The group campaigns leave minimal traces and often evade antivirus detection by using legitimate remote access tools. “Implement basic cyber hygiene to include being suspicious, robust passwords, multifactor authentication, and installation of antivirus tools.” ” concludes the report. ” concludes the report.

Social Engineering

Security Affairs

APRIL 22, 2025

Keeping devices updated and using reliable antivirus software also helps prevent malware-related data theft. Avoid password reuse, choose complex passwords, and check account activity often. If you suspect fraud, change passwords and contact your brokerage immediately.

Financial Services

Webroot

FEBRUARY 21, 2025

What began as antivirus product has expanded into a comprehensive portfolio to secure your entire digital life. Introducing Webroot Total Protection: Comprehensive security for the modern world When you think about cybersecurity, you probably think of antivirus protectionand rightly so. But as technology advances, so do the threats.

Antivirus

Security Affairs

JULY 9, 2025

Both stealers used Shellter to evade detection with low antivirus flagging. In September 2022, threat actors cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. “Elastic Security Labs is releasing a dynamic unpacker for binaries protected by SHELLTER.

Malware

Security Affairs

FEBRUARY 28, 2025

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Antivirus

Security Affairs

JULY 18, 2025

NoMoreRansom warns users to remove the malware first with a reliable antivirus before using the decryptor, or files may be re-encrypted repeatedly. Despite false malware flags from some browsers, tests confirm it works and is safe. Europol and the FBI are promoting it as an official recovery solution.

Ransomware

Security Affairs

APRIL 16, 2025

.” concludes the report that includes indicators of compromise (IoCs). ” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware.

Malware

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. Antivirus protection Software that protects against viruses and malware. Each year, the first week of March (March 2-8) is recognized as National Consumer Protection Week (NCPW).

Consumer Protection

Security Affairs

DECEMBER 17, 2024

Recommendations include timely patching, using strong and unique passwords, enabling multi-factor authentication, implementing security tools to detect abnormal activity, auditing accounts, scanning for open ports, segmenting networks, updating antivirus software, and creating offline backups.

Architecture

Security Affairs

APRIL 2, 2025

In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231 .” To protect against malware, experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android immediately.

Cryptocurrency

Security Affairs

MARCH 7, 2025

Upon gaining initial access to the target, Medusa hackers use remote management and monitoring (RMM) tools like SimpleHelp and AnyDesk for maintaining persistence and employ BYOVD with KillAV to disable antivirus, a tactic seen in BlackCat and RansomHub ransomware operations.

Ransomware

Security Affairs

MARCH 10, 2025

The discovered infected archives contained an additional executable, with a modified start script tricking victims into disabling antivirus protections. By December 2024, reports emerged of further miner-infected versions spreading via Telegram and YouTube. It fetched a second-stage payload from hardcoded domains, executing it as t.py

Cryptocurrency

Security Affairs

FEBRUARY 4, 2025

It gathers system details, including antivirus information, encodes the data, and sends it to a remote server. .” The decrypted MSIL file maintains persistence by modifying the Windows registry to execute a PowerShell command that downloads the Coyote Banking Trojan.

Banking

Security Affairs

FEBRUARY 13, 2025

Users that played the game have received the following email: pic.twitter.com/B98BFs0WbK — SteamDB (@SteamDB) February 12, 2025 The game PirateFi was released as beta, but multiple antivirus flagged it as “Trojan.Win32.Lazzzy.gen.” Lazzzy.gen.” SteamDB estimates that over 800 users may have downloaded the game.

Malware

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. Most antivirus programs for Android fail to spot it, says Cleafy. Got an Android phone? Got a tap-to-pay card?

Malware

Zero Day

JUNE 6, 2025

The data in question was posted on a Russian cybercrime forum on May 15 and then uploaded again on June 3, apparently garnering attention from other cybercriminals and potential buyers. " Also:  Stop paying for antivirus software. But in this age of cybercrime, these numbers have become vulnerable.

Password Management

Security Affairs

APRIL 21, 2025

The malware maintains a low detection rate among antivirus solutions due to its minimal permission model and narrow focus on NFC relay attacks. The malware also uses stored ATR messages to enable card emulation, helping attackers trick POS terminals and ATMs into accepting the relayed card as genuine.

Malware

Security Affairs

MARCH 31, 2025

“The main module implements numerous techniques to evade detection by antivirus (AV) and Endpoint Detection and Response (EDRs) including call stack spoofing, sleep obfuscation, and leveraging Windows fibers.” . “The main CoffeeLoader module also resolves API function addresses by hash, but uses the DJB2 algorithm.”

Malware

Security Affairs

NOVEMBER 5, 2024

“An important question arising from this analysis is not just how to defend against threats like ToxicPanda but why contemporary antivirus solutions have struggled to detect a threat that is, in technical terms, relatively straightforward. Spain and Peru, at 3.9% and 3.4%, indicate a potential expansion into Latin America.

Banking

Security Affairs

MARCH 26, 2025

While only one sample is currently detected by antivirus tools, many others remain undetected. ReaderUpdate is a macOS malware loader that has been active since 2020, the malicious code was first seen as a compiled Python binary and was spotted delivering Genieo adware.

Malware

Security Affairs

MARCH 31, 2025

The PowerShell code avoids antivirus detection by using Get-Command to execute the payload. The malicious LNK files, created on two machines, contain PowerShell code to download the next stage payload and a decoy file to disguise the infection.

Phishing

Security Affairs

NOVEMBER 6, 2024

” The hospital identified the ransomware attack early Saturday after antivirus software installed on the employees’ PCs flagged potential risks. While we believe this issue will not impact either the level or the quality of care we provide to our patients, we want to be fully transparent regarding this situation.”

Ransomware

Security Affairs

MARCH 14, 2025

He developed the code to disable antivirus software, deploy malware, and print ransom notes to all printers connected to a victim network. Panev received over $230,000 in laundered cryptocurrency from Khoroshev between 2022 and 2024.

Ransomware

SecureWorld News

OCTOBER 31, 2024

Stay vigilant against new spells (updates) : Keep operating systems, software, and antivirus tools updated, as new patches often seal up weaknesses that attackers seek to exploit. Stake your defenses : Invest in threat detection tools that identify anomalies across your network.

IoT

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. Its like putting a lock on your personal data.

Data breaches

Malwarebytes

MARCH 17, 2025

While Google searches are probably one of the most common tasks for any vacation planning, the results that people see can be manipulated through a type of cybercrime called malvertising , short for “malicious advertising. Protect your devices with antivirus and cybersecurity tools.

Scams

Webroot

MARCH 12, 2025

But if your hard drive crashes, your laptop gets stolen, or you fall victim to cybercrime, the loss can be devastating. Use antivirus protection: Secure your system with antivirus protection to prevent malware and ransomware attacks. Its a nightmare scenario that happens more often than you think.

Backups

Digital Shadows

NOVEMBER 26, 2024

The proliferation of cybercrime guides on forums and a 7% rise in insider threat content, driven by significant financial incentives, highlight the growing complexity of cybersecurity challenges. The proliferation of these guides enables more individuals to enter the cybercrime arena.

Cyber Attacks

Security Affairs

NOVEMBER 24, 2024

Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware

Webroot

JUNE 17, 2025

Research shows that the travel and tourism sector ranked third in cyberattacks, with nearly 31% of hospitality organizations experiencing a data breach and a record 340 million people affected by cybercrimes. According to Mastercard, travel-related fraud in 2024 increased by 18% during the summer peak season and 28% in the winter peak season.

VPN