Antivirus, Information Security and Passwords

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

Security Affairs

MAY 28, 2025

Researchers found a fake Bitdefender site spreading the Venom RAT by tricking users into downloading it as antivirus software. com) spoofing Bitdefenders Antivirus for Windows download page to trick visitors into downloading a remote access trojan called Venom RAT. The malware includes tools for password theft and stealthy access.”

Antivirus

Antivirus Malware Banking Passwords

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. ” Security news site Bleeping Computer reported on the T-Systems Ryuk ransomware attack on Dec. In our Dec.

Passwords

Passwords Ransomware Password Management Malware

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

. “There has been a sharp increase in the number of cases of unauthorized access and unauthorized trading (trading by third parties) on Internet trading services using stolen customer information (login IDs, passwords, etc.) from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

They can also steal personal data, banking details, cryptocurrency info, emails, and passwords by scraping the files the users upload. The FBI Denver Field Office advises staying cautious online, being aware of potential risks, and keeping antivirus software updated to scan files before opening them. Reporting the incident to IC3.gov

Malware

Malware Scams Identity Theft Antivirus

Silent Ransom Group targeting law firms, the FBI warns

Security Affairs

MAY 24, 2025

The group campaigns leave minimal traces and often evade antivirus detection by using legitimate remote access tools. “Implement basic cyber hygiene to include being suspicious, robust passwords, multifactor authentication, and installation of antivirus tools.” ” concludes the report.

Social Engineering

Social Engineering Antivirus Phishing Engineering

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. How to protect yourself and your data Smart ways to secure your devices Strong passwords – Make them long, random, and unique.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

Researchers at Elastic Security Labs who first analyzed the malware confirmed it can steal keychain passwords and data from multiple browsers. Additionally, the malware was avoiding targeting systems where Russian is the primary language. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware

Malware Advertising Antivirus Cybercrime

Linksys force password reset to prevent Router hijacking

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords

Passwords DNS Malware Advertising

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

The hackers say that the dates of birth and social security numbers were originally encrypted but have since been decrypted and are now visible in plain text. Also: Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more Individually, any one of those pieces of data can be exploited by the wrong people.

Password Management

Password Management Passwords Software Artificial Intelligence

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

Attackers also attempted to exploit weak vendor-supplied passwords. The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. Targeted TCP ports included 23, 26, 554, 2323, 567, 5523, 8080, 9530, and 56575.

Architecture

Architecture Internet Internet Malware

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. After that, the following files are extracted, namely: Avira.exe : Legitimate injector from Avira Antivirus. In the last few years, many banking trojans developed by Latin American criminals have increased in volume and sophistication.

Antivirus

Antivirus Malware Banking Internet

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

The messages contained password-protected archives named similarly to Documents from 04/29/2025.rar. The DarkWatchman malware can evade detection by standard antivirus software. Once opened, the archive triggered an infection chain that installed a modified version of DarkWatchman malware on the recipients system.

Malware

Malware Phishing Telecommunications Antivirus

Russia’s FSB used spyware against a Russian programmer

Security Affairs

DECEMBER 7, 2024

Parubets disclosed that his apartment was searched, and he was beaten to force him to reveal his device password. Kirill Parubets and his spouse were detained, during which the FSB pressured him to become an informant, threatening life imprisonment if he refused.

Spyware

Spyware Passwords Encryption Surveillance

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware.

Malware

Malware Manufacturing Mobile Spyware

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Each of us have a responsibility to embrace best privacy and security practices. Use a password manager. To be sure, it’s not as if the good guys aren’t also innovating.

Passwords

Passwords Password Management Antivirus Internet

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

Security Affairs

AUGUST 6, 2022

Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created or revoked a shared invitation link for their workspace. Slack announced that it is resetting passwords for about 0.5% The post Slack resets passwords for about 0.5% Pierluigi Paganini.

Passwords

Passwords Password Management Antivirus Encryption

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

Security Affairs

NOVEMBER 5, 2024

The Android malware can intercept one-time passwords (OTPs) to bypass two-factor authentication (2FA) and employs advanced obfuscation techniques to evade detection, making it highly effective for banking fraud through On-Device Fraud (ODF). Spain and Peru, at 3.9% and 3.4%, indicate a potential expansion into Latin America.

Banking

Banking Malware Accountability Authentication

A 3-Tiered Approach to Securing Your Home Network

Daniel Miessler

MAY 8, 2020

There are security/hacker types that maintain massive repositories of passwords. Change all default passwords to something unique and strong. Most home networks get broken into through either phishing or some random device they have with a bad password. This is the most important thing in this article.

Passwords

Passwords DNS Accountability IoT

New Windows Meduza Stealer targets tens of crypto wallets and password managers

Security Affairs

JULY 3, 2023

The malware also targets crypto wallet extensions, password managers, and 2FA extensions. “What’s more concerning is that a large portion of antivirus software has proven ineffective against the Meduza stealer binary, either failing to detect it statically or dynamically” reads the analysis published by Uptycs.

Password Management

Password Management Passwords Malware Marketing

Critical Actions Post Data Breach

SecureWorld News

DECEMBER 30, 2024

Disable compromised accounts or restrict their permissions immediately, update passwords for authorized users to prevent further unauthorized access. Weak and stolen passwords Require all employees to reset their passwords immediately following the breach. Introduce MFA for all corporate accounts.

Data breaches

Data breaches Social Engineering Passwords Accountability

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

Script code snippet – Credit OALABS The attackers hope that the victim will save the password when asked by the browser, so that it will be stolen by StealC running. Enable 2FA Authentication: This measure adds an extra layer of security by requiring a second factor of authentication in addition to the password.

Passwords

Passwords Identity Theft Education Authentication

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.”

Cybercrime

Cybercrime Antivirus Marketing Accountability

Cyber Security Awareness Month: Cyber tune-up checklist

Webroot

OCTOBER 1, 2024

By safeguarding our information from cyber threats, we can all help keep the digital world we live in more secure. Password best practices One of the best ways to keep your personal data out of the hands of hackers is also one of the simplest. Create strong passwords. Here are some tips for creating unbreakable passwords.

Security Awareness

Security Awareness Backups Passwords Password Management

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Review antivirus logs for indications they were unexpectedly turned off. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (e.g.,

Ransomware

Ransomware Antivirus Passwords Malware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Regularly back up data, password protect backup copies offline. Install and regularly update antivirus software on all hosts, and enable real time detection. Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes.

Ransomware

Ransomware DDOS Passwords Backups

Kaspersky addressed multiple issues in online protection solutions

Security Affairs

NOVEMBER 26, 2019

Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products. The vulnerabilities were found by the security researcher Wladimir Palant that reported them to Kaspersky in December 2018. As in: under some circumstances, antivirus would still crash. ” reads the post.

Antivirus

Antivirus Advertising Password Management Hacking

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

“Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST. The module that implements the warm capabilities was spotted scanning the internet and performing password brute-force attacks against Windows systems with SMB port open online.

DNS

DNS Cryptocurrency Malware Internet

Anti-malware firm Emsisoft accidentally exposes internal DB

Security Affairs

FEBRUARY 10, 2021

Antivirus firm Emsisoft discloses a data breach, a third-party had access to a publicly exposed database containing technical logs. The anti-malware solutions provider Emsisoft disclosed last week a data breach. The company revealed that a third-party had accessed a publicly exposed database containing technical logs.

Malware

Malware Data breaches Antivirus Passwords

How to Protect Your Business Data with Cyber security

CyberSecurity Insiders

NOVEMBER 25, 2021

So it’s important to teach all your employees that have access to the network how to identify possible security threats and train them to use cyber security best practices. Create a cyber security policy and make sure that all employees know that information security is a priority. Create a Strong Password Policy.

Computers and Electronics

Computers and Electronics Cyber Attacks Data breaches Passwords

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

These pieces of malware are created with the intent of stealing valuable data, such as login credentials, financial information, personal details, and more. This data may include usernames, passwords, credit card numbers, social security numbers, and other sensitive information.

Banking

Banking Cybercrime Malware Accountability

Experts spotted a variant of the Agenda Ransomware written in Rust

Security Affairs

DECEMBER 19, 2022

.” Upon executing the malware, the Rust binary prompts an error requiring a password to be passed as an argument. Passing the “—password” parameter in conjunction with a dummy password “AgendaPass,” the ransomware starts its malicious activity by terminating various processes and services. ” concludes the report.

Ransomware

Ransomware Encryption Healthcare Education

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

CISA reports provide the following recommendations to users and administrators to strengthen the security posture of their organization’s systems: • Maintain up-to-date antivirus signatures and engines. If these services are required, use strong passwords or Active Directory authentication.

Malware

Malware Passwords Advertising Antivirus

Emsisoft: Victims of AstraLocker and Yashma ransomware can recover their files for free

Security Affairs

JULY 8, 2022

In case a system was compromised through the Windows Remote Desktop feature, the experts recommend changing all passwords of all users that are allowed to login remotely and check the local user accounts for additional accounts the attacker might have added. ” reads the guide. ” reads the guide.

Ransomware

Ransomware Encryption Malware Accountability

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware

Ransomware Firmware Antivirus Accountability

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

To bypass antivirus systems, hackers send out malicious emails in non-working hours with delayed activation. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. More than 80% of all malicious files were disguised as .zip

Ransomware

Ransomware Antivirus Malware Banking

Privileged account management challenges: comparing PIM, PUM and PAM

CyberSecurity Insiders

NOVEMBER 18, 2021

He is also looking for opportunities to collect additional access parameters (usernames and passwords), elevate privileges, or use already existing compromised accounts for unauthorized access to systems, applications, and data. Attackers may use the following methods to obtain administrator privileges: Compromised passwords.

Accountability

Accountability Passwords Authentication Information Security

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malware is able to steal sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) . Below the list of mitigations: Maintain up-to-date antivirus signatures and engines.

Malware

Malware Passwords Advertising Antivirus

Ransomware realities in 2023: one employee mistake can cost a company millions

Security Affairs

OCTOBER 17, 2023

If your friend or colleague is suddenly asking you for money or to change your password, call them on the phone and ask if they really sent the message. Use a strong password and store it correctly: Strong passwords consist of a combination of uppercase and lowercase letters, numbers, and special symbols such as punctuation.

Social Engineering

Social Engineering Ransomware Engineering Phishing

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Turchin obtained credentials to target networks by launching spear-phishing attacks and brute-forcing the passwords of remote desktop servers exposed online. Once the hacker gained access to the network, the deployed password-stealing malware and remote access trojans (RATs) to harvest credentials and establish persistence in the system.

Hacking

Hacking Antivirus Advertising Cybercrime

Ezuri memory loader used in Linux and Windows malware

Security Affairs

JANUARY 8, 2021

Upon executing the code, it will ask the user the path for the payload to be encrypted and the password to be used for AES encryption to hide the malware within the loader. In case, the password is not provided, the tool generates one. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Malware

Malware Encryption Antivirus Passwords

Mysterious custom malware used to steal 1.2TB of data from million PCs

Security Affairs

JUNE 11, 2021

Most of the stolen files (50%+) were text files, some of them containing software logs, passwords, personal notes, and other sensitive information. These included logins for social media, online games, online marketplaces, job-search sites, consumer electronics, financial services, email services, and more. png and 224,000.jpg

Malware

Malware Computers and Electronics Software Financial Services

Trusted relationship attacks: trust, but verify

SecureList

MAY 28, 2024

But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. Access is set up using a certificate or a login/password pair, and in rare cases multi-factor authentication is added. Rounding out the top three is targeted phishing.

VPN

VPN Accountability Passwords Antivirus

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

Regularly back up data, air gap, and password protect backup copies offline. Implement a recovery plan to restore sensitive or proprietary data from a physically separate, segmented, secure location (e.g., Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. .

Government

Government Passwords Accountability Firmware

AI and deepfakes: How to be AI-savvy

Webroot

OCTOBER 1, 2024

They can use deepfakes to trick you into revealing sensitive information or falling for scams that seem remarkably genuine. To safeguard your identity from these AI-driven threats, here are four essential tips: Shield your computer and smartphone Make sure your devices are protected with antivirus software and firewalls.

Identity Theft

Identity Theft Scams Media Technology

Crooks use a fake antivirus site to spread Venom RAT and a mix of malware

The Hidden Cost of Ransomware: Wholesale Password Theft

Trending Sources

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

FBI warns of malicious free online document converters spreading malware

Silent Ransom Group targeting law firms, the FBI warns

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Banshee macOS stealer supports new evasion mechanisms

Linksys force password reset to prevent Router hijacking

86 million AT&T customer records reportedly up for sale on the dark web

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Russia’s FSB used spyware against a Russian programmer

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

A 3-Tiered Approach to Securing Your Home Network

New Windows Meduza Stealer targets tens of crypto wallets and password managers

Critical Actions Post Data Breach

Credential Flusher, understanding the threat and how to protect your login data

15 billion credentials available in the cybercrime marketplaces

Cyber Security Awareness Month: Cyber tune-up checklist

BlackCat Ransomware gang breached over 60 orgs worldwide

Avoslocker ransomware gang targets US critical infrastructure

Kaspersky addressed multiple issues in online protection solutions

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Anti-malware firm Emsisoft accidentally exposes internal DB

How to Protect Your Business Data with Cyber security

Info stealers and how to protect against them

Experts spotted a variant of the Agenda Ransomware written in Rust

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Emsisoft: Victims of AstraLocker and Yashma ransomware can recover their files for free

Ranzy Locker ransomware hit tens of US companies in 2021

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Privileged account management challenges: comparing PIM, PUM and PAM

CISA’s advisory warns of notable increase in LokiBot malware

Ransomware realities in 2023: one employee mistake can cost a company millions

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Ezuri memory loader used in Linux and Windows malware

Mysterious custom malware used to steal 1.2TB of data from million PCs

Trusted relationship attacks: trust, but verify

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

AI and deepfakes: How to be AI-savvy

Stay Connected