Malwarebytes

JUNE 1, 2021

This blog post was authored by Hossein Jazi. The structure and TTPs used in these recent activities align with what has been reported in KISA’s report. The structure and TTPs used in these recent activities align with what has been reported in KISA’s report. Victimology. microsoft-office[.]us microsoft-office[.]us.

Government 145

Government Phishing Encryption Media 145

Malwarebytes

OCTOBER 19, 2021

This blog post was authored by Jérôme Segura. In a blog post about Magecart Group 8, we documented some of the various web properties used to serve skimmers and exfiltrate stolen data. In a blog post about Magecart Group 8, we documented some of the various web properties used to serve skimmers and exfiltrate stolen data.

Mobile 109

Mobile Small Business 109

Webroot

MAY 12, 2021

“What Bitcoin was to 2011, NFTs are to 2021.”. Non- what token? That’s what the “non-fungible” in non-fungible token means: there’s only one, and it’s completely unique. What’s the point of spending millions to own an original digital asset that’s been effortlessly reproduced a million times?

Cryptocurrency 91

Cryptocurrency Marketing Phishing Authentication 91

SecureList

NOVEMBER 1, 2022

These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. The most remarkable findings.

Malware 140

Malware Ransomware Spyware Encryption 140

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Taylor Monahan is founder and CEO of MetaMask , a popular software cryptocurrency wallet used to interact with the Ethereum blockchain. Then on Aug.

Cryptocurrency 349

Cryptocurrency Passwords Encryption Accountability 349

Security Affairs

DECEMBER 29, 2019

SI-LAB noted that Portuguese users were targeted with malscam messages that reported issues related to a debt of the year 2018. The malware was named ‘Lampion’ as this is the name used as part of its internal name. The malware was named ‘Lampion’ as this is the name used as part of its internal name. The downloaded file is a compressed file (.zip)

Malware 94

Malware Internet Internet Antivirus 94

SecureList

JANUARY 11, 2021

On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In a previous blog, we dissected the method used by Sunburst to communicate with its C2 server and the protocol by which victims are upgraded for further exploitation.

Malware 62

Malware Media Internet Internet 62

Fox IT

SEPTEMBER 11, 2023

It contains features such as keylogging, injections/overlay attacks to display phishing windows over (banking) apps (more on this in the “Overlay attacks” section of this blog), and automated stealing of cryptocurrency recovery seeds. Authored by Joshua Kamp (main author) and Alberto Segura. Hook had a relatively short run.

Malware 108

Malware Cryptocurrency Accountability Phishing 108

Duo's Security Blog

MARCH 9, 2022

Together these practices — which include multi-factor authentication (MFA), restricting administrative privileges and daily backups — provide a clear framework for businesses anywhere that are looking to improve their foundational security footing , as we’ve previously noted on the Duo Blog.

Cybersecurity 88

Cybersecurity Authentication Passwords VPN 88

SecureList

APRIL 27, 2022

These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. The most remarkable findings.

Malware 132

Malware Firmware Government Phishing 132

SiteLock

AUGUST 27, 2021

Oh, what a year it was for insecurity, and especially for the small business. When security researchers discovered more than 2 million stolen passwords on a hacker server in December, a piece of malware called a keylogger was suspected. bank accounts in 2012 by cybercrooks using malware like keyloggers.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

McAfee

AUGUST 4, 2021

This blog is split up into several segments, starting with a brief preface regarding the coverage of loaders in reports. Loaders and their Coverage in Blogs. Even though the earlier stages do not contain the capabilities of the malware that is eventually loaded, they provide insight as to what steps are taken to conceal the malware.

Malware 77

Malware Encryption Software 77

Security Affairs

DECEMBER 15, 2021

Deliver (what are believed to be) Ligolo tunneling tools. Execute Certutil to request a URL from Exchange Web Services (EWS) of (what appears to be) other targeted organizations. Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia.

Telecommunications 91

Telecommunications Passwords Phishing Hacking 91

Thales Cloud Protection & Licensing

OCTOBER 28, 2020

How Ransomware attacks leverage unprotected RDPs and what you can do about it. As mentioned in my colleague Charles Goldberg’s blog post earlier this year, “ Stop Ransomware in its Tracks with Strong Data Security ,” ransomware attacks targeting enterprises in a variety of sectors have skyrocketed during the first half of 2020.

Ransomware 83

Ransomware Authentication Passwords Social Engineering 83

The Last Watchdog

FEBRUARY 28, 2021

As a business owner, you must be aware of the implications of different types of malware on your company’s bottom line, and what steps you can take to protect your company from future attacks. What is Malware . Related: Companies must bear a broad security burden. Many ‘pop-up’ ads start appearing randomly.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

SecureList

APRIL 27, 2021

The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. The most remarkable findings.

Malware 139

Malware Spyware Government Social Engineering 139

SecureList

AUGUST 24, 2022

In this process, the actor abused a legitimate blog service to host a malicious script with an encoded format. Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. Kimsuky’s GoldDragon cluster infection procedure.

Malware 119

Malware Phishing Antivirus Media 119