Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords.

Internet 89

Internet Internet Passwords Malware 89

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. Security researchers at Palo Alto Networks have discovered a new piece of malware, dubbed XBash piece that is targeting both Linux and Microsoft Windows servers.

Cryptocurrency 89

Cryptocurrency Malware Ransomware Cybercrime 89

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Client-side attacks on the wane.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Boulevard

AUGUST 4, 2022

Exploit Tools and Targets: Malicious Use of Internet Information Services (IIS) Extension. Microsoft published a report on July 26th alerting defenders to the malicious use of Internet Information Services (IIS) extensions. based hospitals. 2 , 3 ) In late July, the U.S. 5 ) More recently, the U.S.

Internet 59

Internet Internet Cryptocurrency Cybercrime 59

Security Affairs

FEBRUARY 19, 2024

The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Identity Theft 92

Identity Theft Cryptocurrency Cybercrime Hacking 92

Security Affairs

MARCH 15, 2023

CrowdStrike researchers discovered the first-ever cryptocurrency mining campaign aimed at Dero mining since February 2023. It claims to offer improved privacy, anonymity and higher monetary rewards compared to other cryptocurrencies. The attack chain commences with the attacker finding an Internet-facing vulnerable Kubernetes cluster.

Cryptocurrency 70

Cryptocurrency Internet Internet Hacking 70

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. ” reads the analysis published by AquaSec. Pierluigi Paganini.

Malware 142

Malware DDOS Architecture Cryptocurrency 142

Security Affairs

JANUARY 9, 2023

The crypto-miner Kinsing was first spotted by security firm Aqua Security in April 2020, at the time the experts spotted threat actors scanning the Internet for Docker servers running API ports exposed without a password. The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency.

Malware 91

Malware Authentication Cryptocurrency Internet 91

Krebs on Security

MAY 4, 2023

government this week put a $10 million bounty on the head of a Russian man who for the past 18 years operated Try2Check , one of the cybercrime underground’s most trusted services for checking the validity of stolen credit card data. That Bankir account was registered from the Internet address 193.27.237.66 In 2017, U.S.

Marketing 235

Marketing Cybercrime Accountability Cryptocurrency 235

Security Affairs

MAY 3, 2024

“Apart from the EdgeRouter devices, we also found compromised Raspberry Pi and other internet-facing devices in the botnet. . “We attribute the NTLMv2 hash relay attacks and the proxying of credential phishing to Pawn Storm, while the pharmaceutical spam looks to be related to the infamous Canadian Pharmacy gang.”

Phishing 95

Phishing Cryptocurrency Internet Internet 95

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 106

VPN Cybercrime Ransomware Hacking 106

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. The messages said recipients had earned an investment credit at a cryptocurrency trading platform called moonxtrade[.]com. “Consider salaries in Russia,” Quotpw said.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. “web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers.

Hacking 352

Hacking Cybercrime DNS Antivirus 352

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022. of attacks.

Phishing 80

Phishing Banking Mobile Scams 80

Security Affairs

APRIL 28, 2023

to disrupt the operations of the CryptBot malware, which experts estimate infected approximately 670,000 computers this past year. Google targeted the distributors of the malware who are paid to spread and deliver the malicious code and infect a larger number of systems as possible. ” reads the announcement published by Google.

Malware 92

Malware Cybercrime Cryptocurrency Media 92

Security Affairs

DECEMBER 20, 2023

The Federal Criminal Police Office in Germany (BKA) and the internet-crime combating unit of Frankfurt (ZIT), along with law enforcement agencies from multiple countries (United States, Switzerland, Moldova, and Ukraine), conducted an operation that resulted in the seizure of the dark web marketplace Kingdom Market.

Marketing 105

Marketing Cryptocurrency Accountability Banking 105

Malwarebytes

SEPTEMBER 19, 2023

Since then, cybercrime group specialists from the North Rhine-Westphalia State Criminal Police Office (LKA NRW), together with the Cybercrime Central and Contact Point (ZAC NRW), carried out another targeted strike against people associated with the criminal network. How to avoid ransomware Block common forms of entry.

Ransomware 117

Ransomware Backups Cryptocurrency Cybercrime 117

Security Affairs

JULY 2, 2023

WordPress sites using the Ultimate Member plugin are under attack LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC Avast released a free decryptor for the Windows version of the Akira ransomware Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor miniOrange’s WordPress Social Login and Register plugin (..)

Cybercrime 85

Cybercrime Hacking Ransomware Malware 85

Krebs on Security

JULY 29, 2022

re is was one of the original “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for his/her Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. “None of those are good replacements for LuxSocks or 911.

Cybercrime 261

Cybercrime Software VPN Backups 261

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular. Cracking down hard on the cybercrime world.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

Krebs on Security

DECEMBER 5, 2022

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba , one of the Internet’s largest and oldest botnets. ” A report from the Polish computer emergency response team (CERT Orange Polksa) found Glupteba was the biggest malware threat in 2021.

Cybercrime 234

Cybercrime Malware Internet Internet 234

Security Affairs

OCTOBER 26, 2022

The man is currently being held in the Netherlands, he was charged for his alleged role the international cybercrime operation known as Raccoon Infostealer. The Raccoon stealer was first spotted in April 2019, it was designed to steal victims’ credit card data, email credentials, cryptocurrency wallets, and other sensitive data.

Identity Theft 81

Identity Theft Cryptocurrency Cyber threats Cybercrime 81

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain. What should we learn from this?

Malware 97

Malware Computers and Electronics Encryption Ransomware 97

Security Affairs

AUGUST 28, 2020

A new variant of the infamous Lemon_Duck cryptomining malware has been updated to targets Linux devices. Security researchers from Sophos have spotted a new variant of the Lemon_Duck cryptomining malware that has been updated to compromise Linux machines via SSH brute force attacks. ” reads the post published by Sophos.

Malware 138

Malware Authentication Passwords Internet 138

Security Affairs

NOVEMBER 9, 2021

Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, perform container-to-host escape using well-known techniques, and scan the Internet for exposed ports from other compromised containers. The attack chain starts with the creation of a container on a vulnerable host using an exposed Docker REST API.

Cryptocurrency 99

Cryptocurrency Malware Cybercrime Architecture 99

Krebs on Security

NOVEMBER 26, 2018

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “[link].

Phishing 276

Phishing Scams Cryptocurrency Internet 276

CyberSecurity Insiders

FEBRUARY 8, 2021

Later security firm ENKI said that Lazarus could have carried out the latest file encrypting malware attack by exploiting a zero day vulnerability in Internet Explorer browser of Windows operating system. And all the expenses are borne by the Kim Jung UN led nation who steals cryptocurrency to fund its nuclear programs.

Ransomware 134

Ransomware Social Engineering Cryptocurrency Cybercrime 134

Security Affairs

DECEMBER 11, 2022

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Samsung S22 hacked Sophos fixed a critical flaw in its Sophos Firewall version 19.5

Firewall 91

Firewall Banking DDOS Hacking 91

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT 89

IoT DDOS Architecture Internet 89

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. Thus, 60% of the total amount was stolen from Coincheck , a Japanese cryptocurrency exchange.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence 90

Artificial Intelligence Data breaches Scams Insurance 90

Security Affairs

MAY 26, 2021

. “Most of the compromised nodes were from China and the US identified in the ISP (Internet Service Provider) list, which had Chinese and US-based providers as the highest hits, including some CSPs (Cloud Service Providers).” The malware deploys the XMRig mining tool to mine Monero cryptocurrency. Pierluigi Paganini.

Cryptocurrency 131

Cryptocurrency Malware Internet Internet 131

Security Affairs

JANUARY 9, 2020

An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia. Interpol announced that it has coordinated a successful international operation aimed at removing cryptocurrency miners that infected routers located in Southeast Asia. ” reported Trend Micro. .

Cryptocurrency 63

Cryptocurrency Cybercrime Internet Internet 63

Security Affairs

FEBRUARY 16, 2023

Talos researchers observed a financially motivated threat actor using a new ransomware dubbed MortalKombat and a clipper malware named Laplas. The threat actor is scanning the internet for systems with an exposed remote desktop protocol (RDP) port 3389. Most of the victims are located in the U.S., net] Payment Timed Out.””

Ransomware 80

Ransomware Cryptocurrency Malware Small Business 80

The Last Watchdog

SEPTEMBER 7, 2022

The internet has drawn comparisons to the Wild West, making ransomware the digital incarnation of a hold-up. They could be on the other side of the globe, part of a cybercrime regime that will never be discovered, much less brought to justice. Prevalence. million in adjusted losses.

Ransomware 124

Ransomware Education Financial Services Phishing 124

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. For instance, malicious spam campaigns targeting organizations grew 10-fold in April 2022, spreading Qbot and Emotet malware.

Banking 71

Banking Phishing Cryptocurrency Mobile 71

Security Affairs

JANUARY 31, 2021

The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target Apache ActiveMQ, Oracle WebLogic, and Redis installs. The cybercrime group Rocke is using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable Apache ActiveMQ, Oracle WebLogic, and Redis intalls.

Malware 83

Malware Cryptocurrency Firewall Cybercrime 83