Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified.US domains registered daily.US Department of Commerce.

Phishing 269

Phishing Telecommunications Malware Scams 269

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. According to the DNS data analysis, this name was used to register at least two domains, which were created using the email from the phishing kit.

Cybercrime 96

Cybercrime Phishing Banking Telecommunications 96

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. In an “official press release” posted to pastebin.com on Mar.

Advertising 220

Advertising Malware Marketing Software 220

SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Leaving the mystery of the delivery method aside for now, let’s look at the capabilities of the malware itself.

Malware 113

Malware Encryption Social Engineering Telecommunications 113

Security Affairs

NOVEMBER 29, 2019

The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. The most common objective of such attacks is cyberespionage and disruption of major telecommunications companies’ work. The telecommunications sector: Are providers ready for 5G?

Banking 86

Banking Telecommunications Marketing Internet 86

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware 138

Malware Spyware Government Social Engineering 138

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In October, telecommunications firm Telenor Norway was another to fall victim. Extortionists’ activity regularly made the news throughout 2020.

DDOS 129

DDOS Cryptocurrency Marketing Internet 129