Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 98

Artificial Intelligence Firmware Data breaches Hacking 98

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 86

Malware Banking Healthcare Penetration Testing 86

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 CVE-2020-9054 Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 A2pvI042j1.d26m

IoT 119

IoT Firmware Malware Wireless 119

eSecurity Planet

OCTOBER 21, 2022

Anyone who has used a computer for any significant length of time has probably at least heard of malware. Malware has been present in the digital space since the 1980s, with early prank malware like the Morris Worm or the (c)Brain. However, malware is not quite as amusing in a modern context. How Does Malware Work?

Malware 75

Malware Adware Spyware Antivirus 75

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 79

Data breaches Cybercrime Firewall Artificial Intelligence 79

Security Affairs

NOVEMBER 1, 2021

The ATM black box attacks are quite popular in the cybercrime underground and several threat actors offer the hardware equipment and malware that could be used to compromise the ATMs. The two vulnerabilities, tracked as CVE-2018-9099 and CVE-2018-9100 , resides in the firmware of the CMD-V5 dispenser and RM3/CRS dispenser respectively.

Hacking 112

Hacking Firmware Encryption Manufacturing 112

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Their objective is to leverage this vulnerability to deploy and install malware on the affected systems. “Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60

Firewall 91

Firewall Firmware VPN DDOS 91

Security Affairs

JULY 18, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”. The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. reads the alert published by the company.

Ransomware 113

Ransomware Firmware Mobile InfoSec 113

Security Affairs

JULY 15, 2022

Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos researchers discovered a campaign targeting industrial engineers and operators with Sality malware. “Dragos only tested the DirectLogic-targeting malware.

Passwords 110

Passwords Software Firmware Malware 110

Security Affairs

DECEMBER 8, 2021

The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable. ” reads the analysis published by Fortinet.

Firmware 119

Firmware DDOS Malware IoT 119

Security Affairs

OCTOBER 15, 2023

FBI and CISA published a new advisory on AvosLocker ransomware More than 17,000 WordPress websites infected with the Balada Injector in September Ransomlooker, a new tool to track and analyze ransomware groups’ activities Apple releases iOS 16 update to fix CVE-2023-42824 on older devices Phishing, the campaigns that are targeting Italy A new (..)

DDOS 94

DDOS Data breaches Cybercrime Ransomware 94

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. The attackers’ research vector is now shifting from software vulnerabilities to those located at the hardware and firmware level. Pierluigi Paganini.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. 231 banking malware.

Mobile 86

Mobile Advertising Malware Cybercrime 86

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 87

Data breaches Cybercrime Ransomware Passwords 87

CyberSecurity Insiders

DECEMBER 6, 2022

Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. The return of malware strains like Emotet, Conti and Trickbot indicates an expansion of cybercrime for hire. To combat cybercrime, organizations keep investing into IT security.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Firmware 116

Krebs on Security

SEPTEMBER 10, 2021

Qrator says Meris has launched even bigger attacks since: A titanic and ongoing DDoS that hit Russian Internet search giant Yandex last week is estimated to have been launched by roughly 250,000 malware-infected devices globally, sending 21.8 “The largest share belongs to the version of firmware previous to the current stable one.”

IoT 300

IoT DDOS Internet Internet 300

Security Affairs

APRIL 25, 2022

The BlackCat/ALPHV a Ransomware was first discovered in December by malware researchers from Recorded Future and MalwareHunterTeam. The malware is the first professional ransomware strain that was written in the Rust programming language. Install and regularly update antivirus and anti-malware software on all hosts.

Ransomware 102

Ransomware Antivirus Passwords Malware 102

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine. Targeted attacks.

Phishing 110

Phishing Spyware Firmware Malware 110

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 85

DDOS Firmware Surveillance IoT 85

SecureList

JULY 28, 2022

On January 24, a hash for sophisticated Solaris SPARC malware was posted on Twitter. In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). The most remarkable findings.

Malware 136

Malware Firmware Phishing Cryptocurrency 136

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 75

Firmware Hacking Cybercrime Information Security 75

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. Just yesterday, only two days after the publication, our home security solution, Secure Home , detected attempts to exploit these vulnerabilities to spread a variant of a Mirai malware.” ” reported IoT Inspector.

IoT 120

IoT Firmware Internet Internet 120

SecureWorld News

JUNE 13, 2023

The new Beep malware is top of mind for organizations and individuals. We are continuing to observe an unyielding surge in the volume of cyberthreats, including advanced malware, botnets, ransomware, cryptojacking, and more," said Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start, in a press release.

Cyber threats 70

Cyber threats Malware Phishing Penetration Testing 70

Security Affairs

JULY 31, 2022

increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S. and Blackmatter ransomware U.S. and Blackmatter ransomware U.S.

Firmware 71

Firmware Surveillance Malware DDOS 71

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 253

Scams DDOS Cryptocurrency Accountability 253

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 88

Data breaches DDOS Artificial Intelligence Ransomware 88

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. Implementing HIPAA security measures can prevent the introduction of malware on the system.

Ransomware 68

Ransomware VPN Cybercrime Accountability 68

Security Affairs

DECEMBER 22, 2022

Zerobot operators are offering the botnet as a malware-as-a-service model, one domain (zerostresser[.]com) the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 113

IoT DDOS Malware Firmware 113

SecureWorld News

APRIL 7, 2022

The DOJ discusses the operation in a recent statement: "The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet. s National Cyber Security Centre (NCSC), the U.S. WatchGuard) and ASUSTek Computer Inc.

Malware 85

Malware Firmware Manufacturing Firewall 85

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” states the vendor.

Ransomware 88

Ransomware Firmware Encryption Engineering 88

SecureList

APRIL 27, 2022

Disclaimer: when referring to APT groups as Russian-speaking, Chinese-speaking or other-“speaking” languages, we refer to various artefacts used by the groups (such as malware debugging strings, comments found in scripts, etc.) On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine.

Malware 135

Malware Firmware Government Phishing 135

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. ” concludes the expert.

Scams 67

Scams Firmware Advertising Software 67

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. What people will eventually come to realize, the sooner the better, is that we will need to flatten the X factor represented by cybercrime. Sadly, coronavirus phishing and ransomware hacks already are in high gear. Always remember.

Social Engineering 174

Social Engineering Cyber Attacks Scams Engineering 174

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Organizations using Netgear, Huawei, and ZTE network devices are recommended to keep their firmware up to date and use strong passwords. Follow me on Twitter: @securityaffairs and Facebook.

IoT 102

IoT DNS Manufacturing Firmware 102

Security Affairs

NOVEMBER 20, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Banking 65

Banking Small Business Data breaches Firmware 65

Security Affairs

SEPTEMBER 2, 2021

“we disclose BrakTooth, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.” ” reads the post published by the researchers. ” continue the researchers.

Firmware 87

Firmware Manufacturing IoT Technology 87

Security Affairs

DECEMBER 13, 2019

Visa Payment Fraud Disruption (PFD) reported that at least three attacks took place this summer, crooks aimed at infecting the PoS systems with malware to scrape payment card data. “The malware used in the [second] attack also created a temporary output file, wmsetup.tmp , which was used to house the scraped payment data.

Cyber Attacks 63

Cyber Attacks Malware Cybercrime Advertising 63