Cybercrime, Information Security, Malware and System Administration

Cybercrime

Information Security

Malware

System Administration

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Security Affairs

OCTOBER 22, 2021

FIN7 is a Russian criminal group that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces. SecurityAffairs – hacking, cyber security). ” concludes the report.

Cybercrime

Cybercrime Ransomware Cybersecurity Backups

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

Security Affairs

DECEMBER 30, 2021

The module has full access to all the firmware, hardware, software, and operating system installed on the server. . The attacks were spotted by Iranian cybersecurity firm Amnpardaz, this is the first time ever that malware targets iLO firmware. ” reads the report published by the expers. ” continues the report.

Firmware

Firmware Malware System Administration Technology

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

OCTOBER 13, 2023

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. AvosLocker affiliates use legitimate software and open-source remote system administration tools to compromise the victims’ networks.

Ransomware

Ransomware System Administration Antivirus Malware

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7 , aka Carbanak. Between 2014 and 2016 the group used a new custom malware dubbed Carbanak that is considered a newer version of Anunak.

System Administration

System Administration Penetration Testing Malware Banking

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

Advertising

Advertising Cybercrime System Administration Hacking

StealthWorker botnet targets Synology NAS devices to drop ransomware

Security Affairs

AUGUST 9, 2021

. “Synology PSIRT (Product Security Incident Response Team) has recently seen and received reports on an increase in brute-force attacks against Synology devices. Synology’s security researchers believe the botnet is primarily driven by a malware family called “StealthWorker.” Pierluigi Paganini.

Ransomware

Ransomware System Administration Malware Authentication

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). “This CAKETAP variant targeted specific messages destined for the Payment Hardware Security Module (HSM).”

Banking

Banking Telecommunications System Administration Hacking

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Security Affairs

MAY 2, 2021

A new cryptocurrency stealer dubbed WeSteal is available on the cybercrime underground, unlike other commodity cryptocurrency stealers, its author doesn’t masquerade its purpose and promises “the leading way to make money in 2021.”. There is the name of the malware itself. ” reads the post published by Palo Alto Networks.

Cryptocurrency

Cryptocurrency Malware Advertising System Administration

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The United States Department of Justice sentenced two individuals that were providing bulletproof hosting to various malware operations. The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015.

System Administration

System Administration Malware Accountability Marketing

US authorities charged Dridex gang members for stealing over $100 Million

Security Affairs

DECEMBER 7, 2019

US DoJ charged two Russian citizens for deploying the Dridex malware and for their involvement in international bank fraud and computer hacking schemes. The Bugat malware a multifunction malware package designed to automate the theft of confidential personal and financial information. Attorney Brady.

Banking

Banking Malware Cybercrime Accountability

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

Security Affairs

APRIL 26, 2021

European law enforcement has conducted an operation aimed at performing a mass-sanitization of computers infected with the infamous Emotet Windows malware. European law enforcement agencies automatically wiped the infamous Emotet malware from infected systems across the world as part of a mass sanitization operation.

Malware

Malware Banking System Administration Hacking

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

Security Affairs

MAY 21, 2023

Unfortunately, as system administrators seek ways to control access to these platforms, users may seek out alternative ways to gain access.” However, this recent campaign shows malicious ads can still slip by moderators and deliver victims malware.” In this case, the visitors were downloading Midjourney-x64.msix,

System Administration

System Administration Advertising Malware Hacking

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

At the time, BleepingComputer reported that the City’s court system canceled all jury trials and jury duty for several days starting from May 2nd. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems.

Ransomware

Ransomware Surveillance Healthcare Accountability

LockBit ransomware group claims to have hacked Bridgestone Americas

Security Affairs

MARCH 13, 2022

“Bridgestone Americas are currently investigating a potential information security incident. All we do is provide paid training to system administrators around the world on how to properly set up a corporate network. We are only interested in money for our harmless and useful work.

Hacking

Hacking Ransomware Manufacturing Cyber Attacks

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

MARCH 14, 2023

The tool is basically a search engine for local and network shared files inside a Windows environment: unlike the default Windows search, it is designed to locate files and folders by filename instantly, speeding up system information discovery. Its name is YDArk and it is an open-source tool available even on GitHub ( link ).

Ransomware

Ransomware Software System Administration Encryption

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Security Affairs

OCTOBER 3, 2023

Our investigation revealed that this remote endpoint is associated with criminal activities dating back to 2019, indicating that these hosts were likely under the control of the same technical administration. This hostname connection is particularly heterogeneous, but it technically makes sense.

Scams

Scams Ransomware System Administration Malware

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers’ perspective.

Malware

Malware Social Engineering Encryption Marketing

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Eva Galperi n | @evacide.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Cyber Security Informer

Who and What is Behind the Malware Proxy Service SocksEscort?

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Webinars

Trending Sources

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

Webinars

FBI and CISA published a new advisory on AvosLocker ransomware

A member of the FIN7 group was sentenced to 10 years in prison

Meet the Administrators of the RSOCKS Proxy Botnet

StealthWorker botnet targets Synology NAS devices to drop ransomware

Caketap, a new Unix rootkit used to siphon ATM banking data

WeSteal, a shameless commodity cryptocurrency stealer available for sale

Administrators of bulletproof hosting sentenced to prison in the US

US authorities charged Dridex gang members for stealing over $100 Million

Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet

BatLoader campaign impersonates ChatGPT and Midjourney to deliver Redline Stealer

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

LockBit ransomware group claims to have hacked Bridgestone Americas

Dissecting the malicious arsenal of the Makop ransomware gang

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Updates from the MaaS: new threats delivered through NullMixer

Top Cybersecurity Accounts to Follow on Twitter

Stay Connected