Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. ” concludes the report.

Malware 108

Malware Phishing Government Data collection 108

Security Affairs

DECEMBER 19, 2022

” The analysis of the changes between the versions of the malicious module revealed that threat actors modified it to improve the data collection algorithm and make it work on multiple platforms. The post Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware appeared first on Security Affairs.

Malware 109

Malware Data collection Software Hacking 109

The Hacker News

AUGUST 15, 2023

A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023.

Cybercrime 83

Cybercrime Data collection Malware Software 83

The Hacker News

NOVEMBER 13, 2022

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. What is noteworthy is data collection from victims' machines using

Data collection 83

Data collection Malware Cybersecurity 83

Security Affairs

SEPTEMBER 1, 2023

SapphireStealer is an open-source information stealer written in.NET, which is available in multiple public malware repositories since its public release in December 2022. SapphireStealer allows operators to gather system data (i.e. The malware is also able to siphon files stored with specific extensions and take screenshots.

Malware 106

Malware Data collection Architecture Hacking 106

Security Affairs

MAY 23, 2024

Additionally, experts collected evidence that they may have established persistence on web servers, such as Windows IIS and Apache httpd, likely using web shells or malicious modules. However, the exact persistence mechanisms remain unclear due to insufficient forensic data. ” concludes the report.

Malware 99

Malware Accountability Phishing Data collection 99

Security Affairs

AUGUST 11, 2023

Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. The malware was tracked as “SystemBC” based on the URI path shown in the advertisement’s panel screenshots. The malware is 8kb in size and was used as a system profiler and a simple SOCKS5-capable bot.

Malware 87

Malware Data collection Healthcare Cybercrime 87

SecureList

OCTOBER 18, 2023

In early September 2022, we discovered several new malware samples belonging to the MATA cluster. As we were collecting and analyzing the relevant telemetry data, we realized the campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry.

Malware 103

Malware Phishing Internet Internet 103

Security Affairs

MAY 27, 2020

The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks. This piece of malware includes improvements in the way it is operating. The Grandoreiro malware has been distributed via malscan campaigns around the globe during Q2 2020. Technical Analysis. 100:51224/$rdgate?

Malware 68

Malware Banking Advertising Data collection 68

Malwarebytes

JANUARY 25, 2024

An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram or LINE with the intent of dropping malware. Such programs gives an attacker full control of a victim’s machine and the ability to drop additional malware.

Malware 99

Malware Advertising Accountability Encryption 99

Security Affairs

OCTOBER 27, 2022

Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin payload-related alert in the last 30 days. In some cases, the attackers delivered the Truebot malware between the Raspberry Robin infection and the Cobalt Strike deployment.

Ransomware 97

Ransomware Malware Data collection Encryption 97

Security Boulevard

AUGUST 30, 2021

Shopping cart malware, known as Magecart, is once again making headlines while plying its criminality across numerous ecommerce sites. Magecart malware compromises shopping carts in such a way that credit card data collected by the cart is transmitted to cybercriminals, who in turn resell this information to other bad actors.

eCommerce 52

eCommerce Data collection Malware Network Security 52

CyberSecurity Insiders

NOVEMBER 16, 2021

Bugcrowd’s Inside the Mind of a Hacker report compiled from the data collected in between May 1st, 2020 to August 31st, 2021 states that security vulnerabilities have increased since the start of COVID-19 pandemic, as most companies opted for work from home operations.

Data collection 135

Data collection Scams Hacking Malware 135

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. that are easier for computers to manage. .”

DNS 273

DNS Internet Internet Phishing 273

Security Boulevard

FEBRUARY 7, 2023

A report published by Splunk that analyzed three years of data showed a marked increase in the number of cyberattacks that employ four specific types of techniques. Based on analysis of data collected from 2020 to 2022, the report found a steady increase in the number of cyberattacks using a command and scripting interpreter, such.

Data collection 91

Data collection Malware Cybersecurity 91

Malwarebytes

MAY 22, 2024

On Monday, the computing giant unveiled a new line of PCs that integrate Artificial Intelligence (AI) technology to promise faster speeds, enhanced productivity, and a powerful data collection and search tool that screenshots a device’s activity—including password entry—every few seconds.

Artificial Intelligence 93

Artificial Intelligence Passwords Accountability Media 93

Security Affairs

FEBRUARY 20, 2023

The malware was developed by a threat actor that uses the moniker Plymouth who claims the info-stealer supports a wide set of stealing capabilities. SEKOIA identified more than 40 Stealc C2 servers, a circumstance that confirms the increasing popularity of the malware among cybercriminals distributing stealers.

Malware 85

Malware Cryptocurrency Advertising Data collection 85

Malwarebytes

SEPTEMBER 29, 2022

There’s a new slice of malware-as-a-service doing the rounds, although its actual newness is somewhat contested. Nevertheless, it is now happily causing chaos for victims as it looks to steal a sizeable portion of data from infected machines. Specifically: Malware stored on free file hosting, posing as cheats or cracks.

Cryptocurrency 71

Cryptocurrency Malware Password Management Data collection 71

Malwarebytes

FEBRUARY 13, 2024

The publications described the bug as “extremely easy to exploit, and grants unfettered remote access to all of the data collected from a victim’s Android device.” If malware is detected you can act on it in the following ways: Uninstall. Legitimate files are sometimes detected as malware. Ignore Always.

Spyware 122

Spyware Data collection Malware Hacking 122

SecureWorld News

JUNE 21, 2023

Info stealers are a type of malware that specializes in collecting various credentials and personal information from infected computers. This includes data from browsers, such as saved credentials, browsing history, and cookies, as well as information from instant messengers and emails.

Accountability 123

Accountability Data collection Cyber threats Cybersecurity 123

Security Affairs

MARCH 17, 2021

. “While the initial vector for the infection is not entirely clear, the McAfee ATR team believes with a medium level of confidence that victims were lured to a domain under control of the threat actor, from which they were infected with malware which the threat actor leveraged to perform additional discovery and data collection.”

Malware 99

Malware Data collection Technology Phishing 99

CyberSecurity Insiders

MARCH 23, 2023

The malware evolved since its previous variant and now arrives with new capabilities. The malware can hijack crypto wallets copied to clipboard. Background BlackGuard stealer is malware as a service sold in underground forums and Telegram since 2021 , when a Russian user posted information about a new malware called BlackGuard.

Malware 121

Malware Cryptocurrency Passwords Media 121

Security Affairs

OCTOBER 4, 2023

The data collected paints a vivid picture, revealing 1,736 ransomware claims, with 53 incidents specifically targeting Italy. Geographical data and affected sectors provide crucial insights into emerging trends and threats. Wrapping up: The second quarter of 2023 reflects a concerning surge in ransomware attacks globally.

Ransomware 109

Ransomware Data collection Cyber threats Hacking 109

Security Affairs

JANUARY 17, 2021

It is time to re-evaluate Cyber-defence solutions New Zealand central bank hit by a cyber attack TeamTNT botnet now steals Docker API and AWS credentials Connecting the dots between SolarWinds and Russia-linked Turla APT Experts found gained access to the Git Repositories of the United Nations Russian hacker Andrei Tyurin sentenced to 12 years in prison (..)

Banking 80

Banking Data collection Malware Data breaches 80

Security Boulevard

APRIL 18, 2023

Summary In recent years, malware attacks have become increasingly sophisticated, and attackers are always finding new ways to exploit vulnerabilities and steal sensitive data. We'll explore the techniques used by this malware, as well as the tactics employed by cybercriminals to entice users into downloading malicious payloads.

Malware 97

Malware Data collection Cyber threats Encryption 97

eSecurity Planet

NOVEMBER 29, 2022

In a recent study of 1,237 Chrome extensions with a minimum of 1,000 downloads, Incogni researchers found that nearly half ask for permissions that could potentially expose personally identifiable information (PII), distribute adware and malware , or even log everything users do online, including accessing passwords and financial data.

Risk 112

Risk Adware Data collection Passwords 112

Security Affairs

APRIL 15, 2023

A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. ” The library can load web pages without user awareness, this means that the malware can load ads for financial profit.

Data collection 95

Data collection Mobile Malware Education 95

Security Affairs

OCTOBER 17, 2023

Authentication data collected by POEMGATE can be used for lateral movement and other malicious activities on the compromised networks. The malware maintains persistence through Cron jobs. Poseidon is a Linux backdoor that supports a full range of remote computer control tools.

Telecommunications 108

Telecommunications Authentication Data collection Passwords 108

SecureList

OCTOBER 25, 2023

Introduction It’s just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. This malware employed a custom EternalBlue SMBv1 exploit to infiltrate its victims’ systems.

Malware 112

Malware DNS Encryption Cryptocurrency 112

Security Affairs

JANUARY 10, 2023

The group used zero-day exploits, social engineering tricks, and Trojanized software installers to deliver malware to their victims. The StrongPity modular backdoor employed in this campaign supports multiple spying features, including recording phone calls, collecting SMS messages, lists of call logs, contact lists, and much more. .

Mobile 87

Mobile Social Engineering Malware Data collection 87

Security Affairs

NOVEMBER 24, 2020

The code found in both apps allowed to gather device data, including model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps.

Data collection 109

Data collection Mobile Spyware Surveillance 109

Malwarebytes

JUNE 26, 2023

This article is based on research by Jérôme Segura , Senior Director of Threat Intelligence at Malwarebytes, who oversees data collection from spam feeds and telemetry to identify the most relevant threats. But even these are only the ones reported by security researchers—in reality the number is much higher.

Ransomware 71

Ransomware Data collection Malware Software 71

SecureList

AUGUST 8, 2022

The vulnerability enables an attacker to execute arbitrary code (in the attacks analyzed, the main module of the PortDoor malware) without any additional user activity. An earlier series of attacks in which the PortDoor malware was also used was described by Cybereason experts. Additional malware. Data theft.

Malware 90

Malware Phishing Passwords Data collection 90

Security Affairs

MAY 23, 2020

Experts found multiple variants in the wild, many of them belonging to the Terdot Zbot/Zloader malware family. Data collected by the malware are then transferred to the operator’s command-and-control (C2) server. The malware is able to infect all operating systems.

Banking 137

Banking Advertising Malware Cybercrime 137

Security Affairs

NOVEMBER 15, 2022

Avast experts were able to capture several PNG files embedding a data-stealing payload. They pointed out that data collection from victims’ machines using DropBox repository, and attackers use DropBox API for communication with the final stage. tracked as CLRLoader, which loads the next-state payload PNGLoader.

Data collection 88

Data collection Malware Accountability Hacking 88

The Last Watchdog

MAY 11, 2021

The payload malware: Sunburst, a heavily-obfuscated backdoor. People tend to focus on the Sunburst malware , the actual backdoor that ended up in the affected update package,” Pericin told me. Out of this comes whitelists and blacklists on which malware filters are based. Granular scrutiny.

Software 202

Software Hacking Malware Engineering 202

Security Affairs

FEBRUARY 13, 2024

The data collected unearthed a total of 1771 ransomware claims, with 55 recorded incidents in Italy. Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities.

Ransomware 107

Ransomware Data collection Hacking Cybersecurity 107