SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. onion:1111.

Malware 112

Malware DNS Encryption Cryptocurrency 112

eSecurity Planet

MAY 28, 2021

Preceding the conference, the United States experienced its biggest cyberattack on critical infrastructure to date with ransomware hitting Colonial Pipeline. Ransomware: Encryption, Exfiltration, and Extortion. Ransomware perpetrators of the past presented a problem of availability through encryption. Old way New way.

Software 116

Software Firmware DNS VPN 116

Security Affairs

FEBRUARY 21, 2021

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Firmware 67

Firmware DNS Data breaches Antivirus 67

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). Targeted attacks. Since 2018, we have been tracking Roaming Mantis – a threat actor that targets Android devices.

Phishing 108

Phishing Spyware Firmware Malware 108

eSecurity Planet

APRIL 18, 2022

Antivirus and EDR tools, SIEM systems (security information and event management), security vendors, software, hardware, firmware, and operating systems. Public WHOIS data such as DNS name servers, IP blocks, and contact information. Domain names, subdomains, CDN, mail servers, and other hosts. Financial data and intellectual property.

Penetration Testing 144

Penetration Testing Firmware DNS Antivirus 144

SecureList

SEPTEMBER 21, 2023

Ransomware Unlike DDoS malicious programs, ransomware largely targets IoT devices that contain user data: NAS boxes. DeadBolt, which affected thousands of QNAP NAS devices in 2022, is a prominent example of IoT ransomware. DNS changer Malicious actors may use IoT devices to target users who connect to them.

IoT 91

IoT DDOS Passwords Malware 91

Security Affairs

AUGUST 12, 2018

. · Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges. · HP releases firmware updates for two critical RCE flaws in Inkjet Printers. · TSMC Chip Maker confirms its facilities were infected with WannaCry ransomware. · GitHub started warning users when adopting compromised credentials. · (..)

Firmware 42

Firmware DNS Advertising Surveillance 42

eSecurity Planet

MARCH 16, 2023

DNS attacks : DNS cache poisoning, or hijacking, redirects a legitimate site’s DNS address and takes users to a malicious site when they attempt to navigate to that webpage. It’s critical for network administrators to patch firmware vulnerabilities immediately after learning of them.

Network Security 107

Network Security Firewall Internet Internet 107

eSecurity Planet

FEBRUARY 16, 2021

Ransomware. Unlike ransomware, it might be a criminal operation that does not involve the collection of a ransom. Email is also usually how ransomware works. Ransomware. In recent years, ransomware has quickly become one of the most prevalent types of malware. How to Defend Against Ransomware. RAM scraper.

Malware 104

Malware Adware Spyware Antivirus 104

SecureList

APRIL 27, 2022

The following day, Avast Threat Research announced the discovery of new Golang ransomware in Ukraine , which they dubbed HermeticRansom. Due to its unsophisticated style and poor implementation, this new ransomware was probably only a smokescreen for the HermeticWiper attack, due to its non-sophisticated style and poor implementation.

Malware 134

Malware Firmware Government Phishing 134

eSecurity Planet

MAY 19, 2022

Designed for zero trust and SASE security frameworks Identity-based intrusion detection and prevention ( IDPS ) and access control Automated integrations with leading cloud-hosted security vendors Integrated threat defense for DDoS , phishing , and ransomware attacks Insights into client devices with AI-based discovery and profiling techniques.

Firewall 117

Firewall Architecture Encryption Network Security 117

SecureList

NOVEMBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 91

Malware Banking Energy and Utilities Accountability 91

eSecurity Planet

MARCH 22, 2023

Two-Factor Authentication (2FA) : In today’s ransomware-riddled environment, two-factor authentication should also be considered a minimum requirement for all forms of remote access. Similarly, spoofed domain name system (DNS) and IP addresses can redirect users from legitimate connections to dangerous and malicious websites.

Firewall 107

Firewall Network Security Penetration Testing Encryption 107

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 142

Malware Government Surveillance Spyware 142