Security Affairs

APRIL 14, 2019

DNS hijacking campaigns target Gmail, Netflix, and PayPal users. Victims of Planetary Ransomware can decrypt their files for free. Experts spotted the iOS version of the Exodus surveillance app. Yoroi Welcomes Yomi: The Malware Hunter. [SI-LAB] Emsisoft released a free decryptor for CryptoPokemon ransomware.

Data breaches 55

Data breaches DNS Advertising Surveillance 55

Security Affairs

JULY 7, 2019

LooCipher: The New Infernal Ransomware. China installs a surveillance app on tourists phones while crossing in the Xinjiang. Sodin Ransomware includes exploit for Windows CVE-2018-8453 bug. Cryptomining Campaign involves Golang malware to target Linux servers. Cyber Defense Magazine – July 2019 has arrived.

Scams 47

Scams Spyware DNS Advertising 47

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware 143

Malware Government Surveillance Spyware 143

Security Affairs

JULY 21, 2019

NCSC report warns of DNS Hijacking Attacks. Emsisoft released a free decryptor for the Ims00rry ransomware. DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape. Israel surveillance firm NSO group can mine data from major social media. iOS URL Scheme expose users to App-in-the-Middle attack.

Small Business 54

Small Business Media Spyware DNS 54

Security Affairs

AUGUST 12, 2018

Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 42

Firmware DNS Advertising Surveillance 42

SecureList

MAY 31, 2021

Out of the 18,000 Orion IT customers affected by the malware, it seems that only a handful were of interest to the attackers. For example, before making the first internet connection to its C2s, the Sunburst malware lies dormant for up to two weeks, preventing easy detection of this behaviour in sandboxes.

Malware 101

Malware Adware Encryption Architecture 101

SecureList

APRIL 27, 2022

Disclaimer: when referring to APT groups as Russian-speaking, Chinese-speaking or other-“speaking” languages, we refer to various artefacts used by the groups (such as malware debugging strings, comments found in scripts, etc.) On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine.

Malware 135

Malware Firmware Government Phishing 135

SecureList

NOVEMBER 26, 2021

The PyInstaller module for Windows contains a script named “Guard” Interestingly, this malware was developed for both Windows and macOS operating systems. The malware tries to spread to other hosts on the network by infecting USB drives. After this, they were tricked into downloading previously unknown malware.

Malware 92

Malware Banking Energy and Utilities Accountability 92

Malwarebytes

MAY 9, 2023

Finally, we will reveal unknown scripts and malware run by the group in this report. Attackers made a great and long surveillance of this victim, which extended until Jan 2023. While that was happening, Red Stinger targeted and made surveillance to officers and individuals involved in those elections. лидерывозрождения[.]рф)

Surveillance 75

Surveillance Accountability DNS Encryption 75

Security Affairs

NOVEMBER 29, 2019

While 2017 was the year of WannaCry , NotPetya , and BadRabbit ransomware epidemics, 2018 revealed a lack of preparedness for side-channel attacks and threats related to microprocessor vulnerabilities. If they manage to compromise a telecommunications company, they can then also compromise its customers for surveillance or sabotage purposes.

Banking 83

Banking Telecommunications Marketing Internet 83