Security Affairs

NOVEMBER 2, 2022

Four malicious Android apps uploaded by the same developer to Google Play totaled at least one million downloads. The apps are infected with the Android/Trojan.HiddenAds.BTGTHB malware, the apps totaled at least one million downloads. 50,000+ downloads Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices).

Adware 104

Adware Phishing Mobile Malware 104

Security Affairs

APRIL 15, 2023

The apps totaled more than 100 million downloads in the ONE store and Google Play stores in South Korea. The security firm reported its findings to Google, which notified the development teams. The third-party library can perform ad fraud by clicking advertisements in the background without the user’s consent.

Data collection 94

Data collection Mobile Malware Education 94

Security Affairs

DECEMBER 8, 2022

Web Explorer – Fast Internet is a browsing app with over five million downloads on the Google Play store. The post <strong>Android app with over 5m downloads leaked user browsing history</strong> appeared first on Security Affairs. out of five stars, across more than 58,000 reviews. De-anonymize users.

Internet 111

Internet Internet Mobile Authentication 111

Security Affairs

APRIL 17, 2022

GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. Threat actors abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including npm.

Hacking 105

Hacking Accountability Cybersecurity Authentication 105

Security Affairs

MAY 5, 2023

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022. Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is hidden in photo editing apps, smartphone wallpaper packs, and other general-purpose apps.

Malware 78

Malware Mobile Antivirus Hacking 78

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. Pierluigi Paganini.

Malware 133

Malware Cryptocurrency Accountability Software 133

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. Upon executing the module, the malware-laced SDK connects to the C2 sending back a large amount of system information about the infected device. The full list of apps is available here.

Spyware 86

Spyware Advertising Malware Marketing 86

Security Affairs

NOVEMBER 21, 2019

ESET researchers discovered a new downloader, dubbed DePriMon, that used new “Port Monitor” methods in attacks in the wild. . The new DePriMon downloader was used by the Lambert APT group, aka Longhorn, to deploy malware. The registered DLL will be loaded at system startup by the spoolsv.exe with SYSTEM privileges.

Malware 103

Malware Telecommunications Advertising Encryption 103

Security Affairs

MARCH 30, 2021

Palo Alto Network researcher Aviv Sasson discovered 30 malicious Docker images, which were downloaded 20 million times, that were involved in cryptojacking operations. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. ” reads a post published by Palo Alto Network. Pierluigi Paganini.

Cryptocurrency 101

Cryptocurrency Accountability Architecture Software 101

Security Affairs

SEPTEMBER 29, 2019

Researchers at Proofpoint have spotted a piece of downloader , dubbed WhiteShadow, that leverages Microsoft SQL queries to pull and deliver malicious payloads. . In August, malware researchers at Proofpoint spotted a new downloader which is being used to deliver a variety of malware via Microsoft SQL queries. Pierluigi Paganini.

Malware 82

Malware Advertising Phishing Information Security 82

The Hacker News

OCTOBER 24, 2022

Virtual Chief Information Security Officer (vCISO) services (also known as 'Fractional CISO' or 'CISO-as-a-Service') are growing in popularity, especially as growing cyber threats, tightening regulatory demands and strict cyber insurance requirements are driving small to medium-sized enterprises demand for strategic cybersecurity and compliance guidance (..)

CISO 87

CISO Cyber Insurance Insurance Cyber threats 87

Security Affairs

JULY 14, 2020

Adobe has addressed over a dozen flaws in its Creative Cloud, Media Encoder, Genuine Service, ColdFusion and Download Manager products. Adobe has addressed over a dozen vulnerabilities in its Creative Cloud, Media Encoder, Genuine Service, ColdFusion, and Download Manager products. ” reads the post published by Adobe.

Media 67

Media Advertising Hacking Information Security 67

Security Boulevard

FEBRUARY 6, 2022

The post Security BSides Dublin 2021 – Krishnan Subramanian’s ‘Moving Away From Exploit Kits: The State Of Drive-By Downloads’ appeared first on Security Boulevard. Just a month and a half away.

Education 98

Education InfoSec Information Security Cybersecurity 98

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. The malicious app redirects users to a website offering and charging for firmware downloads. com via HTTPS. . ” concludes the expert. Pierluigi Paganini.

Scams 70

Scams Firmware Advertising Software 70

Security Boulevard

JUNE 14, 2021

Our thanks to Security BSides Dublin for publishing their outstanding videos on the organization's YouTube channel. The post Security BSides Dublin 2021 – Krishnan Subramanian’s ‘Moving Away From Exploit Kits: The State Of Drive-By Downloads’ appeared first on Security Boulevard.

Education 83

Education InfoSec Information Security 83

Security Affairs

JUNE 3, 2020

.” The latest Tor Browser version also addresses several high severity security vulnerabilities , the new release can be downloaded from the Tor Browser download page. is available for download, with new interesting features appeared first on Security Affairs. Pierluigi Paganini. The post Tor Browser 9.5

Advertising 79

Advertising Authentication Cybersecurity Information Security 79

Security Boulevard

SEPTEMBER 22, 2021

Sample direct download links to the cybercrime-friendly forum communities found in the actual Cybercrime Forum Data Set: [link]. The post Dancho Danchev’s Cybercrime Forum Data Set – Direct Free Technical Collection Download – Grab a Copy Today! appeared first on Security Boulevard. Stay tuned!

Cybercrime 64

Cybercrime Cyber threats Information Security 64

Security Affairs

MAY 17, 2019

A recently patched flaw in the Slack desktop application for Windows can be exploited by attackers to steal and manipulate a targeted user’s downloaded files. Slack is a cloud-based set of proprietary team collaboration tools and services, Security researcher David Wells from Tenable discovered a critical flaw in version 3.3.7

Advertising 80

Advertising Authentication Hacking Malware 80

Security Affairs

SEPTEMBER 20, 2019

Experts at Wandera’s threat research team discovered two adware apps on the Google Play Store that were downloaded 1.5M+ times. The bad news is that the two apps were downloaded 1.5M+ times. The post Two selfie Android adware apps with 1.5M+ downloads removed from Play Store appeared first on Security Affairs.

Adware 77

Adware Advertising Mobile Information Security 77

Security Affairs

AUGUST 19, 2019

The issue was first discovered by security researcher Özkan Mustafa Akku? You can download the #metasploit module exploits of #0days via this link => [link]. I'ill share detailed information about my presentation and vulnerabilities very soon! The expert decided to not report the flaw to the Webmin development team.

Passwords 79

Passwords System Administration Advertising DNS 79

Security Affairs

MARCH 7, 2024

export=download&id=1uRaMFq3jVR3yhcdRbBvuGdq-jLBLKtTH drops /kholapqua.com/Document.zip [link] pic.twitter.com/Y9CpY8xyLU — idclickthat (@idclickthat) August 17, 2023 Threat actors sent Facebook messenger direct messages to the victims attempting to trick them into downloading archive files such as RAR or ZIP files.

Malware 132

Malware Hacking Accountability Cybersecurity 132

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime 59

Cybercrime Cyber threats Hacking Software 59

Security Affairs

APRIL 20, 2024

CrushFTP has notified users of a virtual file system escape vulnerability impacting their FTP software, which could potentially enable users to download system files. have a vulnerability where users can escape their VFS and download system files. “CrushFTP v11 versions below 11.1 This has been patched in v11.1.0.

Software 111

Software Hacking Information Security 111

Security Affairs

JANUARY 21, 2024

The researchers noticed that the apps appear similar to ZuRu malware, they allow operators to download and execute multiple payloads to compromise machines in the background. As a result, the apps are being distributed online as unsigned applications — a detail that many users who are downloading pirated applications likely don’t care about.

Malware 128

Malware Hacking Software Information Security 128

CyberSecurity Insiders

MAY 5, 2021

Ensuring comprehensive coverage of the many attack surfaces and vulnerabilities in connected and autonomous vehicles (CAVs) is challenging as new versions of software are consistently downloaded. Additional information about Keysight Technologies is available in the newsroom at [link] and on Facebook , LinkedIn , Twitter and YouTube.

Information Security 40

Information Security Computers and Electronics Energy and Utilities Cybersecurity 40

Security Affairs

APRIL 15, 2024

The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack. Then they used the access to download a set of MFA SMS message logs belonging to customers’ Duo accounts. date and time of the message, type of message, etc.).”

Data breaches 116

Data breaches Social Engineering Engineering Authentication 116

Security Affairs

FEBRUARY 21, 2024

During analysis, we observed that the piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter.” DOPLUGS acts as a downloader and supports four backdoor commands.

Malware 115

Malware Phishing Government Passwords 115

Security Affairs

NOVEMBER 21, 2023

The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e. “In recent attacks, the NetSupport RAT has been observed to be downloaded onto a victim’s computer via deceptive websites and fake browser updates.” ” Upon downloading the Javascript (“Update_browser_10.6336.js

Education 112

Education Government Business Services Software 112

Krebs on Security

APRIL 20, 2023

In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. “This could cause the file to run when double-clicked instead of opening it with a PDF viewer.”

Malware 281

Malware Software Technology Accountability 281

Security Affairs

AUGUST 23, 2023

EsafeNet is owned by Chinese information security firm NSFOCUS. The researchers observed attackers downloading multiple distinct malware families via this method. The attackers signed malware with a legitimate Microsoft certificate. “The update.zip file is a zlib compressed archive file. This file is not saved on disk.

Malware 76

Malware Software Encryption Firewall 76

Security Affairs

MARCH 6, 2024

Each torrent file analyzed contained a link to a server with a hidden service on the TOR network, specifically indicating the sources for download. was one of the first ransomware groups to start embedding leaked data into torrent files for download and uploading these archives to TOR. Following a LockBit 3.0

Risk 118

Risk Ransomware Hacking Cybersecurity 118

Security Affairs

APRIL 17, 2024

. “To address the security vulnerabilities listed below, it is highly recommended to download the Avalanche installer and update to the latest Avalanche 6.4.3. You can download the latest Avalanche 6.4.3 The installation will apply a fix for each CVE listed in the table below. release here.”

Mobile 110

Mobile Software Hacking Information Security 110

The Hacker News

SEPTEMBER 29, 2021

Chief Information Security Officers (CISOs) are an essential pillar of an organization’s defense, and they must account for a lot. The first 90 days for a new CISO are crucial in setting up their security team, so there is little time to waste, and much to accomplish. Especially for new CISOs, this can be a daunting task.

CISO 96

CISO Accountability Information Security 96

Security Affairs

APRIL 17, 2024

The attackers use the web shell to download and run the primary Cerber payload. 112 to download and unpack further payloads. Upon executing the “agttydck.bat” the encryptor payload “agttydcb.bat” is downloaded and executed by the primary payload. 112 and fetches a log checker known internally as agttydck.

Ransomware 135

Ransomware Encryption Malware Accountability 135

Security Affairs

APRIL 21, 2024

The droppers were employed to download a backdoor tracked as “CR4T”. Then the dropper connects with the C2 server and downloads a next-stage payload. It includes a command line console for machine interaction, file download/upload functions, and command execution capabilities.

Malware 98

Malware Software Hacking Government 98

Security Affairs

OCTOBER 3, 2023

The malware also supports anti-sandbox techniques and evasion techniques, it can download and execute a second-stage payload, log keys, steal sensitive information and cryptocurrency, and execute remote commands. ” reads the report published by Zscaler. On September 15, 2023 the authors released BunnyLoader v1.7 BunnyLoader v1.7

Advertising 120

Advertising Cybercrime Malware Cryptocurrency 120

Security Affairs

MAY 22, 2022

Then the threat actors could use the beacon to download additional payloads and perform lateral movements. “Usually, people working in information security or TAs use exploits to check for vulnerabilities. The malware executes a PowerShell command using cmd.exe to deliver the actual payload which is a Cobalt-Strike Beacon.

InfoSec 141

InfoSec Malware Cybercrime Information Security 141