Malware, Penetration Testing and Security Intelligence

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS

DNS Penetration Testing Malware Hacking

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Penetration Testing

MARCH 31, 2024

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using to spread malware: they’re leveraging Google Ads tracking features to redirect unsuspecting users to malicious websites.

Penetration Testing Software Malware Security Intelligence

Attackers Exploit Construction Site Trust, Deliver TrollAgent Malware

Penetration Testing

FEBRUARY 22, 2024

Security experts at the AhnLab Security Intelligence Center (ASEC) have recently uncovered a malware distribution campaign targeting a Korean construction-related association website.

Malware

Malware Penetration Testing Security Intelligence Software

WogRAT Backdoor: The Stealthy Malware Lurking in Online Notepads

Penetration Testing

MARCH 4, 2024

A newly discovered backdoor malware dubbed ‘WogRAT’ is raising alarms for both Windows and Linux users.

Malware

Malware Penetration Testing Security Intelligence

Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor

Penetration Testing

APRIL 10, 2024

Security experts at AhnLab Security Intelligence Center (ASEC) have sounded the alarm on a new wave of attacks targeting Redis servers.

Penetration Testing Security Intelligence Malware

Crafty Infostealer Campaign Leverages Fake Adobe Reader Installer, Advanced Tricks to Evade Detection

Penetration Testing

MARCH 11, 2024

Security experts from AhnLab SEcurity intelligence Center (ASEC) have uncovered a sophisticated malware campaign where attackers are tricking users into downloading a dangerous infostealer disguised as a legitimate Adobe Reader installation file.

Penetration Testing Security Intelligence Malware

TargetCompany Ransomware Group Escalates Attacks: New Tools and Persistent Targeting of MS-SQL Servers

Penetration Testing

MAY 1, 2024

The world of cybersecurity is witnessing an alarming trend as ransomware groups intensify their attacks on Microsoft SQL (MS-SQL) servers, exploiting weak management practices to deploy devastating malware.

Penetration Testing Ransomware Security Intelligence Malware

DigiEver DVR Vulnerability Under Attack by Hail C**k Botnet

Penetration Testing

DECEMBER 22, 2024

Akamai Security Intelligence Research Team (SIRT) has uncovered a vulnerability in DigiEver DS-2105 Pro DVRs is being actively exploited by the Hail C**k botnet, a Mirai variant enhanced with modern... The post DigiEver DVR Vulnerability Under Attack by Hail C**k Botnet appeared first on Cybersecurity News.

Security Intelligence Malware Cybersecurity

Hackers Weaponize Popular Software Framework for Stealthy Data Theft

Penetration Testing

APRIL 23, 2024

In a disturbing new development, cybersecurity experts at AhnLab Security Intelligence Center (ASEC) have revealed a growing trend of infostealer malware abusing the Electron framework.

Software

Software Penetration Testing Security Intelligence Malware

LockBit Ransomware: The Hidden Threat in Resume Word Files

Penetration Testing

JANUARY 18, 2024

The AhnLab Security Intelligence Center has uncovered that the LockBit ransomware is being spread through malicious Word files disguised as resumes.

Ransomware

Ransomware Penetration Testing Security Intelligence Malware

Mauri Ransomware Exploits Apache ActiveMQ Flaw (CVE-2023-46604)

Penetration Testing

DECEMBER 8, 2024

The AhnLab Security Intelligence Response Center (ASEC) has revealed that threat actors exploiting a critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, have begun deploying Mauri ransomware in their attacks....

Ransomware

Ransomware Security Intelligence Cybersecurity Malware

New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks

Penetration Testing

JANUARY 29, 2024

AhnLab Security Intelligence Center (ASEC) has recently uncovered a concerning development in ransomware attacks. This discovery sheds light... The post New Trigona Ransomware Threat Actor Uses Mimic Ransomware and BCP Utility in Attacks appeared first on Penetration Testing.

Ransomware

Ransomware Penetration Testing Security Intelligence Malware

Sophisticated SmokeLoader Campaign Targets Ukrainian Sectors

Penetration Testing

JANUARY 21, 2024

In a recent investigation, researchers at AhnLab Security Intelligence Center (ASEC) have unearthed a sophisticated cyber-espionage campaign targeting various sectors within Ukraine, including the government, public institutions, and key industries.

Penetration Testing Security Intelligence Government Malware

LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing

Penetration Testing

JANUARY 13, 2025

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2 malware. The post LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing appeared first on Cybersecurity News.

Phishing

Phishing Malware Security Intelligence Cybersecurity

LummaC2 Malware Masquerading as Total Commander Crack to Infect Windows Users

Penetration Testing

FEBRUARY 22, 2025

A recent investigation by the AhnLab Security Intelligence Center (ASEC) has uncovered a malvertising campaign that distributes LummaC2 The post LummaC2 Malware Masquerading as Total Commander Crack to Infect Windows Users appeared first on Cybersecurity News.

Malware

Malware Security Intelligence Cybersecurity Engineering

Stealthy Crypto-Mining Malware Hijacking PCs via USB Drives

Penetration Testing

FEBRUARY 12, 2025

A new report from AhnLab Security Intelligence Center (ASEC) reveals a concerning trend: the distribution of cryptocurrency-mining malware The post Stealthy Crypto-Mining Malware Hijacking PCs via USB Drives appeared first on Cybersecurity News.

Malware

Malware Cryptocurrency Security Intelligence Cybersecurity

InnoLoader Malware Evades Detection Posing as Cracked Software

Penetration Testing

JUNE 29, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a warning about a new breed of malware that disguises itself as cracked software and legitimate tools. This malware, dubbed “InnoLoader,” is far from ordinary.

Software

Software Malware Security Intelligence Cybersecurity

JPHP Interpreter Used to Distribute Downloader Malware

Penetration Testing

MARCH 19, 2025

AhnLab Security intelligence Center (ASEC) has recently uncovered a malware campaign utilizing the JPHP interpreter to distribute downloader The post JPHP Interpreter Used to Distribute Downloader Malware appeared first on Cybersecurity News.

Malware

Revenge RAT: Unveiling a Tool-Abusing, Fileless Attack

Penetration Testing

FEBRUARY 14, 2024

AhnLab Security Intelligence Center (ASEC) recently sounded the alarm over a cunning Revenge RAT malware campaign.

Penetration Testing Security Intelligence Malware

Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails

Penetration Testing

APRIL 3, 2025

A recent analysis by the AhnLab Security Intelligence Center (ASEC) has uncovered a particularly insidious campaign involving the The post Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails appeared first on Daily CyberSecurity.

Malware

ModiLoader Malware Leveraging CAB Header Batch Files to Evade Detection

Penetration Testing

JANUARY 21, 2025

The AhnLab Security Intelligence Center (ASEC) warns a novel malware distribution tactic involving the use of Microsoft Windows The post ModiLoader Malware Leveraging CAB Header Batch Files to Evade Detection appeared first on Cybersecurity News.

Malware

ViperSoftX Leverages Deep Learning with Tesseract to Exfiltrate Sensitive Information

Penetration Testing

MAY 19, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new tactic employed by the notorious ViperSoftX malware.

Penetration Testing Security Intelligence Engineering Malware

Cybercriminals Exploit Ebooks to Spread AsyncRAT Malware

Penetration Testing

JULY 11, 2024

A recent report from AhnLab Security Intelligence Center (ASEC) reveals new cyberattacks utilizing a novel method to distribute the AsyncRAT remote access trojan (RAT).

Malware

DBatLoader: A Malware Distribution via CMD Files

Penetration Testing

JUNE 27, 2024

AhnLab Security Intelligence Center (ASEC) has issued a warning regarding the re-emergence of the DBatLoader malware, a notorious downloader known for its historical involvement in phishing campaigns.

Malware

Malware Security Intelligence Phishing Cybersecurity

cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers

Penetration Testing

DECEMBER 19, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware called cShell, which specifically targets poorly managed Linux SSH servers. The malware exploits weak credentials to gain... The post cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers appeared first on Cybersecurity News.

DDOS

DDOS Security Intelligence Malware Cybersecurity

Kimsuky Group’s New Backdoor, HappyDoor, Raises Cybersecurity Concerns

Penetration Testing

JULY 7, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a warning about a new backdoor malware called HappyDoor, linked to the Kimsuky group, a North Korean state-sponsored threat actor.

Cybersecurity

Cybersecurity Security Intelligence Malware

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. ” A new wave of attacks could exploit the vulnerability to spread more dangerous and destructive malware, like ransomware or spyware. . SecurityAffairs – Bluekeep, malware). Pierluigi Paganini.

Malware

Malware Penetration Testing Advertising Spyware

Aquabotv3: The Mirai-Based Botnet Exploiting CVE-2024-41710 for DDoS Attacks

Penetration Testing

JANUARY 30, 2025

The Akamai Security Intelligence and Response Team (SIRT) has identified Aquabotv3, a new and more sophisticated variant of The post Aquabotv3: The Mirai-Based Botnet Exploiting CVE-2024-41710 for DDoS Attacks appeared first on Cybersecurity News.

DDOS

DDOS Security Intelligence Cybersecurity Malware

400,000+ Systems Infected: DigitalPulse Proxyware Returns with New Tricks

Penetration Testing

JANUARY 21, 2025

A recent report from the AhnLab Security Intelligence Center (ASEC) detailed the spread of DigitalPulse proxyware via ad The post 400,000+ Systems Infected: DigitalPulse Proxyware Returns with New Tricks appeared first on Cybersecurity News.

Cybercriminal on Cybercriminal Crime: Ransomware Hijacks CoinMiner

Penetration Testing

JUNE 5, 2024

In an unexpected twist of cybercrime, security researchers at AhnLab Security Intelligence Center (ASEC) have revealed a bizarre case of one criminal gang inadvertently aiding another.

Ransomware

Ransomware Cybercrime Security Intelligence Malware

Cybercriminals Exploit Legitimate Windows Tool for Cryptojacking

Penetration Testing

SEPTEMBER 10, 2024

The AhnLab Security Intelligence Center (ASEC) has uncovered a concerning trend in cybercrime involving the misuse of Binary Managed Object Files (BMOFs) for the distribution of XMRig, a notorious cryptocurrency... The post Cybercriminals Exploit Legitimate Windows Tool for Cryptojacking appeared first on Cybersecurity News.

Cryptocurrency

Cryptocurrency Cybercrime Security Intelligence Cybersecurity

Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras

Penetration Testing

AUGUST 28, 2024

Akamai’s Security Intelligence Response Team (SIRT) has discovered a widespread Mirai botnet campaign exploiting a recently disclosed zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras.

Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120

Penetration Testing

MAY 6, 2025

The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of two command injection vulnerabilities The post Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120 appeared first on Daily CyberSecurity.

IoT

IoT Security Intelligence Cybersecurity Malware

Hackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577)

Penetration Testing

JULY 12, 2024

The Akamai Security Intelligence Response Team (SIRT) has observed a... The post Hackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577) appeared first on Cybersecurity News.

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics

Penetration Testing

APRIL 24, 2025

A recent report by the AhnLab Security intelligence Center (ASEC) has uncovered the latest tactics employed by the The post Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics appeared first on Daily CyberSecurity.

Security Intelligence Cybersecurity Phishing Malware

Best Managed Security Service Providers (MSSPs)

eSecurity Planet

JANUARY 27, 2022

Metrics: 300 billion security events processed daily. Intelligence: Provides threat research, threat intelligence, malware analysis, and analytics support to SOCs. Use Cases: Mid-sized, enterprise, and government organizations. Delivery: Hosted by Secureworks or delivered on customer networks.

Firewall

Firewall Threat Detection DDOS Marketing

New MS-SQL Server Attack Campaign Leverages GotoHTTP for Remote Access

Penetration Testing

OCTOBER 5, 2024

Experts from the AhnLab Security Intelligence Center (ASEC) have uncovered new attacks on MS-SQL servers, targeting unsecured accounts and weak passwords.

Security Intelligence Passwords Accountability Cybersecurity

Urgent Security Alert: HFS Servers Under Attack, Patch Now!

Penetration Testing

JULY 3, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a critical warning for all users of HTTP File Server (HFS): a recently disclosed remote code execution vulnerability (CVE-2024-23692) is actively being exploited by malicious actors.... appeared first on Cybersecurity News.

From Taiwan to Korea: TIDRONE Threat Actor Targets ERP Software

Penetration Testing

DECEMBER 17, 2024

The AhnLab Security Intelligence Center (ASEC) has uncovered a series of cyberattacks on Korean companies orchestrated by the TIDRONE threat actor. Known for its focus on Taiwanese defense and drone... The post From Taiwan to Korea: TIDRONE Threat Actor Targets ERP Software appeared first on Cybersecurity News.

Software

Software Security Intelligence Cybersecurity Malware

Six Effective Ransomware Risk Reduction Strategies

NopSec

SEPTEMBER 12, 2016

Businesses, governments, and consumers alike need to be aware of ransomware – a type of malware that can inflict serious damage on your finances and productivity in a very short span of time. Today, we explain this category of malware: how it works, the risks it poses to your organization, and strategies for preventing an attack.

Ransomware

Ransomware Risk Social Engineering Penetration Testing

Beware of “How to Fix” Button: New Phishing Emails Trick Users into Executing Malicious Commands

Penetration Testing

JUNE 5, 2024

AhnLab SEcurity Intelligence Center (ASEC) has recently identified a phishing campaign leveraging HTML files distributed via email to execute malicious commands on targeted systems.

Phishing

Phishing Security Intelligence Cybersecurity Malware

NopSec Cloud Security Module

NopSec

JULY 13, 2016

Particularly in the AWS – Amazon Web Services – environment, in order to assess vulnerabilities in the public cloud each vulnerability scan and/or penetration test needs to be cleared with AWS by filling an authorization form in advance. This creates a convoluted administrative process to authorize the scan in advance.