Security Affairs

FEBRUARY 12, 2025

Recently, researchers from AhnLab Security Intelligence Center (ASEC) observed North Koreas Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware. When opened, they execute PowerShell or Mshta to download malware like PebbleDash and RDP Wrapper, to control the infected systems.

Phishing 90

Phishing Malware Security Intelligence Hacking 90

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The botnet shell script downloads an ELF file named “pty3” from a different IP address, likely a sample of Muhstik malware. ” reported Akamai.

Malware 139

Malware DDOS Internet Internet 139

Security Affairs

MAY 4, 2020

Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Pierluigi Paganini. SecurityAffairs – COVID-19, malspam).

Small Business 138

Small Business Malware Manufacturing Security Intelligence 138

Penetration Testing

MARCH 31, 2024

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using to spread malware: they’re leveraging Google Ads tracking features to redirect unsuspecting users to malicious websites.

Penetration Testing 108

Penetration Testing Software Malware Security Intelligence 108

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

The Hacker News

FEBRUARY 20, 2025

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation.

Malware 100

Malware Security Intelligence 100

The Hacker News

MAY 21, 2021

Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection.

Ransomware 112

Ransomware Malware Security Intelligence Encryption 112

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 319

DNS Penetration Testing Malware Hacking 319

Hot for Security

MAY 21, 2021

Security researchers have discovered a new massive spam email campaign designed to push the latest version of STRRAT malware, according to data shared by Microsoft. It turns out that some malware only impersonates a ransomware attack, leaving the files untouched but scaring people with the possibility of a ransomware infection.

Ransomware 122

Ransomware Malware Security Intelligence Encryption 122

Security Affairs

FEBRUARY 2, 2020

In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. pic.twitter.com/1qnx3NmwiB — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware 104

Malware Security Intelligence Banking Phishing 104

The Hacker News

FEBRUARY 6, 2025

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).

Malware 98

Malware Phishing Security Intelligence Hacking 98

The Hacker News

JULY 2, 2024

The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the

Hacking 127

Hacking Malware Security Intelligence 127

Penetration Testing

DECEMBER 8, 2024

The AhnLab Security Intelligence Response Center (ASEC) has revealed that threat actors exploiting a critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, have begun deploying Mauri ransomware in their attacks....

Ransomware 92

Ransomware Security Intelligence Cybersecurity Malware 92

Security Affairs

APRIL 21, 2025

While investigating a security breach, the AhnLab SEcurity intelligence Center (ASEC) researchers discovered a North Korea-linked group Kimsuky ‘s campaign, tracked as Larva-24005. When opened, they execute PowerShell or Mshta to download malware like PebbleDash and RDP Wrapper, to control the infected systems.

Phishing 80

Phishing Malware Security Intelligence Hacking 80

Penetration Testing

FEBRUARY 22, 2024

Security experts at the AhnLab Security Intelligence Center (ASEC) have recently uncovered a malware distribution campaign targeting a Korean construction-related association website.

Malware 90

Malware Penetration Testing Security Intelligence Software 90

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware 74

Malware Phishing Security Intelligence Hacking 74

The Hacker News

NOVEMBER 13, 2022

A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks.

DDOS 98

DDOS Malware Cryptocurrency Security Intelligence 98

The Hacker News

JUNE 30, 2022

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence said in a series of tweets on Thursday.

Malware 98

Malware Security Intelligence 98

Security Affairs

MARCH 10, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added the the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. reported Akamai.

DDOS 105

DDOS Security Intelligence Malware Hacking 105

Penetration Testing

MARCH 4, 2024

A newly discovered backdoor malware dubbed ‘WogRAT’ is raising alarms for both Windows and Linux users.

Penetration Testing 86

Penetration Testing Malware Security Intelligence 86

Penetration Testing

JANUARY 13, 2025

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2 malware. The post LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing appeared first on Cybersecurity News.

Phishing 76

Phishing Malware Security Intelligence Cybersecurity 76

Penetration Testing

FEBRUARY 22, 2025

A recent investigation by the AhnLab Security Intelligence Center (ASEC) has uncovered a malvertising campaign that distributes LummaC2 The post LummaC2 Malware Masquerading as Total Commander Crack to Infect Windows Users appeared first on Cybersecurity News.

Malware 80

Malware Security Intelligence Cybersecurity Engineering 80

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 126

Malware Hacking Government Telecommunications 126

Security Affairs

SEPTEMBER 20, 2022

VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. The malware is able to redirect the user’s traffic and hijacking user search queries to popular search engines, including Google, Yahoo, and Bing. SecurityAffairs – hacking, malware).

Malware 98

Malware Adware Ransomware Security Intelligence 98

Bleeping Computer

JUNE 15, 2023

The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [.]

Malware 112

Malware Security Intelligence Hacking 112

Penetration Testing

JUNE 29, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a warning about a new breed of malware that disguises itself as cracked software and legitimate tools. This malware, dubbed “InnoLoader,” is far from ordinary.

Software 70

Software Malware Security Intelligence Cybersecurity 70

Penetration Testing

FEBRUARY 12, 2025

A new report from AhnLab Security Intelligence Center (ASEC) reveals a concerning trend: the distribution of cryptocurrency-mining malware The post Stealthy Crypto-Mining Malware Hijacking PCs via USB Drives appeared first on Cybersecurity News.

Malware 70

Malware Cryptocurrency Security Intelligence Cybersecurity 70

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The latest version of the Java-based STRRAT malware (1.5)

Ransomware 145

Ransomware Malware Encryption Security Intelligence 145

The Hacker News

JUNE 3, 2024

Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks," the AhnLab Security Intelligence Center (ASEC) said in a report

Manufacturing 117

Manufacturing Education Malware Security Intelligence 117

Penetration Testing

MARCH 19, 2025

AhnLab Security intelligence Center (ASEC) has recently uncovered a malware campaign utilizing the JPHP interpreter to distribute downloader The post JPHP Interpreter Used to Distribute Downloader Malware appeared first on Cybersecurity News.

Malware 67

Malware Security Intelligence Cybersecurity 67

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members.

Malware 98

Malware Banking Ransomware Passwords 98

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Security Affairs

MAY 5, 2020

Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000. With this release, Recorded Future is the only intelligence company to openly offer access to its data. Verdict IOCs In 1 View: Enhance Malware Analysis.

Security Intelligence 135

Security Intelligence Risk Advertising Malware 135

Security Boulevard

APRIL 19, 2021

In the last 30 days, education was the most targeted sector, receiving more than 60% of all malware encounters, or more than 5 million incidents, according to Microsoft Security Intelligence. The post Online Ed is the New Corporate Threat Vector appeared first on Security Boulevard. Department of.

Education 124

Education Security Intelligence Government Malware 124

Penetration Testing

APRIL 3, 2025

A recent analysis by the AhnLab Security Intelligence Center (ASEC) has uncovered a particularly insidious campaign involving the The post Beware the Bait: BeaverTail and Tropidoor Malware Lurk in Recruitment Emails appeared first on Daily CyberSecurity.

Malware 67

Malware Security Intelligence Cybersecurity 67

Security Affairs

OCTOBER 10, 2020

— Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Attacks showing up in commodity malware like those used by the threat actor CHIMBORAZO indicate broader exploitation in the near term.” states Microsoft.

Cybercrime 139

Cybercrime Security Intelligence Authentication Banking 139

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware 144

Malware Passwords Advertising Ransomware 144