2008, Internet and Malware - Cyber Security Informer

PlugX malware deleted from thousands of systems by FBI

Malwarebytes

JANUARY 16, 2025

The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the Peoples Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers.

Malware

Malware DNS Internet Internet

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

The consensus seems to be that the ZIP file currently harbors a malware threat known as Ramnit , a fairly common but dangerous trojan horse that spreads by appending itself to other files. He said Saicoo did not address his concern that the driver package on its website was bundled with malware. Image: Virustotal.com.

Malware

Malware Government Internet Internet

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. ru in 2008.

Malware

Malware Cybercrime Software Accountability

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

. “Several industry sectors have been targeted including aviation organizations, scientific research institutions, petroleum industry, Internet companies, and government agencies.” ” The US-linked hackers targeted the Chinese organizations between September 2008 and June 2019. time zone. . Pierluigi Paganini.

Hacking

Hacking Advertising Government Engineering

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware

Malware Antivirus Cybercrime Hacking

Microsoft Issues Emergency Fix for IE Zero Day

Krebs on Security

DECEMBER 19, 2018

Microsoft today released an emergency software patch to plug a critical security hole in its Internet Explorer (IE) Web browser that attackers are already using to break into Windows computers. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Internet

Internet Internet Software Engineering

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies. SocksEscort[.]com

Malware

Malware VPN Internet Internet

Microsoft Patch Tuesday, March 2021 Edition

Krebs on Security

MARCH 9, 2021

Ten of these earned Microsoft’s “critical” rating, meaning they can be exploited by malware or miscreants with little or no help from users. Top of the heap this month (apart from the ongoing, global Exchange Server mass-compromise ) is a patch for an Internet Explorer bug that is seeing active exploitation.

DNS

DNS Internet Internet Software

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. PPI programs) to generate new installations of their malware.” But on Dec.

Passwords

Passwords Malware Internet Internet

Microsoft Patch Tuesday, December 2023 Edition

Krebs on Security

DECEMBER 12, 2023

Still, four of the updates pushed out today address “critical” vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users.

Internet

Internet Internet Engineering Malware

Patch Tuesday, March 2019 Edition

Krebs on Security

MARCH 12, 2019

Microsoft on Tuesday pushed out software updates to fix more than five dozen security vulnerabilities in its Windows operating systems, Internet Explorer , Edge , Office and Sharepoint. Malware or bad guys can remotely exploit roughly one-quarter of the flaws fixed in today’s patch batch without any help from users.

Internet

Internet Internet Backups Malware

Microsoft Patch Tuesday, July 2021 Edition

Krebs on Security

JULY 13, 2021

Thirteen of the security bugs quashed in this month’s release earned Microsoft’s most-dire “critical” rating, meaning they can be exploited by malware or miscreants to seize remote control over a vulnerable system without any help from users. out of a possible 10.

DNS

DNS Engineering Internet Internet

Internet scans found nearly one million systems vulnerable to BlueKeep

Security Affairs

MAY 28, 2019

GreyNoise is observing sweeping tests for systems vulnerable to the RDP "BlueKeep" (CVE-2019-0708) vulnerability from several dozen hosts around the Internet. BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Graham added. . Pierluigi Paganini.

Internet

Internet Internet Advertising Malware

French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

Security Affairs

JULY 28, 2024

French authorities and Europol are conducting a “disinfection operation” targeting hosts compromised by the PlugX malware. The French authorities, with the help of Europol, have launched on July 18, 2024, a “ disinfection operation ” to clean hosts infected with the PlugX malware.

Malware

Malware Internet Internet Cybersecurity

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Security Affairs

JUNE 3, 2022

An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware called WinDealer via man-on-the-side attacks. The activity of the group was first documented by TeamT5 researchers that also reported the use of three malware families: SpyDealer, Demsty and WinDealer. ” concludes Kaspersky.

Malware

Malware Telecommunications Hacking Internet

Microsoft Patch Tuesday, February 2020 Edition

Krebs on Security

FEBRUARY 11, 2020

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.

Backups

Backups Malware Internet Internet

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. remember Sydney being referred to as “The Internet Olympics”. 2008 Beijing. 1996 Atlanta.

Scams

Scams Hacking Malware Mobile

Microsoft Patch Tuesday, May 2022 Edition

Krebs on Security

MAY 10, 2022

The flaw affects Windows 7 through 10 and Windows Server 2008 through 2022. Seven of the flaws fixed today earned Microsoft’s most-dire “critical” label, which it assigns to vulnerabilities that can be exploited by malware or miscreants to remotely compromise a vulnerable Windows system without any help from the user.

Authentication

Authentication Engineering Internet Internet

Microsoft Patch Tuesday, August 2021 Edition

Krebs on Security

AUGUST 10, 2021

” According to Microsoft, critical flaws are those that can be exploited remotely by malware or malcontents to take complete control over a vulnerable Windows computer — and with little to no help from users. . “In the case of ransomware attacks, they have also been used to ensure maximum damage.”

Software

Software Internet Internet Backups

Patch Tuesday, November 2018 Edition

Krebs on Security

NOVEMBER 14, 2018

As per usual, most of the critical flaws — those that can be exploited by malware or miscreants without any help from users — reside in Microsoft’s Web browsers Edge and Internet Explorer.

Encryption

Encryption Passwords Internet Internet

Patch Tuesday Lowdown, July 2019 Edition

Krebs on Security

JULY 9, 2019

All told, only 15 of the 77 flaws fixed today earned Microsoft’s most dire “critical” rating, a label assigned to flaws that malware or miscreants could exploit to commandeer computers with little or no help from users. One of the zero-day flaws — CVE-2019-1132 — affects Windows 7 and Server 2008 systems.

Internet

Internet Internet Software Advertising

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware

Malware Adware Spyware Antivirus

Microsoft Patch Tuesday, August 2023 Edition

Krebs on Security

AUGUST 8, 2023

Six of the flaws fixed today earned Microsoft’s “critical” rating, meaning malware or miscreants could use them to install software on a vulnerable Windows system without any help from users. Microsoft Corp.

Engineering

Engineering Accountability Passwords Software

Patch Tuesday, November 2019 Edition

Krebs on Security

NOVEMBER 12, 2019

The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.

Backups

Backups Internet Internet Media

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Krebs on Security

SEPTEMBER 2, 2019

Federal prosecutors in California have filed criminal charges against four employees of Adconion Direct , an email advertising firm, alleging they unlawfully hijacked vast swaths of Internet addresses and used them in large-scale spam campaigns. HOSTING IN THE WIND.

Media

Media Government Marketing Internet

Microsoft warns for the second time of applying BlueKeep patch

Security Affairs

MAY 31, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Recently, the popular expert Robert Graham has scanned the Internet for vulnerable systems.

Internet

Internet Internet Malware Advertising

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

SiteLock INFINITY Wins 2019 Cloud Computing Product of the Year

SiteLock

AUGUST 27, 2021

INFINITY is a state of the art malware and vulnerability remediation service featuring unique, patent-pending technology. INFINITY combines deep website scanning and automatic malware removal with unrivaled accuracy and frequency. Websites experience 62 attacks per day on average.

Surveillance

Surveillance Malware Internet Internet

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. 2008, wherein he addresses forum members with the salutation, “Hello Gentlemen Scammers.”

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

Security Affairs

MAY 15, 2019

The vulnerability tracked as CVE-2019-0863 could be exploited by an attacker with low-privileged access to the targeted system to deliver a malware. As explained by Microsoft, this vulnerability could be exploited by malware with wormable capabilities. ” It is important to highlight that the RDP itself is not vulnerable.

Malware

Malware Authentication Advertising Accountability

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3

Internet

Internet Internet Engineering Hacking

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. After the disclosure of the flaw, the popular expert Robert Graham scanned the Internet for vulnerable systems.

Cyber Attacks

Cyber Attacks Penetration Testing Cryptocurrency Hacking

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware

Spyware Malware Advertising Authentication

MysterySnail attacks with Windows zero-day

SecureList

OCTOBER 12, 2021

Besides finding the zero-day in the wild, we analyzed the malware payload used along with the zero-day exploit, and found that variants of the malware were detected in widespread espionage campaigns against IT companies, military/defense contractors, and diplomatic entities. Microsoft Windows Server 2008. Microsoft Windows 7.

Malware

Malware Technology Engineering Advertising

Books Worth Your Time (Q4)

Adam Shostack

JANUARY 2, 2025

It's bad news for people and businesses who rely on technology, who are going to be subject to seeing their tax software hacked to distribute malware, as happened in Ukraine and led to NotPetya. Cult of the Dead Cow , Joseph Menn.

Technology

Technology Hacking Internet Internet

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. Windows XP, Windows Server 2003, and Windows Server 2008 are not affected.

Authentication

Authentication Advertising Internet Internet

Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018

Security Affairs

AUGUST 19, 2020

The two issues are a Windows spoofing bug and a remote code execution flaw in Internet Explorer. The flaw affects many Windows OSs, including Windows 7 and Windows Server 2008, for which the IT giant will not provide security updates because the reached the end-of-life. MSI) files signed by any software developer. .

Advertising

Advertising Malware Internet Internet

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

The VPN provider’s service, which aimed to offer shielded communications and internet access, were being used in support of serious criminal acts such as ransomware deployment and other cybercrime activities.” VPNLab was launched in 2008 and was offering online anonymity to criminal organizations.

VPN

VPN Cybercrime Ransomware Advertising

Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days

Security Affairs

AUGUST 12, 2020

The two issues are a Windows spoofing bug and a remote code execution flaw in Internet Explorer. ” The flaw affects many Windows OSs, including Windows 7 and Windows Server 2008, for which the IT giant will not provide security updates because the reached the end-of-life. ” reads the advisory.

Internet

Internet Internet Engineering Advertising

Security Affairs newsletter Round 254

Security Affairs

MARCH 8, 2020

Venezuela – Power outage knocked out part of the internet connectivity. CIA Hacking unit APT-C-39 hit China since 2008. Malware campaign employs fake security certificate updates. Karkoff 2020: a new APT34 espionage operation involves Lebanon Government. Nemty ransomware LOVE_YOU malspam campaign.

Data breaches

Data breaches Advertising Mobile Ransomware

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Krebs on Security

MAY 2, 2023

By 2008, the USPS job exam preppers had shifted to advertising their schemes mostly online. Mr. Mirza declined to respond to questions, but the exposed database information was removed from the Internet almost immediately after KrebsOnSecurity shared the offending links. Ditto for a case the FTC brought in 2005. com and usps-jobs[.]com.

Marketing

Marketing Advertising Scams Telecommunications

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. This means that the threat actor was able to avoid detection for more than 15 years.

Malware

Malware Spyware Encryption Hacking

PlugX malware deleted from thousands of systems by FBI

When Your Smart ID Card Reader Comes With Malware

Trending Sources

Ask Fitis, the Bear: Real Crooks Sign Their Malware

CIA Hacking unit APT-C-39 hit China since 2008

Why Malware Crypting Services Deserve More Scrutiny

Microsoft Issues Emergency Fix for IE Zero Day

Who and What is Behind the Malware Proxy Service SocksEscort?

Microsoft Patch Tuesday, March 2021 Edition

The Link Between AWM Proxy & the Glupteba Botnet

Microsoft Patch Tuesday, December 2023 Edition

Patch Tuesday, March 2019 Edition

Microsoft Patch Tuesday, July 2021 Edition

Internet scans found nearly one million systems vulnerable to BlueKeep

French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Microsoft Patch Tuesday, February 2020 Edition

The Olympics: a timeline of scams, hacks, and malware

Microsoft Patch Tuesday, May 2022 Edition

Microsoft Patch Tuesday, August 2021 Edition

Patch Tuesday, November 2018 Edition

Patch Tuesday Lowdown, July 2019 Edition

Types of Malware & Best Malware Protection Practices

Microsoft Patch Tuesday, August 2023 Edition

Patch Tuesday, November 2019 Edition

The Most Common Types of Malware in 2021

Feds Allege Adconion Employees Hijacked IP Addresses for Spamming

Microsoft warns for the second time of applying BlueKeep patch

NSA urges Windows Users and admins to Patch BlueKeep flaw

SiteLock INFINITY Wins 2019 Cloud Computing Product of the Year

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Microsoft Patch Tuesday addresses dangerous RDS flaw that opens to WannaCry-like attacks

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Regin spyware involved in attack against the Russian tech giant Yandex

MysterySnail attacks with Windows zero-day

Books Worth Your Time (Q4)

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Actively exploited CVE-2020-1464 Windows Spoofing flaw was known since 2018

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Microsoft August 2020 Patch Tuesday fixed actively exploited zero-days

Security Affairs newsletter Round 254

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Stay Connected