2010, Accountability and Antivirus - Cyber Security Informer

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In 2010, someone with the username Pepyak on the Russian language affiliate forum GoFuckBiz[.]com

Malware

Malware Antivirus Cybercrime Hacking

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Accountability

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

JULY 20, 2021

Severa ran several affiliate programs that paid cybercriminals to trick people into installing fake antivirus software. In 2011, KrebsOnSecurity dissected “SevAntivir” — Severa’s eponymous fake antivirus affiliate program — showing it was used to deploy new copies of the Kelihos spam botnet.

Antivirus

Antivirus Cybercrime Identity Theft Scams

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. In 2010, the hottabych_k2 address was used to register the domain name dedserver[.]ru Vpn-service[.]us

Ransomware

Ransomware Accountability Cybercrime Passwords

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities. .”

Hacking

Hacking Cybercrime Ransomware Government

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

According to Constella, this email address was used in 2010 to register an account for a Dmitry Yurievich Khoroshev from Voronezh, Russia at the hosting provider firstvds.ru. NeroWolfe seems to have abandoned all of his forum accounts sometime in 2016. DomainTools reports that stairwell.ru Image: Shutterstock.

Ransomware

Ransomware Cybercrime Accountability Malware

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

JULY 28, 2022

The service, which accepts PayPal, Bitcoin and all major credit cards, is aimed primarily at enterprises engaged in repetitive, automated activity that often results in an IP address being temporarily blocked — such as data scraping, or mass-creating new accounts at some service online. Which hints at a possible BOTNET.

Advertising

Advertising Software Computers and Electronics Internet

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

An online search for the term “yehuo” reveals an account on the Chinese Software Developer Network which uses that same nickname and references the domain blazefire[.]com. In July 2017, Russian antivirus vendor Dr.Web published research showing that Triada had been installed by default on at least four low-cost Android models.

Mobile

Mobile Technology Manufacturing Malware

Tracing the Supply Chain Attack on Android

Krebs on Security

JUNE 25, 2019

An online search for the term “yehuo” reveals an account on the Chinese Software Developer Network which uses that same nickname and references the domain blazefire[.]com. In July 2017, Russian antivirus vendor Dr.Web published research showing that Triada had been installed by default on at least four low-cost Android models.

Mobile

Mobile Technology Manufacturing Software

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

The story on the Flashback author featured redacted screenshots that were taken from Ika’s BlackSEO account (see image above). The day after that story ran, Ika posted a farewell address to his mates, expressing shock and bewilderment over the apparent compromise of his BlackSEO account. ru under the handle “ r-fac1.”

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

6 Dangerous Microsoft Office 365 Security Concerns for Business

Spinone

OCTOBER 16, 2019

Imagine for a moment that your employee uses one password to access their social media profiles and to sign in to their Office 365 corporate account. Keep your antivirus software up to date. However, don’t forget that even an updated antivirus may not detect advanced malware strains.

Passwords

Passwords Data breaches Backups Authentication

Mystic Stealer

Security Boulevard

JUNE 15, 2023

Oftentimes this is credential data, but it can be any data that may have financial value to an adversary; this includes paid online service accounts, cryptocurrency wallets, instant messenger, or email contacts lists, etc. As a result, this technique may bypass static antivirus signatures and complicate malware reverse engineering.

Cryptocurrency

Cryptocurrency Password Management Malware DNS

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Satori DataSecOps 2021 Private BluBracket Software supply chain 2021 Private Cape Privacy Data security 2021 Private ZecOps Digital forensics 2019 Private SecurityScorecard Risk ratings 2017 Private Carbon Black Security software 2015 Acquired: VMware AVG Antivirus software 2015 Acquired: Avast. ForgePoint Capital.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

Though polite, the Creeper was still an annoyance to some, and in 1971, Ray Tomlinson developed the first antivirus software , called Reaper. One of the first pieces of antivirus software , McAfee’s VirusScan, was released in 1987. Going Mobile and Going Global: 2001-2010. Take a Look at the 4 Best Antivirus Software of 2022.

Malware

Malware Ransomware Antivirus Internet

Pegasus spyware has been here for years. We must stop ignoring it

Malwarebytes

JULY 22, 2021

Antivirus vendors detect it. Hulio told The Washington Post that his company had terminated the contracts of two customers because of allegations of human rights abuses, but, according to the paper, he refused to disclose which accounts were closed. Pegasus is spyware, and spyware is not made to respect privacy. It erodes it.

Spyware

Spyware Surveillance Mobile Government

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

At the start of March 2021, Microsoft rushed out patches for a critical zero-day Vulnerability in Exchange Server (2010, 2013, 2016, and 2019). FBI Internet Crime Report 2020: Cybercrime Skyrocketed, with Email Compromise Accounting for 43% of Losses. Microsoft Antivirus Now Automatically Mitigates Exchange Server Vulnerability.

Energy and Utilities

Energy and Utilities Ransomware Hacking Banking

Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison

Krebs on Security

FEBRUARY 26, 2019

Those included spreadsheets chock full of bank account details tied to some of the world’s most active cybercriminals, and to a vast network of shell corporations created by Vrublevsky and his co-workers to help launder the proceeds from their various online pharmacy, spam and fake antivirus operations.

Cybersecurity

Cybersecurity Cybercrime Media Antivirus

New Cyberthreats for 2021

Adam Levin

DECEMBER 7, 2020

The number of products connected to the internet surpassed the number of people on the planet somewhere between 2008 and 2010 and is expected to exceed 75 billion by 2025. This represents an evolutionary step beyond credential stuffing (a crime where the target’s passwords are used to access other accounts).

IoT

IoT Artificial Intelligence Technology Scams

Weathering Russian Winter: The Current State of Russian APTs

Security Boulevard

APRIL 8, 2022

Though APTs were regularly seen from then on inside the industry, the term didn’t gain public consciousness until an attack on Google servers in 2010 , the fault of which was assigned to Chinese APTs. Antivirus companies like McAfee jumped on the opportunity to provide anti-APT products. What Is An APT?

Social Engineering

Social Engineering Backups Malware Ransomware

Cyber Security Informer

Why Malware Crypting Services Deserve More Scrutiny

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Trending Sources

Spam Kingpin Peter Levashov Gets Time Served

Who’s Behind the GandCrab Ransomware?

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

How Did Authorities Identify the Alleged Lockbit Boss?

Breach Exposes Users of Microleaves Proxy Service

Tracing the Supply Chain Attack on Android

Tracing the Supply Chain Attack on Android

Ten Years Later, New Clues in the Target Breach

6 Dangerous Microsoft Office 365 Security Concerns for Business

Mystic Stealer

Top Database Security Solutions for 2021

Top VC Firms in Cybersecurity of 2022

The History of Computer Viruses & Malware

Pegasus spyware has been here for years. We must stop ignoring it

Cyber Security Roundup for April 2021

Former Russian Cybersecurity Chief Sentenced to 22 Years in Prison

New Cyberthreats for 2021

Weathering Russian Winter: The Current State of Russian APTs

Stay Connected