2012, Antivirus and Hacking - Cyber Security Informer

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Image: FBI. Image: FBI.

Antivirus

Antivirus Hacking Software Government

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. The attackers have exploited a directory traversal and arbitrary file upload vulnerability, tracked as CVE-2019-18187, in the Trend Micro OfficeScan antivirus. Pierluigi Paganini.

Antivirus

Antivirus Hacking Advertising Media

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals.

Retail

Retail Advertising Cryptocurrency Marketing

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

.” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. A New Jersey grand jury indicted Kovalev in 2012 after an investigation by the U.S. The 2012 indictment against Kovalev relates to cybercrimes he allegedly perpetrated prior to the creation of Trickbot.

Hacking

Hacking Cybercrime Ransomware Government

Avast, Avira, Sophos and other antivirus solutions show problems after

Security Affairs

APRIL 20, 2019

Antivirus solutions from different vendors are having malfunctions after the installation of Windows security patches released on April 9, including McAfee, Avast and Sophos. Antivirus solutions from different vendors are showing malfunctions after the installation of Windows security patches released on April 9. Pierluigi Paganini.

Antivirus

Antivirus Advertising Software Hacking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

A couple of 10-Year-Old flaws affect Avast and AVG antivirus?

Security Affairs

MAY 5, 2022

Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne researcher Kasif Dekel discovered two high-severity security vulnerabilities, tracked as CVE-2022-26522 and CVE-2022-26523, that affect a driver used by Avast and AVG antivirus solutions.

Antivirus

Antivirus Hacking Software Cybersecurity

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These two software are currently unknown to most if not all antivirus companies.” The website’s copyright suggests the ExE Bucks affiliate program dates back to 2012. “Our technology ensures the maximum security from reverse engineering and antivirus detections,” ExEClean promised.

VPN

VPN Computers and Electronics Antivirus Software

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Antivirus software trusts signed programs more.

Malware

Malware Cybercrime Software Accountability

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

It's also why the United States has blocked the cybersecurity company Kaspersky from selling its Russian-made antivirus products to US government agencies. We have credible reports that the Chinese hacked Gmail around 2010, and there are ongoing concerns about both censorship and surveillance by the Chinese social-networking company TikTok.

Surveillance

Surveillance Wireless Government Internet

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data. SecurityAffairs – Pasco and Kobe Steel, hacking). Pierluigi Paganini.

Manufacturing

Manufacturing Advertising Data breaches Antivirus

Cyber mercenaries group DeathStalker uses a new backdoor

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. SecurityAffairs – hacking, backdoor). The cyber mercenaries group known as DeathStalker has been using a new PowerShell backdoor in recent attacks. Pierluigi Paganini.

DNS

DNS Phishing Antivirus Encryption

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

SC Magazine

JANUARY 29, 2021

Many more companies and organizations have been hacked and that valuable information was stolen over periods of months and years, ClearSky researchers wrote in a blog posted. Lebanese Cedar exploited 1-day publicly known vulnerabilities such as C VE-2012-3152 to install the JSP in vulnerable servers.

Antivirus

Antivirus Malware Cyber threats Media

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Security Affairs

MARCH 16, 2021

PoC exploit code was sent to partner cybersecurity firms and antivirus on February 23, prior Redmond giant released the patches. 28, bear similarities to “proof of concept” attack code that Microsoft distributed to antivirus companies and other security partners on Feb. SecurityAffairs – hacking, Microsoft Exchange).

Antivirus

Antivirus Cyber Attacks Hacking Accountability

Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange Servers

Security Affairs

JULY 28, 2021

PKPLUG used a technique known as “ living off the land ” to bypass antivirus detection and target Microsoft Exchange servers. Aro.exe is likely part of the “ ARO 2012 advanced repair and optimization tool,” which is a freely available tool that claims to fix Windows registry errors. SecurityAffairs – hacking,Thor RAT).

Encryption

Encryption Antivirus Malware Hacking

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. doc and.xlm) to evade antivirus detection and bypass spam filters as well. SecurityAffairs – FlawedAmmyy malware, hacking). See more about msiexec.exe and its parameters here.

Malware

Malware Antivirus Technology Phishing

The Top Cybersecurity Breaches in the UAE

Centraleyes

FEBRUARY 26, 2025

Compare that to 2012 when the UAE ranked fifth in the Global Cybersecurity Index. Email Hack Scams Dubai-based Exhibition Firms Client Roster Cheers Exhibition, a Dubai-based firm, was targeted in an elaborate phishing attack that took control of its email services and phished its client roster.

Cybersecurity

Cybersecurity Banking Education Antivirus

How to Prevent Data Leaks

Spinone

NOVEMBER 30, 2018

The Hacker had discovered Zuckerberg’s password in a 2012 LinkedIn data breach and he had used the same password across several accounts. Malicious Hacking Attacks As you can see from the examples of recent data breaches above, malicious by attacks by hackers is one of the main causes of data breaches.

Data breaches

Data breaches Passwords Backups Accountability

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

Such a scenario isn’t fantasy; something like this actually existed between 2012 and 2014. It’s about challenging our expectations about people who hack for a living. Then there came all this antivirus, antimalware products, there was a need to report which ones were better at solving the problem.

Encryption

Encryption Software Artificial Intelligence Marketing

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

Such a scenario isn’t fantasy; something like this actually existed between 2012 and 2014. It’s about challenging our expectations about people who hack for a living. Then there came all this antivirus, antimalware products, there was a need to report which ones were better at solving the problem.

Encryption

Encryption Software Artificial Intelligence Marketing

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

Such a scenario isn’t fantasy; something like this actually existed between 2012 and 2014. It’s about challenging our expectations about people who hack for a living. Then there came all this antivirus, antimalware products, there was a need to report which ones were better at solving the problem.

Encryption

Encryption Software Artificial Intelligence Marketing

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

That meant I tested the release candidates -- not the final product you’d buy in the stores - for consumer-grade antivirus programs, desktop firewalls, and desktop Intrusion detection systems. It’s about challenging our expectations about people who hack for a living. It seems at times that not much has happened after that.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

That meant I tested the release candidates -- not the final product you’d buy in the stores - for consumer-grade antivirus programs, desktop firewalls, and desktop Intrusion detection systems. It’s about challenging our expectations about people who hack for a living. It seems at times that not much has happened after that.

Software

Software Passwords Internet Internet

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

FLASHBACK The new clues about Rescator’s identity came into focus when I revisited the reporting around an April 2013 story here that identified the author of the OSX Flashback Trojan , an early malware strain that quickly spread to more than 650,000 Mac computers worldwide in 2012. “Good afternoon,” r-fac1 wrote on Dec.

Cybercrime

Cybercrime Accountability Advertising Computers and Electronics

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

Looking back at past leaks of private companies providing such services, such as in the case of Hacking Team, we learned that many states all over the world were buying these capabilities, whether to complement their in-house technologies or as a stand-alone solution they couldn’t develop. Hack-and-leak is the new black (and bleak).

Firmware

Firmware Surveillance Mobile Telecommunications

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Security Affairs

MARCH 6, 2025

The cyber espionage group has been active since at least 2012 and has been using the Sagerunex backdoor since at least 2016. Additionally, the use of VMProtect obfuscates the malware code to evade antivirus detection. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,APT)

Telecommunications

Telecommunications Manufacturing Malware Media

Cyber Security Informer

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Trending Sources

An Interview With the Target & Home Depot Hacker

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Avast, Avira, Sophos and other antivirus solutions show problems after

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

A couple of 10-Year-Old flaws affect Avast and AVG antivirus?

A Deep Dive Into the Residential Proxy Service ‘911’

Ask Fitis, the Bear: Real Crooks Sign Their Malware

On Chinese "Spy Trains"

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Cyber mercenaries group DeathStalker uses a new backdoor

Lebanese APT group with suspected links to Hezbollah breached 250 servers worldwide

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange Servers

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

The Top Cybersecurity Breaches in the UAE

How to Prevent Data Leaks

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

Ten Years Later, New Clues in the Target Breach

Advanced threat predictions for 2023

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Stay Connected