2012, Antivirus and Phishing - Cyber Security Informer

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Image: FBI.

Antivirus

Antivirus Hacking Software Government

The Cost of Cybercrime

Schneier on Security

JUNE 4, 2019

Really interesting paper calculating the worldwide cost of cybercrime: Abstract: In 2012 we presented the first systematic study of the costs of cybercrime. The move to the cloud means that system misconfiguration may now be responsible for as many breaches as phishing. In this paper,we report what has changed in the seven years since.

Cybercrime

Cybercrime Scams Cryptocurrency Antivirus

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

CyberSecurity Insiders

JANUARY 5, 2022

Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke. Microsoft that fixed this security vulnerability in 2012-13 by implementing strict file verification policies is busy urging admins to follow its legacy advisory published in August 2013 in order to fix the issue.

Malware

Malware Spyware Antivirus Cyber threats

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Are You Vulnerable To Ransomware? 6 Questions to Ask Yourself

Vipre

MAY 5, 2021

If all you’ve done so far is to rely on antivirus scans and the good sense of your users to not click on suspicious emails, you’re doing the minimum. For instance, failing to educate users on the dangers of phishing amounts to business malpractice. 66% of ransomware infections are due to spam and phishing emails.

Ransomware

Ransomware Backups Phishing Education

Cyber mercenaries group DeathStalker uses a new backdoor

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. The PowerPepper attack chain is being delivered through weaponized Word documents distributed through spear-phishing messages.

DNS

DNS Phishing Encryption Antivirus

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. The logic of the raid mainly comes down to using unsecured RDP ports or spear-phishing to infiltrate networks and gain a foothold in them. None of these early threats went pro. About the essayist.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Cybercrime Year in Review: 2013

SiteLock

AUGUST 27, 2021

It was easy to buy hundreds of millions of email addresses, pack them with phishing messages, and attach a nasty malware payload. And if you think that simply relying on antivirus software will get you through safely, there’s some more bad news. bank accounts in 2012 by cybercrooks using malware like keyloggers.

Cybercrime

Cybercrime Small Business Antivirus Malware

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines.

Malware

Malware Antivirus Technology Phishing

Mobile malware evolution 2020

SecureList

MARCH 1, 2021

For example, an attacker could log in to a victim’s Facebook account and post a phishing link or spread spam. Individuals who generate that many installation packages are obviously not worried about antivirus software. The verdict is applied where the antivirus databases still lack the signatures or heuristics for detection.

Mobile

Mobile Malware Adware Banking

The Top Cybersecurity Breaches in the UAE

Centraleyes

FEBRUARY 26, 2025

Compare that to 2012 when the UAE ranked fifth in the Global Cybersecurity Index. It serves as a warning to regularly backup company data and train every employee on how to identify phishing and social engineering attacks. The email directs victims to download antivirus software. Thats a hefty price tag for businesses to pay.

Cybersecurity

Cybersecurity Banking Education Antivirus

5 Tips to Help Avoid Charity Scams This Giving Tuesday

Identity IQ

NOVEMBER 13, 2023

Giving Tuesday originated in the United States in 2012 to contrast the commercialism of Black Friday and Cyber Monday. Giving Tuesday scams can take various forms, including phishing emails , fraudulent websites, and even door-to-door solicitations. It has since spread worldwide to more than 150 countries.

Scams

Scams Identity Theft Antivirus Insurance

How to Prevent Data Leaks

Spinone

NOVEMBER 30, 2018

In March 2014, hackers used login information leaked by eBay employees to access sensitive user data of 145 million customers , putting these users at risk of identity theft, password theft and phishing risks. According to the 2016 Verizon Data Breach Investigations Report , 13% of those tested clicked on the attachment of a phishing email.

Data breaches

Data breaches Passwords Backups Accountability

5 Critical Threat Actors You Need to Know About

Digital Shadows

OCTOBER 29, 2024

For initial access, RansomHub affiliates often compromise internet-facing systems and user endpoints via phishing emails, password spraying, and exploiting high-risk remote code execution (RCE) and privilege escalation vulnerabilities. In November 2022, IntelBroker reportedly used Endurance to target the US Federal Government.

Ransomware

Ransomware Encryption Technology Malware

5 Critical Threat Actors You Need to Know About

Digital Shadows

OCTOBER 29, 2024

For initial access, RansomHub affiliates often compromise internet-facing systems and user endpoints via phishing emails, password spraying, and exploiting high-risk remote code execution (RCE) and privilege escalation vulnerabilities. In November 2022, IntelBroker reportedly used Endurance to target the US Federal Government.

Ransomware

Ransomware Encryption Technology Malware

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Security Affairs

MARCH 6, 2025

The cyber espionage group has been active since at least 2012 and has been using the Sagerunex backdoor since at least 2016. The initial access vector for recent intrusions is unclear, but the threat actor used spear-phishing and watering hole attacks in past campaigns.

Telecommunications

Telecommunications Manufacturing Malware Media

Cyber Security Informer

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

The Cost of Cybercrime

Webinars

Trending Sources

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

Webinars

Are You Vulnerable To Ransomware? 6 Questions to Ask Yourself

Cyber mercenaries group DeathStalker uses a new backdoor

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Cybercrime Year in Review: 2013

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Mobile malware evolution 2020

The Top Cybersecurity Breaches in the UAE

5 Tips to Help Avoid Charity Scams This Giving Tuesday

Top Database Security Solutions for 2021

How to Prevent Data Leaks

5 Critical Threat Actors You Need to Know About

5 Critical Threat Actors You Need to Know About

Chinese Lotus Blossom APT targets multiple sectors with Sagerunex backdoor

Stay Connected