Security Affairs

MARCH 10, 2025

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The issue resides in the Best-Fit feature of encoding conversion within the Windows operating system. reported Akamai.

DDOS 103

DDOS Security Intelligence Malware Hacking 103

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 133

Banking Malware Advertising Passwords 133

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 129

Malware Cybercrime Banking Hacking 129

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 116

Hacking Cybercrime Data breaches Advertising 116

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. ” reported Akamai.

Malware 138

Malware DDOS Internet Internet 138

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 265

Cybercrime Banking Computers and Electronics DDOS 265

Security Affairs

JULY 13, 2024

Ukrainian national Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID malware operations. DoJ sentenced the Ukrainian national Vyacheslav Igorevich Penchukov (37) to prison and ordered him to pay millions of dollars in restitution for his role in the Zeus and IcedID malware operations.

Cybercrime 127

Cybercrime Banking Malware Hacking 127

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 107

Cybercrime Banking Identity Theft Hacking 107

Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Source: US Defense Watch.com.

Identity Theft 111

Identity Theft Cybercrime Advertising Hacking 111

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. “The 911[.]re A cached copy of flashupdate[.]net

VPN 351

VPN Computers and Electronics Antivirus Software 351

Security Affairs

SEPTEMBER 2, 2024

Cicada 3301 is the name given to three sets of puzzles posted under the name “3301” online between 2012 and 2014. The first puzzle started on January 4, 2012, on 4chan and ran for nearly a month. Since June, the operators behind Cicada3301 have started recruiting affiliates on the RAMP cybercrime forum.

Ransomware 135

Ransomware Encryption Malware Cybercrime 135

SiteLock

AUGUST 27, 2021

Perhaps the single biggest and most dangerous change in threats came in the world of malware delivery. For years, hackers and malware authors had used the same ways to deliver and spread their malware. So hackers had to choose a new way to deliver and spread malware. Email and spam were by far the most popular.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. ” continues the report.

Malware 113

Malware Hacking Advertising Cybercrime 113

Security Affairs

APRIL 14, 2020

Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e. AgentTesla ). ” concludes the report. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare 144

Healthcare Ransomware Phishing Government 144

Security Affairs

MARCH 10, 2020

Necurs botnet is one of the largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – malware, Necurs botnet). million spam messages to more than 40.6

Advertising 107

Advertising Malware Cybercrime Government 107

Security Affairs

SEPTEMBER 19, 2021

Fahd was the mind behind a criminal scheme that begun in 2012 and that caused more than $200 million in losses to the company, according to DoJ, he continued his activity even after he became aware that law enforcement was investigating. SecurityAffairs – hacking, malware). ” reads the press release published by DoJ.

Hacking 139

Hacking Malware Cybercrime Information Security 139

Security Affairs

MARCH 10, 2023

The NetWire Remote Access Trojan (RAT) is available for sale on cybercrime forums since 2012, it allows operators to steal sensitive data from the infected systems. DomainTools further shows this email address was used to register one other domain in 2012: wwlabshosting[.]com, ” reads the press release published DoJ.

Malware 98

Malware Cybercrime Data breaches Internet 98

Security Affairs

SEPTEMBER 8, 2019

net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals. XakFor has been active since 2012, most of its visitors were Russian-speaking hackers and crooks. Not all the malware were authentic, some of them were cracked versions, while other s were backdoored. Pierluigi Paganini.

Advertising 104

Advertising Malware Cybercrime Hacking 104

Security Affairs

AUGUST 30, 2022

The experts studied the evolution of CMS plugins in the production web servers dating back to 2012, to do this they developed an automated framework named YODA to detect malicious plugins. Post-deployment attacks infected $834K worth of previously benign plugins with malware.” Among these, $41.5K ” reads the research paper.

Backups 144

Backups Malware Technology Hacking 144

Security Affairs

OCTOBER 1, 2019

The malware is distributed via a malspam campaign, the spam messages come with malicious attachments or include URL to malicious content. Adwind is could infect all the major operating systems, including Windows, Mac, Linux, and Android, it is available in the cybercrime underground as a malware-as-a-service (MaaS) model.

Malware 104

Malware Advertising DDOS Cybercrime 104

Security Affairs

JANUARY 3, 2024

They were used to access the internal workplace systems for BMW dealers and could have been useful to attackers for spear-phishing campaigns or malware distribution. Attackers exploit this vulnerability in the wild to steal sensitive information, such as login credentials, or to spread malware to unsuspecting users.

Phishing 136

Phishing Manufacturing Firewall Cybercrime 136

Security Affairs

FEBRUARY 26, 2020

Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. It is not new for cyber-crooks to exploit social phenomena to spread malware in order to maximize the impact and dissemination of a malicious campaign. Introduction. Technical Analysis.

Cyber Attacks 142

Cyber Attacks Malware Social Engineering Advertising 142

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. RaaS : Mirroring the Legitimate SaaS Models In mid-2012, the ransomware ecosystem evolved with the introduction of Reveton , the first Ransomware-as-a-Service (RaaS). She is also a regular writer at Bora.

Ransomware 141

Ransomware Cryptocurrency Insurance Cybercrime 141

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. PC malware The number of users affected by financial malware for PCs dropped by 11% from 2022. Ramnit and Zbot were the prevalent malware families, together targeting over 50% of affected users. Money is what always attracts cybercriminals.

Phishing 134

Phishing Banking Mobile Scams 134

Security Affairs

JULY 25, 2022

“From 1 December 2012 the Revenue Agency incorporated the Territory Agency (article 23-quater of Legislative Decree 95/2012).” The introduction of the bug bounty program made the headlines, it is the first ransomware gang asking cyber security experts to submit bugs in their malware to improve it.

Ransomware 107

Ransomware Government Hacking Scams 107

Security Affairs

FEBRUARY 26, 2019

The Russian hacker Stanislav Vitaliyevich Lisov pleads guilty to bank fraud after running a botnet that spread ‘NeverQuest’ malware for three years. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure.

Banking 103

Banking Malware Advertising Accountability 103

Security Affairs

APRIL 28, 2020

The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations. During our daily monitoring activities, we intercepted a singular Linux malware trying to penetrate the network of some of our customers. Introduction. Technical Analysis.

Architecture 133

Architecture Malware Hacking DDOS 133

SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. This report included technical details of malware used in the campaign, such as Ecipekac, SodaMaster, P8RAT, FYAnti and QuasarRAT.

Malware 145

Malware Ransomware Spyware Encryption 145

Security Affairs

JANUARY 25, 2019

During the last weeks, the Cybaze-Yoroi ZLab researchers identified infection attempts aimed to install RAT malware directed to the naval industry sector. Instead, in this case, Cybaze-Yoroi ZLab detected the usage of multiplatform Java malware. Figure 5 – Open directory used by malware to download jre.zip component.

Malware 108

Malware VPN Advertising InfoSec 108

SecureList

JULY 14, 2021

In some cases, this was followed by deployment of a signed, but fake version of the popular application Zoom, which was in fact malware enabling the attackers to exfiltrate files from the compromised systems. com/s/esh1ywo9irbexvd/COVID-19%20Case%2012-11- 2020.rar?dl=0&file_subpath=%2FCOVID-19+Case+12-11-2020%2FCOVID-19+Case+12-11-2020(2).docx.

Malware 145

Malware Phishing Technology Encryption 145

SecureList

JUNE 2, 2022

In their initial disclosures on this threat actor, TeamT5 identified three malware families: SpyDealer, Demsty and WinDealer. In 2020, we discovered a whole new distribution method for the WinDealer malware that leverages the automatic update mechanism of select legitimate applications. WinDealer is a modular malware platform.

Malware 137

Malware Encryption Social Engineering Telecommunications 137

SecureWorld News

DECEMBER 29, 2020

Cybersecurity Ventures predicts that cybercrime will cost the world $6 trillion annually by the end of 2021. They then gained access to a customer service database and uploaded malware to capture sensitive information. LinkedIn data breach (2012). SecureWorld now takes a look at some of the largest data breaches to ever occur.

Data breaches 98

Data breaches Passwords Accountability Government 98

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box Upon execution, the bot prints xXxSlicexXxxVEGA. to the console. If a botnet process already exists, the botnet client will and exit.

IoT 98

IoT DDOS Encryption Malware 98

Security Affairs

DECEMBER 29, 2023

Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11. The product has been originally emerged at XSS underground forum, and later received positive feedback on other well-established communities including Exploit.

Password Management 143

Password Management Cryptocurrency Passwords Authentication 143

SecureWorld News

DECEMBER 27, 2021

Prosecutors say he was one of the masterminds behind bribing AT&T Wireless employees to install both malware and hardware in this Washington call center. Employees installed malware. ". Employees installed new variants of malware. What, exactly, was this unlocking malware all about?

Wireless 98

Wireless Malware Cyber Attacks Marketing 98

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan.

DNS 106

DNS Banking Advertising Ransomware 106