Krebs on Security

DECEMBER 19, 2018

Satnam Narang , senior research engineer at Tenable , said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

Internet 255

Internet Internet Software Engineering 255

Schneier on Security

DECEMBER 17, 2018

A new variant of the Shamoon malware has destroyed signifigant amounts of data at a UAE "heavy engineering company" and the Italian oil and gas contractor Saipem. Shamoon is the Iranian malware that was targeted against the Saudi Arabian oil company, Saudi Aramco, in 2012 and 2016.

Engineering 215

Engineering Malware 215

The Hacker News

APRIL 2, 2024

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar.

Malware 145

Malware 145

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail 254

Retail Advertising Cryptocurrency Marketing 254

Schneier on Security

JANUARY 22, 2018

From the Lookout announcement: Dark Caracal has operated a series of multi-platform campaigns starting from at least January 2012, according to our research. It primarily targets mobile devices compromised by fake secure messaging clients like Signal and WhatsApp. The campaigns span across 21+ countries and thousands of victims.

Malware 182

Malware Spyware Manufacturing Mobile 182

The Hacker News

FEBRUARY 17, 2024

to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. He was added to the FBI's most-wanted list in 2012. A Ukrainian national has pleaded guilty in the U.S.

Malware 136

Malware 136

CyberSecurity Insiders

JANUARY 5, 2022

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke.

Malware 131

Malware Spyware Antivirus Cyber threats 131

Security Affairs

NOVEMBER 22, 2019

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. The Russian hacker was suspected of being the author of the Neverquest malware , aka Vawtrak malware, and the person who administrated the control infrastructure. Pierluigi Paganini.

Banking 133

Banking Malware Advertising Passwords 133

Krebs on Security

FEBRUARY 11, 2020

A dozen of the vulnerabilities Microsoft patched today are rated “critical,” meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.

Backups 64

Backups Malware Internet Internet 64

Security Affairs

APRIL 1, 2020

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. SecurityAffairs – LimeRAT, malware).

Malware 131

Malware Passwords Encryption Advertising 131

Krebs on Security

FEBRUARY 4, 2020

Investigators say Bukoski’s booter service was among the longest running services targeted by the FBI, operating since at least 2012. The landing page for the Quantum Stresser attack-for-hire service.

Internet 324

Internet Internet Government Accountability 324

Krebs on Security

FEBRUARY 24, 2023

The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The website BHProxies[.]com

Accountability 288

Accountability Advertising Marketing Malware 288

Schneier on Security

JULY 9, 2019

Their goal, the researchers believe, is to obtain and download rolling records on the target from the cell provider's database without having to deploy malware on each target's device. [.]. Before and since then, the hackers broke into one cell provider after the other to gain continued and persistent access to the networks.

Hacking 277

Hacking Telecommunications Malware Passwords 277

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 274

Mobile Technology Manufacturing Malware 274

Security Affairs

MARCH 10, 2025

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The issue resides in the Best-Fit feature of encoding conversion within the Windows operating system. reported Akamai.

DDOS 102

DDOS Security Intelligence Malware Hacking 102

Schneier on Security

NOVEMBER 7, 2019

Fireeye reports on a Chinese-sponsored espionage effort to eavesdrop on text messages: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft.

Telecommunications 186

Telecommunications Encryption Malware 186

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. ” reported Akamai.

Malware 138

Malware DDOS Internet Internet 138

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA.

Marketing 301

Marketing Energy and Utilities Malware Ransomware 301

CSO Magazine

APRIL 27, 2023

Chinese state-sponsored threat actor Alloy Taurus has introduced a new variant of PingPull malware , designed to target Linux systems, Palo Alto Networks said in its research. Alloy Taurus, a Chinese APT , has been active since 2012. Along with the new variant, another backdoor called Sword2033 was also identified by the researchers.

Malware 105

Malware Telecommunications Government 105

SecureList

OCTOBER 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. The malware uses different strings to load libraries and functions required for execution. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

Malwarebytes

JULY 28, 2021

All of a sudden we have infectious email attachments, and compromised third-party sites serving up malware. 2012 London. Articles warning of dangers mainly focused on search engine poisoning (still a threat back in 2012), fake sites, streaming , and once again Twitter makes an appearance as “one to watch.”

Scams 143

Scams Hacking Malware Mobile 143

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families which is greater than 500 (41%).

Malware 128

Malware Cyber threats Advertising Telecommunications 128

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. Get-WindowsFeature FS-SMB1).Installed

Authentication 144

Authentication Malware Advertising Hacking 144

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. Interestingly enough, the share of adware attacks increased in relation to mobile malware in general. They typically work with malware developers to achieve this.

Mobile 145

Mobile Malware Adware Banking 145

Malwarebytes

JANUARY 26, 2022

DazzleSpy, a piece of malware that attacks macOS, was discovered last fall by researchers at ESET, and now those researchers have released more detailed findings. The new malware got a foothold via CVE-2021-1789, exploited via a JavaScript file named mac.js These two pieces of malware are quite different.

Malware 100

Malware Government Antivirus Engineering 100

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. center, linked to Konni malware used by APT37, and nidlogon[.]com, One of C2 domains, st0746[.]net,

Spyware 77

Spyware Surveillance Encryption Malware 77

SecureList

NOVEMBER 29, 2024

According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014. Kaspersky solutions worldwide detected this type of malware on 297,485 unique user devices. This malware also possessed the capability to install a backdoor on compromised systems.

Mobile 106

Mobile Adware Ransomware Malware 106

The Hacker News

MARCH 23, 2024

The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. According

Malware 141

Malware 141

Security Affairs

NOVEMBER 24, 2020

Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. Operators behind the botnet powered a massive adware campaign active since 2012, crooks mainly targeted users in Russia, Ukraine, Belarus, and Kazakhstan searching for pirated software. .”

Adware 145

Adware Malware Hacking Software 145

Krebs on Security

JULY 9, 2019

” The DHCP weakness ( CVE-2019-0785 ) exists in most supported versions of Windows server, from Windows Server 2012 through Server 2019. The other — CVE-2019-0880 — is present in Windows 8.1 , Server 2012 and later operating systems.

Internet 219

Internet Internet Software Advertising 219

The Last Watchdog

FEBRUARY 3, 2020

Samide and other experts say what’s coming next is very likely to be a series of varied attacks as combatants on all sides leverage footholds gained from ongoing intelligence gathering and malware planting. It describes malware being iterated by hackers who’ve clearly been doing this for a long while.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 129

Malware Cybercrime Banking Hacking 129

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said. The Forbes.ru

Hacking 235

Hacking Cybercrime Ransomware Government 235

Krebs on Security

JANUARY 13, 2021

Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users.

Backups 314

Backups Malware Marketing Software 314

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking 116

Hacking Cybercrime Advertising Data breaches 116

Krebs on Security

JUNE 25, 2019

” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. com — were implicated in propagating the Triada malware. com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., “Yehuo” ( ? ? ) com , buydudu[.]com

Mobile 185

Mobile Technology Manufacturing Software 185

Security Affairs

JUNE 30, 2021

for his key role in the distribution of the Gozi virus that infected more than a million computers from 2007 to 2012. Paunescu was arrested in Romania in 2012, but was able to avoid extradition. Colombian officials announced the arrest of the Romanian hacker Mihai Ionut Paunescu who is wanted in the U.S.

Banking 120

Banking Malware Hacking Information Security 120