Security Affairs

OCTOBER 3, 2019

“For three years, Unit 42 has tracked a set of cyber espionage attack campaigns across Asia, which used a mix of publicly available and custom malware. The China-linked APT group has been active for at least six years, it used both custom-made and publicly available malware. Hackers targeted primarily the Uyghurs minority.

Malware 109

Malware Advertising Cybersecurity Hacking 109

Security Affairs

MAY 28, 2020

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. ” Back in 2013, the security researchers at FireEye spotted a group of China-Linked hackers that conducted an espionage campaign on foreign affairs ministries in Europe.

Hacking 112

Hacking Malware Advertising Government 112

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. Now some statistic facts about malware. billion malware attacks.

Firewall 132

Firewall Malware IoT Software 132

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. “Helkern was my friend, I [set up a] meeting with Golubov and him in 2013,” Shefel said.

Retail 235

Retail Advertising Cryptocurrency Marketing 235

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 276

DNS Penetration Testing Malware Hacking 276

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. ” Pierluigi Paganini.

Hacking 143

Hacking Malware Cybercrime Information Security 143

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 140

Malware Advertising Spyware Government 140

Security Affairs

DECEMBER 13, 2020

Palo Alto Networks Unit42 researchers believe that PGMiner can potentially be disruptive due to the popularity of the PostgreSQL, they warn that with additional effort, the malware could target all major operating systems. SecurityAffairs – hacking, PGminer). ” reads the analysis published by Palo Alto Networks Unit42.

Hacking 145

Hacking Cryptocurrency Passwords Authentication 145

Heimadal Security

APRIL 8, 2022

A financial-motivated threat organization that has been active since 2013, FIN7 has targeted the retail, restaurant, and hospitality industries in the United States, often deploying point-of-sale malware to achieve its objectives. Combi Security, a front firm for FIN7, was used to administer a component of the organization.

Hacking 108

Hacking Retail Malware Cybersecurity 108

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. SecurityAffairs – APT, hacking). Pierluigi Paganini.

Malware 109

Malware Banking Advertising Encryption 109

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 225

Advertising Antivirus Software Malware 225

Krebs on Security

MAY 4, 2021

Which means when a cybercrime forum gets hacked and its user databases posted online, it is often possible to work backwards from some of the more unique passwords for each account and see where else that password was used. And unbeknownst to him at the time, that forum was hacked, with all email addresses and hashed passwords exposed.

Passwords 347

Passwords Cybercrime Accountability Password Management 347

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking 110

Hacking Spyware Telecommunications Malware 110

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 249

Advertising Software Computers and Electronics Internet 249

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. “We have seen this module implemented in two different languages: C# and VBScript” The arsenal of the group includes also multiple malware, most of them downloaders and backdoors. Pierluigi Paganini.

Malware 144

Malware Phishing Advertising Government 144

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking 141

Hacking Advertising Software Information Security 141

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. ” continues Microsoft.

Authentication 145

Authentication Malware Advertising Hacking 145

WIRED Threat Level

OCTOBER 17, 2018

Security researchers have discovered a new instance code associated with APT1, a notorious Chinese hacking group that disappeared in 2013.

Malware 94

Malware Hacking 94

SecureList

OCTOBER 6, 2022

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale (PoS) and ATM malware activity, as certain regions saw malicious transactions drop significantly. Perpetrators continue to spread already-existing, widely used malware to attack PoS terminals and ATMs.

Malware 143

Malware Banking Software Cybercrime 143

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. If the recipient then opens this file, the ANONVNC malware, tracked as MESHAGENT, is executed. msi”), which, when opened, triggers the ANONVNC (MESHAGENT) malware.

Government 142

Government Phishing Malware Banking 142

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. Pierluigi Paganini.

Hacking 128

Hacking Passwords Accountability Cybercrime 128

Krebs on Security

JANUARY 8, 2024

From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a In December 2023, KrebsOnSecurity published new details about the identity of “Rescator,” a Russian cybercriminal who is thought to be closely connected to the 2013 data breach at Target.

Cybercrime 247

Cybercrime Banking Computers and Electronics DDOS 247

Krebs on Security

DECEMBER 4, 2024

Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest.

Cybercrime 201

Cybercrime Ransomware Cryptocurrency Government 201

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Guerrero-Saade discovered that the SIG37 campaign references hacking activities dated back as far as 2008 that was carried out by an unknown threat actor, the expert tracked it as Nazar.

Hacking 139

Hacking Advertising Malware Engineering 139

Security Affairs

FEBRUARY 11, 2021

Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. The malware can download content from FTP shares and run arbitrary commands as root.

Spyware 144

Spyware Surveillance Malware Mobile 144

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. ” These web-based backdoors offer attackers an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser.

Hacking 189

Hacking Passwords Internet Internet 189

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. Threat actors have been using Attor since 2013, the malicious code remained under the radar until last year.

Malware 104

Malware Encryption Advertising Mobile 104

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. now has 687 records assembled from publicly disclosed incidents between November 2013 and August 2020.” SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 144

Ransomware Advertising Data collection Healthcare 144

Security Affairs

OCTOBER 1, 2024

. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a cyberattack by the North Korean hacking group Kimsuky targeting Diehl Defence.” By clicking on a malicious PDF, victims would unknowingly download malware, allowing the hackers to spy on their systems.” ” reported Der Spiegel.

Manufacturing 140

Manufacturing Hacking Cyber Attacks Malware 140

Security Affairs

APRIL 18, 2021

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. SecurityAffairs – hacking, FIN7). Pierluigi Paganini.

System Administration 141

System Administration Penetration Testing Malware Hacking 141

Security Affairs

AUGUST 21, 2024

During the recent campaign, the threat actor distributed a variant of the open-source XenoRAT malware, dubbed ‘MoonPeak,’ which is a remote access trojan (RAT) actively developed by the group. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MoonPeak malware)

Malware 140

Malware Phishing Hacking Information Security 140

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. The malware allows operators to retrieve phone identifiers and steal contacts, SMS messages, photos, and even location data. SecurityAffairs – hacking, Goontact). ” conclude the experts. .

Spyware 144

Spyware Mobile Surveillance Malware 144

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 d26m CVE-2013-5223 D-Link DSL-2760U Gateway CVE-2020-8958 Guangzhou 1GE ONU V2801RW 1.9.1-181203 “To deliver its exploit, the malware first queries the target with a simple “GET” request. A2pvI042j1.d26m

IoT 143

IoT Firmware Malware Wireless 143

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The availability of such kind of data could expose hotel guests to a wide range of malicious activities, including identity theft, phishing attacks, scams, malware attacks, and reservation takeover. SecurityAffairs – hacking, Prestige).

Identity Theft 140

Identity Theft Scams Phishing Malware 140

The Last Watchdog

JUNE 20, 2018

Bilogorskiy: Before 2013 a lot of malware was focused on spam, DDoS and monetizing through malicious advertising and ad fraud. But in 2013 we saw the first crypto-ransomware, called CryptoLocker , that started a transition to monetization through crypto ransomware. That’s the threat known as cryptojacking.

Cryptocurrency 176

Cryptocurrency Ransomware Passwords Malware 176

Security Affairs

FEBRUARY 22, 2021

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool years before it was leaked online by Shadow Brokers hackers.

Hacking 122

Hacking Malware Software Information Security 122

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” Kloster’s blog even included a group photo of RSOCKS employees.

Cybercrime 228

Cybercrime Data breaches Malware Ransomware 228