Security Affairs

AUGUST 28, 2024

million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. million reward for information leading to the arrest of Volodymyr Kadariya (38), a Belarusian national allegedly involved in a significant malware organization. The US Department of State offers a $2.5

Malware 128

Malware Computers and Electronics Cybercrime Internet 128

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. SecurityAffairs – hacking, Zloader). Zeus OpenSSL). Pierluigi Paganini.

Malware 145

Malware Banking Software Cybercrime 145

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 298

DNS Penetration Testing Malware Hacking 298

Security Affairs

FEBRUARY 12, 2025

Kimsukycyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researchers in 2013. Recently, researchers from AhnLab Security Intelligence Center (ASEC) observed North Koreas Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Phishing 87

Phishing Malware Security Intelligence Hacking 87

Security Affairs

OCTOBER 3, 2019

“For three years, Unit 42 has tracked a set of cyber espionage attack campaigns across Asia, which used a mix of publicly available and custom malware. The China-linked APT group has been active for at least six years, it used both custom-made and publicly available malware. Hackers targeted primarily the Uyghurs minority.

Malware 109

Malware Advertising Cybersecurity Hacking 109

Security Affairs

JANUARY 21, 2025

Researchers found over 100 servers distributing Mirai malware and communicating with compromised IPs, indicating the campaign is ongoing. “Mirai malware, here dubbed as Murdoc Botnet, is a prominent malware family for *nix systems. Most of the infected systems are in Malaysia, Thailand, Mexico, and Indonesia.

IoT 80

IoT Malware Hacking Cybercrime 80

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. ” read the advisory published by CERT-UA. . ” read the advisory published by CERT-UA.

Malware 138

Malware Banking Accountability Phishing 138

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. Now some statistic facts about malware. billion malware attacks.

Firewall 132

Firewall Malware IoT Software 132

Heimadal Security

APRIL 8, 2022

A financial-motivated threat organization that has been active since 2013, FIN7 has targeted the retail, restaurant, and hospitality industries in the United States, often deploying point-of-sale malware to achieve its objectives. Combi Security, a front firm for FIN7, was used to administer a component of the organization.

Hacking 121

Hacking Retail Malware Cybersecurity 121

Security Affairs

MAY 28, 2020

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. ” Back in 2013, the security researchers at FireEye spotted a group of China-Linked hackers that conducted an espionage campaign on foreign affairs ministries in Europe.

Hacking 102

Hacking Malware Advertising Government 102

Security Affairs

FEBRUARY 10, 2025

Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, newsletter) ” reads the analysis published by Intezer.

Manufacturing 108

Manufacturing Cybercrime Passwords Authentication 108

Security Affairs

DECEMBER 13, 2020

Palo Alto Networks Unit42 researchers believe that PGMiner can potentially be disruptive due to the popularity of the PostgreSQL, they warn that with additional effort, the malware could target all major operating systems. SecurityAffairs – hacking, PGminer). ” reads the analysis published by Palo Alto Networks Unit42.

Hacking 145

Hacking Cryptocurrency Passwords Authentication 145

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. ” Pierluigi Paganini.

Hacking 138

Hacking Malware Cybercrime Information Security 138

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 132

Malware Advertising Spyware Government 132

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 242

Advertising Antivirus Software Malware 242

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware 71

Malware Phishing Security Intelligence Hacking 71

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 269

Advertising Software Computers and Electronics Internet 269

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. SecurityAffairs – APT, hacking). Pierluigi Paganini.

Malware 109

Malware Banking Advertising Encryption 109

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking 109

Hacking Spyware Telecommunications Malware 109

Krebs on Security

MAY 4, 2021

Which means when a cybercrime forum gets hacked and its user databases posted online, it is often possible to work backwards from some of the more unique passwords for each account and see where else that password was used. And unbeknownst to him at the time, that forum was hacked, with all email addresses and hashed passwords exposed.

Passwords 341

Passwords Cybercrime Accountability Password Management 341

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. “We have seen this module implemented in two different languages: C# and VBScript” The arsenal of the group includes also multiple malware, most of them downloaders and backdoors. Pierluigi Paganini.

Malware 141

Malware Phishing Advertising Government 141

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. ” These web-based backdoors offer attackers an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser.

Hacking 219

Hacking Passwords Internet Internet 219

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking 134

Hacking Advertising Software Information Security 134

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. ” continues Microsoft.

Authentication 144

Authentication Malware Advertising Hacking 144

SecureList

OCTOBER 6, 2022

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale (PoS) and ATM malware activity, as certain regions saw malicious transactions drop significantly. Perpetrators continue to spread already-existing, widely used malware to attack PoS terminals and ATMs.

Malware 143

Malware Banking Software Cybercrime 143

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Guerrero-Saade discovered that the SIG37 campaign references hacking activities dated back as far as 2008 that was carried out by an unknown threat actor, the expert tracked it as Nazar.

Hacking 139

Hacking Advertising Malware Engineering 139

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. If the recipient then opens this file, the ANONVNC malware, tracked as MESHAGENT, is executed. msi”), which, when opened, triggers the ANONVNC (MESHAGENT) malware.

Government 136

Government Phishing Malware Banking 136

Krebs on Security

JANUARY 8, 2024

From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a In December 2023, KrebsOnSecurity published new details about the identity of “Rescator,” a Russian cybercriminal who is thought to be closely connected to the 2013 data breach at Target.

Cybercrime 261

Cybercrime Banking Computers and Electronics DDOS 261

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” Kloster’s blog even included a group photo of RSOCKS employees.

Cybercrime 251

Cybercrime Data breaches Malware Ransomware 251

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. Pierluigi Paganini.

Hacking 118

Hacking Passwords Accountability Cybercrime 118

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. Threat actors have been using Attor since 2013, the malicious code remained under the radar until last year.

Malware 104

Malware Encryption Advertising Mobile 104

Security Affairs

FEBRUARY 11, 2021

Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. The malware can download content from FTP shares and run arbitrary commands as root.

Spyware 142

Spyware Surveillance Malware Mobile 142

SecureWorld News

MARCH 24, 2022

One of the first hacks to ever get widespread public attention occurred on the night of April 27, 1986. RELATED: Original HBO Hack ]. To some, the ability to hack a satellite broadcast was unsettling. Yahoo data breach (2013). Target data breach (2013). How could someone do that , the world asked? Damages: $18.5

Data breaches 128

Data breaches Passwords Accountability Government 128

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. now has 687 records assembled from publicly disclosed incidents between November 2013 and August 2020.” SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 143

Ransomware Advertising Data collection Healthcare 143

The Last Watchdog

JUNE 20, 2018

Bilogorskiy: Before 2013 a lot of malware was focused on spam, DDoS and monetizing through malicious advertising and ad fraud. But in 2013 we saw the first crypto-ransomware, called CryptoLocker , that started a transition to monetization through crypto ransomware. That’s the threat known as cryptojacking.

Cryptocurrency 176

Cryptocurrency Ransomware Passwords Malware 176

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. The malware allows operators to retrieve phone identifiers and steal contacts, SMS messages, photos, and even location data. SecurityAffairs – hacking, Goontact). ” conclude the experts. .

Spyware 142

Spyware Mobile Surveillance Malware 142

Security Affairs

APRIL 18, 2021

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. SecurityAffairs – hacking, FIN7). Pierluigi Paganini.

System Administration 135

System Administration Penetration Testing Malware Hacking 135