Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. In 2013, U.S. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware 257

Malware Passwords Accountability Advertising 257

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. If the recipient then opens this file, the ANONVNC malware, tracked as MESHAGENT, is executed. msi”), which, when opened, triggers the ANONVNC (MESHAGENT) malware.

Government 140

Government Phishing Malware Banking 140

Security Affairs

OCTOBER 3, 2019

“For three years, Unit 42 has tracked a set of cyber espionage attack campaigns across Asia, which used a mix of publicly available and custom malware. The China-linked APT group has been active for at least six years, it used both custom-made and publicly available malware. Hackers targeted primarily the Uyghurs minority.

Malware 109

Malware Advertising Cybersecurity Hacking 109

Security Affairs

MAY 28, 2020

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. ” Back in 2013, the security researchers at FireEye spotted a group of China-Linked hackers that conducted an espionage campaign on foreign affairs ministries in Europe.

Hacking 106

Hacking Malware Advertising Government 106

Security Affairs

OCTOBER 1, 2024

. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a cyberattack by the North Korean hacking group Kimsuky targeting Diehl Defence.” By clicking on a malicious PDF, victims would unknowingly download malware, allowing the hackers to spy on their systems.” ” reported Der Spiegel.

Manufacturing 136

Manufacturing Hacking Cyber Attacks Malware 136

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. ” Pierluigi Paganini.

Hacking 141

Hacking Malware Cybercrime Information Security 141

Security Affairs

AUGUST 21, 2024

During the recent campaign, the threat actor distributed a variant of the open-source XenoRAT malware, dubbed ‘MoonPeak,’ which is a remote access trojan (RAT) actively developed by the group. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MoonPeak malware)

Malware 136

Malware Phishing Hacking Information Security 136

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising 291

Advertising Cybercrime System Administration Hacking 291

Security Affairs

DECEMBER 13, 2020

Palo Alto Networks Unit42 researchers believe that PGMiner can potentially be disruptive due to the popularity of the PostgreSQL, they warn that with additional effort, the malware could target all major operating systems. SecurityAffairs – hacking, PGminer). ” reads the analysis published by Palo Alto Networks Unit42.

Hacking 145

Hacking Cryptocurrency Authentication Passwords 145

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 136

Malware Advertising Spyware Government 136

Security Affairs

APRIL 27, 2023

Iran-linked APT group Charming Kitten employed a new malware dubbed BellaCiao in attacks against victims in the U.S., The Charming Kitten used a new custom malware, dubbed BellaCiao, that is tailored to suit individual targets and is very sophisticated. Europe, the Middle East and India. Israel, Iraq, and Saudi Arabia.

Malware 98

Malware DNS Media Architecture 98

SecureList

OCTOBER 6, 2022

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale (PoS) and ATM malware activity, as certain regions saw malicious transactions drop significantly. Perpetrators continue to spread already-existing, widely used malware to attack PoS terminals and ATMs.

Malware 128

Malware Banking Software Cybercrime 128

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. SecurityAffairs – APT, hacking). Pierluigi Paganini.

Malware 109

Malware Banking Advertising Encryption 109

Security Affairs

SEPTEMBER 2, 2024

A second round of puzzles began one year later on January 4, 2013, and then a third round following the confirmation of a fresh clue posted on Twitter on January 4, 2014. Truesec researchers dissected a variant that targets VMware ESXi systems, which appears to be a version of the same malware for Windows.

Ransomware 138

Ransomware Encryption Malware Cybercrime 138

SecureWorld News

MARCH 24, 2022

One of the first hacks to ever get widespread public attention occurred on the night of April 27, 1986. RELATED: Original HBO Hack ]. To some, the ability to hack a satellite broadcast was unsettling. Yahoo data breach (2013). Target data breach (2013). How could someone do that , the world asked? Damages: $18.5

Data breaches 117

Data breaches Passwords Accountability Government 117

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking 138

Hacking Advertising Software Information Security 138

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking 110

Hacking Spyware Telecommunications Advertising 110

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. ” These web-based backdoors offer attackers an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser.

Hacking 186

Hacking Passwords Internet Internet 186

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. Pierluigi Paganini.

Hacking 122

Hacking Passwords Accountability Cybercrime 122

SiteLock

AUGUST 27, 2021

Want to infect computers with data-stealing malware? Looking to hack into someone else’s website or steal their data? A date of birth costs just $11. That will cost you around $20 for 1,000 computers and $250 to infect 15,000 computers. Need someone to develop a Trojan to plant on those infected computers?

Data breaches 40

Data breaches Banking Identity Theft Accountability 40

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 272

DNS Penetration Testing Malware Hacking 272

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. “We have seen this module implemented in two different languages: C# and VBScript” The arsenal of the group includes also multiple malware, most of them downloaders and backdoors. Pierluigi Paganini.

Malware 143

Malware Phishing Advertising Government 143

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. ” continues Microsoft.

Authentication 145

Authentication Malware Advertising Hacking 145

Krebs on Security

JANUARY 8, 2024

From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a In December 2023, KrebsOnSecurity published new details about the identity of “Rescator,” a Russian cybercriminal who is thought to be closely connected to the 2013 data breach at Target.

Cybercrime 231

Cybercrime Banking Computers and Electronics DDOS 231

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 234

Advertising Software Computers and Electronics Internet 234

Security Affairs

JUNE 30, 2024

Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems of the Company. wrote the company.

Accountability 142

Accountability Hacking Architecture Malware 142

WIRED Threat Level

OCTOBER 17, 2018

Security researchers have discovered a new instance code associated with APT1, a notorious Chinese hacking group that disappeared in 2013.

Malware 63

Malware Hacking 63

CyberSecurity Insiders

MARCH 2, 2022

Dubbed as Bvp47 and linked to Equation Group-an NSA funded threat actor was first detected by anti-virus firm Virus Total in 2013. In the year 2013, Edward Snowden, a former employee of NSA, revealed some startling facts about the activities taking place inside the agency in the name of National Integrity.

Education 84

Education Malware Engineering Internet 84

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 d26m CVE-2013-5223 D-Link DSL-2760U Gateway CVE-2020-8958 Guangzhou 1GE ONU V2801RW 1.9.1-181203 “To deliver its exploit, the malware first queries the target with a simple “GET” request. A2pvI042j1.d26m

IoT 142

IoT Firmware Malware Wireless 142

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT.

Malware 98

Malware Phishing VPN Accountability 98

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. Threat actors have been using Attor since 2013, the malicious code remained under the radar until last year.

Malware 104

Malware Encryption Advertising Mobile 104

Security Affairs

DECEMBER 25, 2023

Microsoft says the APT33 (aka Peach Sandstorm , Holmium , Elfin , and Magic Hound ) Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack against organizations in the Defense Industrial Base (DIB) sector. ” reads the report published by Microsoft. . South Korea, and Europe.

Passwords 144

Passwords Accountability Authentication Malware 144

Security Affairs

APRIL 18, 2021

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. SecurityAffairs – hacking, FIN7). Pierluigi Paganini.

System Administration 139

System Administration Penetration Testing Malware Hacking 139

Security Affairs

MAY 19, 2024

The malware is a version of the GoBear backdoor which was delivered in a recent campaign by Kimsuky via Trojanized software installation packages. Kimsuky cyberespionage group (aka Springtail, ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013.

Software 141

Software Malware Government Banking 141

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Guerrero-Saade discovered that the SIG37 campaign references hacking activities dated back as far as 2008 that was carried out by an unknown threat actor, the expert tracked it as Nazar.

Hacking 139

Hacking Advertising Malware Engineering 139

Security Affairs

FEBRUARY 11, 2021

Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. The malware can download content from FTP shares and run arbitrary commands as root.

Spyware 144

Spyware Surveillance Malware Mobile 144

Security Affairs

FEBRUARY 23, 2022

The Bvp47 backdoor was first discovered in 2013 while conducting a forensic investigation into a security breach suffered by a Chinese government organization. In 2016 and 2017, the hacking group The Shadow Brokers l eaked a bunch of data allegedly stolen from the Equation Group, including many hacking tools and exploits.

Encryption 130

Encryption Hacking Government Engineering 130