Remove 2014 Remove Antivirus Remove DNS
article thumbnail

Linksys force password reset to prevent Router hijacking

Security Affairs

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords 145
article thumbnail

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. The registration records for the website Cryptor[.]biz ” Crypt[.]guru’s

Malware 251
article thumbnail

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

The malicious code is used by the hackers to deliver a Moner (XMR) crypto miner that is not detected by almost any antivirus solution. “the actor moved away from hosting the scripts on dedicated servers and instead started to use Domain Name System (DNS) text records. . Pierluigi Paganini.

article thumbnail

Security Affairs newsletter Round 210 – News of the week

Security Affairs

Analyzing OilRigs malware that uses DNS Tunneling. Avast, Avira, Sophos and other antivirus solutions show problems after. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Pierluigi Paganini.

article thumbnail

Security Affairs newsletter Round 221 – News of the week

Security Affairs

Firefox finally addressed the Antivirus software TLS Errors. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Bangladesh Cyber Heist 2.0:

Scams 77
article thumbnail

FIN7 Hackers group is back with a new loader and a new RAT

Security Affairs

FIN7 has been observed making small changes to this malware family using multiple methods to avoid traditional antivirus detection, including a BOOSTWRITE sample where the dropper was signed by a valid Certificate Authority. The messages sent to the victims were also dropping the backdoor DNSbot that primarily operates over DNS traffic.