2014, Malware and Security Intelligence

Anubis, a new info-stealing malware spreads in the wild

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Cybercrime

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

APRIL 18, 2020

TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. Based on Office 365 ATP data, Trickbot is the most prolific malware operation using COVID-19 themed lures. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Security Intelligence Phishing

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Security Affairs

MAY 4, 2020

Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Pierluigi Paganini. SecurityAffairs – COVID-19, malspam).

Small Business

Small Business Malware Manufacturing Security Intelligence

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs

APRIL 30, 2020

Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic. Crooks are attempting to take advantage of COVID-19 pandemic spreading malware via pirate streaming services and movie piracy sites during the COVID-19 outbreak, Microsoft warns. Pierluigi Paganini.

Malware

Malware Security Intelligence Adware Social Engineering

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware

Malware Security Intelligence Banking Phishing

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS

DNS Penetration Testing Malware Hacking

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware

Malware Passwords Advertising Ransomware

Chinese Cyber Threat to Indian Defense and Telecom Sector

CyberSecurity Insiders

JUNE 18, 2021

Recorded Future that offers Enterprise Security Intelligence to American companies has revealed that there has been a persistent cyber threat to Indian Defense and Telecom sector from Chinese Military Intelligence since 2014.

Cyber threats

Cyber threats Security Intelligence Malware Media

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities.

Government

Government Banking Advertising Malware

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Pierluigi Paganini.

Ransomware

Ransomware Security Intelligence Encryption Advertising

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. macros in malware campaigns.

Security Intelligence

Security Intelligence Advertising Phishing Malware

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. The final payload is the remote access Trojan FlawedAmmyy,” reads a Tweet published by Microsoft Security Intelligence. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Malware Banking

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

— Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. We strongly recommend customers to immediately apply security updates for CVE-2020-1472. Don’t waste time, patch your system now! Pierluigi Paganini.

Security Intelligence

Security Intelligence Authentication Advertising Passwords

Corona Mirai botnet spreads via AVTECH CCTV zero-day

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. The bot also targets AVTECH issues , a Hadoop YARN RCE , and CVE-2014-8361.

Firmware

Firmware Malware Security Intelligence Authentication

Crooks continues to use COVID-19 lures, Microsoft warns

Security Affairs

MAY 13, 2020

trillion signals we process daily through the Microsoft Intelligent Security Graph.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – COVID-19, hacking).

Phishing

Phishing Advertising Security Intelligence Banking

Emotet botnet surges back after months of absence

Security Affairs

JULY 18, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Malware researchers Joseph Roosen confirmed that limited activity associate with the botnet was observed earlier this week, botnet operators were using weaponized documents employing old URLs. TNW and Be safe!

Advertising

Advertising Malware Banking Security Intelligence

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

Microsoft Defender ATP Research Team discovered a fileless malware campaign that was spreading the information stealing Astaroth Trojan. Experts at the Microsoft Defender ATP Research Team discovered a fileless malware campaign that is delivering the information stealing Astaroth Trojan. Pierluigi Paganini.

Antivirus

Antivirus Malware Advertising Security Intelligence

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Security Affairs

JUNE 10, 2019

Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, just opening the RTF documents. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019.

Security Intelligence

Security Intelligence Advertising Malware Information Security

Coronavirus-themed attacks May 17 ? May 23, 2020

Security Affairs

MAY 24, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Security Intelligence Hacking Information Security

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) released June 21, 2014). and earlier. and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Malware

Malware Banking Advertising Financial Services

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Security Affairs

JUNE 16, 2019

The popular expert Larry Cashdollar, from Akamai’s Security Intelligence Response Team (SIRT), spotted a new version of the Echobot botnet that counts 26 different exploits. ” Botnet operators continue to implement new methods to make their malware more aggressive and to infect the larger number of systems as possible. .”

IoT

IoT Advertising Malware Wireless

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020.

Cryptocurrency

Cryptocurrency Antivirus Government Manufacturing

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.” ” Noble added.

Small Business

Small Business Malware Cryptocurrency Advertising

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft 365 Defender customers can also refer to these detections: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 5, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cyber Attacks

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020.

Hacking

Hacking Security Intelligence Advertising Accountability

The number of exploits in the Echobot botnet reached 59

Security Affairs

AUGUST 7, 2019

At the time of its discovery, operators added 8 new exploits, but a few weeks later the popular expert Larry Cashdollar from Akamai’s Security Intelligence Response Team (SIRT) discovered a variant that included a total of 26 exploits. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless IoT Advertising Surveillance

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. ” A new wave of attacks could exploit the vulnerability to spread more dangerous and destructive malware, like ransomware or spyware. . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Penetration Testing Advertising Spyware

Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras

Penetration Testing

AUGUST 28, 2024

Akamai’s Security Intelligence Response Team (SIRT) has discovered a widespread Mirai botnet campaign exploiting a recently disclosed zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras.

Security Intelligence

Security Intelligence Cybersecurity Malware

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Security Affairs

OCTOBER 30, 2020

He’s a contributing editor to IBM’s Security Intelligence, Tripwire’s The State of Security Blog, and a contributing writer to Bora. He also regularly produces written content for Zix and a number of other companies in the digital security space.

Advertising

Advertising Internet Internet VPN

Customized Threat Intelligence Engine

NopSec

MARCH 1, 2017

Unified VRM Analytics leverages vulnerability data from across all the modules (Internal, External and Web) the user has subscribed to and correlates that vulnerability information with external and internal threat feeds to provide the user actionable security intelligence.

Engineering

Engineering Risk Malware Security Intelligence

Six Effective Ransomware Risk Reduction Strategies

NopSec

SEPTEMBER 12, 2016

Businesses, governments, and consumers alike need to be aware of ransomware – a type of malware that can inflict serious damage on your finances and productivity in a very short span of time. Today, we explain this category of malware: how it works, the risks it poses to your organization, and strategies for preventing an attack.

Ransomware

Ransomware Risk Social Engineering Penetration Testing

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking

Banking Malware Security Intelligence Advertising

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Security Affairs

MAY 5, 2020

Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000. With this release, Recorded Future is the only intelligence company to openly offer access to its data. Verdict IOCs In 1 View: Enhance Malware Analysis.

Security Intelligence

Security Intelligence Risk Advertising Malware

Cyber Security Informer

Anubis, a new info-stealing malware spreads in the wild

Trickbot is the most prolific malware operation using COVID-19 themed lures

Trending Sources

Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files

Crooks spread malware via pirated movies during COVID-19 outbreak

Microsoft warns TA505 changed tactic in an ongoing malware campaign

French Firms Rocked by Kasbah Hacker?

Purple Lambert, a new malware of CIA-linked Lambert APT group

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Chinese Cyber Threat to Indian Defense and Telecom Sector

CISA alert warns of Emotet attacks on US govt entities

Microsoft warns about ongoing PonyFinal ransomware attacks

Microsoft warns of “massive campaign” using COVID-19 themed emails

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Hackers are using Zerologon exploits in attacks in the wild

Corona Mirai botnet spreads via AVTECH CCTV zero-day

Crooks continues to use COVID-19 lures, Microsoft warns

Emotet botnet surges back after months of absence

A new Astaroth Trojan Campaign uncovered by Microsoft

Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Coronavirus-themed attacks May 17 ? May 23, 2020

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Microsoft partnered with other security firms to takedown TrickBot botnet

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Iran-linked APT is exploiting the Zerologon flaw in attacks

Iran-linked Phosphorous APT hacked emails of security conference attendees

The number of exploits in the Echobot botnet reached 59

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras

5 Components of the Kubernetes Control Plane that Demand Special Attention in Your Security Strategy

Customized Threat Intelligence Engine

Six Effective Ransomware Risk Reduction Strategies

Emotet operators are running Halloween-themed campaigns

Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension

Stay Connected