Remove 2015 Remove Antivirus Remove DNS
article thumbnail

Linksys force password reset to prevent Router hijacking

Security Affairs

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords 145
article thumbnail

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam and AntiVirus cloud services. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

“FudCo” Spam Empire Tied to Pakistani Software Firm

Krebs on Security

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters. Image: Facebook.

Software 276
article thumbnail

Chinese-speaking cybercrime gang Rocke changes tactics

Security Affairs

The malicious code is used by the hackers to deliver a Moner (XMR) crypto miner that is not detected by almost any antivirus solution. “the actor moved away from hosting the scripts on dedicated servers and instead started to use Domain Name System (DNS) text records. . Pierluigi Paganini.

article thumbnail

Security Affairs newsletter Round 210 – News of the week

Security Affairs

Analyzing OilRigs malware that uses DNS Tunneling. Avast, Avira, Sophos and other antivirus solutions show problems after. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. European Commission is not in possession of evidence of issues with Kaspersky products.

article thumbnail

FIN7 Hackers group is back with a new loader and a new RAT

Security Affairs

The group that has been active since late 2015 targeted businesses worldwide to steal payment card information. FIN7 has been observed making small changes to this malware family using multiple methods to avoid traditional antivirus detection, including a BOOSTWRITE sample where the dropper was signed by a valid Certificate Authority.

article thumbnail

Apple removed the popular app Adware Doctor because steals user browsing history

Security Affairs

Patrick Wardle by redirecting DNS resolution was able to capture the exfiltrated data: The history.zip file is exfiltrated to a remote to dscan.yelabapp.com that is hosted on Amazon AWS servers, but the analysis of the DNS entries confirms that it is administered by an entity in China. Antivirus”, and ‘Dr.

Adware 75