Security Affairs

MAY 17, 2019

The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel. “In autumn 2016, TeamViewer was target of a cyber-attack.

Advertising 111

Advertising Architecture Software Cyber Attacks 111

Security Affairs

SEPTEMBER 15, 2023

The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrute malware. The NLBrute malware allows operators to compromise protected computers by decrypting login credentials. The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords.

Malware 127

Malware Marketing Passwords Hacking 127

The Last Watchdog

MAY 15, 2023

Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats. These include ransomware targeting backend servers, distributed denial of service (DDoS) attacks, destructive malware, and even weaponizing charging stations to deploy malware.

Malware 230

Malware Manufacturing IoT Software 230

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking 108

Banking Malware Antivirus Phishing 108

Security Affairs

MAY 26, 2023

Experts detailed a new piece of malware, named CosmicEnergy, that is linked to Russia and targets industrial control systems (ICS). Researchers from Mandiant discovered a new malware, named CosmicEnergy, designed to target operational technology (OT) / industrial control system (ICS) systems. ” concludes the report.

Malware 98

Malware Hacking Technology Cybersecurity 98

Security Affairs

OCTOBER 16, 2021

The operators behind the infamous TrickBot (ITG23 and Wizard Spider) malware have resurfaced with new distribution channels to deliver malicious payloads, such as Conti ransomware. “As of mid-2021, X-Force observed ITG23 partner with two additional malware distribution affiliates — Hive0106 (aka TA551) and Hive0107. .

Malware 135

Malware Cybercrime DDOS Social Engineering 135

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 135

Malware Advertising Spyware Government 135

Security Affairs

MARCH 12, 2020

Cybercriminals continue to exploit the fear in the coronavirus outbreak to spread malware and steal sensitive data from victims. Experts from cybersecurity Reason reported cybercrimnals are using new coronavirus -themed attacks to deliver malware. To make sure the malware can persist and keep operating, it uses the “Task Scheduler”.”

Malware 145

Malware Advertising Passwords Cryptocurrency 145

Security Affairs

DECEMBER 30, 2022

A new Linux malware has been exploiting 30 vulnerabilities in outdated WordPress plugins and themes to deploy malicious JavaScripts. Doctor Web researchers discovered a Linux malware, tracked as Linux.BackDoor.WordPressExploit.1, Newspaper Theme on WordPress Access Control (vulnerability CVE-2016-10972). Google Code Inserter.

Malware 98

Malware Hacking Accountability Phishing 98

Security Affairs

JUNE 5, 2021

The US Department of Justice (DOJ) announced the arrest of a Latvian woman for her alleged role in the development of the Trickbot malware. The US Department of Justice (DOJ) announced the arrest of Alla Witte (aka Max), a Latvian woman that was charged for her alleged role in the development of the Trickbot malware.

Malware 133

Malware Banking Ransomware Encryption 133

Security Affairs

FEBRUARY 23, 2023

Dariy Pankov, a Russian VXer behind the NLBrute malware, has been extradited to the United States from Georgia. The Russian national Dariy Pankov, aka dpxaker, is suspected to be the author of the NLBrute malware. The malware allows operators of compromising protected computers by decrypting login credentials.

Malware 98

Malware Marketing Passwords Hacking 98

Security Affairs

AUGUST 13, 2020

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group.

Malware 144

Malware Advertising IoT Government 144

Security Affairs

AUGUST 21, 2022

The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware 100

Malware Spyware Phishing Government 100

Security Affairs

JUNE 30, 2024

.” In May 2019, the German newspaper Der Spiegel revealed that the German software company behind TeamViewer was compromised in 2016 by Chinese hackers. According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems of the Company. said company spokesman. “Out

Accountability 142

Accountability Hacking Architecture Malware 142

Security Affairs

SEPTEMBER 21, 2019

Oh yes, the research and its activity is still active as usual, yet now we’re happy that we don’t need to make much voice anymore, the security awareness are blooming.not like we had before in 2012, I am still hanging out with our friends and we’re still on to dissecting malware. Windows related malware posts.

Malware 105

Malware Advertising Security Awareness Media 105

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. ” concludes the report.

Malware 124

Malware Phishing Government Data collection 124

Security Affairs

MARCH 26, 2020

Crooks behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites. behind the WordPress WP-VCD malware are distributing pirated versions of the Coronavirus plugins that inject a backdoor into websites. ” concludes Bleeping Computer. Pierluigi Paganini.

Malware 143

Malware Advertising Information Security Hacking 143

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Pierluigi Paganini.

Malware 145

Malware DDOS IoT Cybercrime 145

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI urges operators running vulnerable instances to install available security updates and configure them securely. ” reads the alert published by the BSI.

Information Security 140

Information Security Internet Internet Healthcare 140

SecureList

APRIL 24, 2023

It is worth noting that while we identified a few targets in other locations, all of them appear to be foreign diplomatic entities of the colored countries: Tomiris’s polyglot toolset Tomiris uses a wide variety of malware implants developed at a rapid pace and in all programming languages imaginable.

Malware 108

Malware DNS Government Software 108

Security Affairs

OCTOBER 18, 2020

Multiple members of QQAAZZ multinational cybercriminal gang were charged for providing money-laundering services to high-profile malware operations. According to law enforcement bodies, the gang provides services to multiple malware operations, including Dridex , GozNym , and Trickbot. Pierluigi Paganini.

Malware 142

Malware Banking Cryptocurrency Cybercrime 142

Krebs on Security

JUNE 22, 2022

The user “RSOCKS” on the Russian crime forum Verified changed his name to RSOCKS from a previous handle: “ Stanx ,” whose very first sales thread on Verified in 2016 quickly ran afoul of the forum’s rules and prompted a public chastisement by the forum’s administrator. ” the post enthuses.

Advertising 291

Advertising Cybercrime System Administration Hacking 291

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. ” reads the analysis published by ESET.

Malware 110

Malware Software Cryptocurrency Financial Services 110

Security Affairs

AUGUST 1, 2020

A 30-year-old Moldovan man pleaded guilty this week for creating the FastPOS malware that infected PoS systems worldwide. The Moldovan citizen Valerian Chiochiu (30), aka Onassis, pleaded guilty on Friday for creating the infamous FastPOS Point-of-Sale (POS) malware. and infraud.ws. Pierluigi Paganini.

Malware 116

Malware Advertising Cybercrime Hacking 116

Security Affairs

NOVEMBER 25, 2019

Malware Hunter – One year after its launch, Marco Ramilli shared the results of its project that has analyzed more than 1 Million malware samples. Malware Hunter is a python powered project driven by three main components: collectors, processors and public API. Malware Analyses Distribution. How it works.

Malware 140

Malware Penetration Testing Banking Advertising 140

Security Affairs

JULY 15, 2020

Security researchers discovered another malware family delivered through tax software that some businesses operating in China are required to install. Security researchers at Trustwave have discovered another malware family delivered through tax software that Chinese banks require companies operating in the country to install.

Software 126

Software Malware Banking Advertising 126

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Security Affairs

SEPTEMBER 16, 2019

A new Android malware has appeared in the threat landscape, tracked as MobiHok RAT, it borrows the code from the old SpyNote RAT. SecurityAffairs – MobiHok RAT, malware). The post MobiHok RAT, a new Android malware based on old SpyNote RAT appeared first on Security Affairs. ” continues the report.

Malware 111

Malware Advertising Marketing Hacking 111

Security Affairs

JULY 23, 2020

North Korea-linked Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA, to target entities worldwide. The MATA malware framework could target Windows, Linux, and macOS operating systems. The malware framework implements a wide range of features that allow attackers to fully control the infected systems.

Malware 124

Malware Ransomware Advertising Encryption 124

Security Affairs

SEPTEMBER 26, 2019

A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups.

Malware 104

Malware Hacking Advertising Ransomware 104

Security Affairs

MAY 3, 2024

The Moobot botnet has been active since at least 2016, it also includes other routers and virtual private servers (VPS). This second botnet exhibits greater discretion and improved operational security, as the associated malware operates exclusively in memory, leaving no malicious files on the disk. ” concludes the report.

Phishing 127

Phishing Cryptocurrency Internet Internet 127

Krebs on Security

JANUARY 24, 2023

Denis Emelyantsev , a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime 244

Cybercrime Advertising IoT Malware 244

Security Affairs

MAY 14, 2019

The popular expert Marco Ramilli provided a follow up to its Malware classification activity by adding a scripting section which would be useful for several purposes. On 2016 I was working hard to find a way to classify Malware families through artificial intelligence (machine learning). Pierluigi Paganini.

Malware 103

Malware Artificial Intelligence Computers and Electronics Penetration Testing 103

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. ” continues Microsoft.

Authentication 145

Authentication Malware Advertising Hacking 145

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2016-6277 NETGEAR R6250 before 1.0.4.6.Beta, build 001 CVE-2020-9377 D-Link DIR-610 CVE-2016-11021 D-Link DCS-930L devices before 2.12 Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 Beta, R6400 before 1.0.1.18.Beta,

IoT 141

IoT Firmware Malware Wireless 141

Security Affairs

APRIL 17, 2024

Cerber has been active since at least 2016, most recently it was involved in attacks against Confluence servers. The malware includes three heavily obfuscated C++ payloads compiled as 64-bit Executable and Linkable Format (ELF) files and packed with UPX. 112 to download and unpack further payloads.

Ransomware 145

Ransomware Encryption Malware Accountability 145

Security Affairs

SEPTEMBER 6, 2021

Following the takedown, the operators behind the TrickBot malware have implemented several improvements to make it more resilient. TrickBot is a popular banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features. ” Mr.

Malware 145

Malware Banking Hacking Government 145