Security Affairs

MAY 13, 2019

Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. Yoroi Cyber Security Annual Report 2018 analyzes the evolution of the threat landscape observed between January 2018 and December 2018.

Malware 108

Malware Advertising DNS Surveillance 108

Krebs on Security

JANUARY 22, 2019

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid. 13, 2018 bomb threat hoax. based domain name registrar and hosting provider.

DNS 244

DNS Internet Internet Computers and Electronics 244

Security Affairs

JULY 4, 2019

The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS ( DoH ). The DoH protocol was a new standard proposed in October 2018 and it is currently supported by several publicly available DNS servers. com domain. ” states the analysis. ” states the analysis.

DNS 107

DNS Malware Advertising DDOS 107

Security Affairs

MARCH 10, 2020

Who is hacking the hackers? Experts from Cybereason a mysterious hackers group is targeting other hackers by spreading tainted hacking tools. Experts from security firm Cybereason warn of a mysterious group of hackers that are distributing trojanized hacking tools on an almost daily basis for the past years.

Hacking 145

Hacking Malware Advertising DNS 145

Troy Hunt

JANUARY 10, 2018

Which brings us back to Aadhaar and some rather unpleasant headlines of late, particularly the likes of The World's Largest Biometric ID System Keeps Getting Hacked. They claim that they're hack-proof. agarwal_mohit) January 5, 2018. Sooner or later, big repositories of data will be abused. Can you prove otherwise?

Hacking 278

Hacking Government Encryption Risk 278

Krebs on Security

MARCH 31, 2020

PT Monday evening, Escrow.com’s website looked radically different: Its homepage was replaced with a crude message in plain text: The profanity-laced message left behind by whoever briefly hijacked the DNS records for escrow.com. Running a reverse DNS lookup on this 111.90.149[.]49 Image: Escrow.com.

Phishing 293

Phishing DNS Social Engineering Accountability 293

Security Affairs

AUGUST 9, 2018

The Internet Systems Consortium (ISC) announced the presence of a serious flaw in the BIND DNS software that can be exploited by remote attackers to cause a denial-of-service (DoS) condition. The vulnerability tracked as CVE-2018-5740 was discovered by Tony Finch of the University of Cambridge. Pierluigi Paganini.

DNS 71

DNS Software Advertising Internet 71

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. com , an Arabic-language computer hacking forum. But he denied ever participating in illegal hacking activities.

DNS 272

DNS Penetration Testing Malware Hacking 272

Adam Levin

JULY 8, 2020

Hackers were also quick to pounce on the disruption caused by the 2018 shutdown of the U.S. ” Hacking campaigns exploiting poor domain name security can be more subtle. That spells trouble if you’re the one that gets hacked. federal government to hijack and tamper with government domain name entries.

Hacking 130

Hacking Retail Cyber Insurance Authentication 130

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Communication with C&C servers is based on DNS requests and it uses a special mechanism translating DNS results to a real IP address. SecurityAffairs – hacking, botnet).

DNS 145

DNS Internet Internet Malware 145

Security Affairs

NOVEMBER 26, 2019

The flaw discovered by SEC Consult Vulnerability Lab researchers has been tracked as CVE-2018-9195, the experts also published a proof-of-concept (PoC) code to trigger it. “ Fortinet products, including FortiGate and Forticlient regularly send information to Fortinet servers (DNS: guard.fortinet.com) on. Pierluigi Paganini.

Encryption 141

Encryption Antivirus DNS Advertising 141

Krebs on Security

DECEMBER 20, 2018

In a complaint unsealed today, the Justice Department said that although FBI agents identified at least 60 different booter services operating between June and December 2018, they discovered not all were fully operational and capable of launching attacks. That way, when the DNS servers respond, they reply to the spoofed (target) address.

DNS 200

DNS Computers and Electronics Government Internet 200

Security Affairs

OCTOBER 29, 2020

In early 2019, researchers spotted a new TrickBot backdoor framework dubbed Anchor that was using the anchor_dns tool for abusing the DNS protocol for C2 communications. Ryuk first appeared in the threat landscape in August 2018 as a derivative of the Hermes 2.1 SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Healthcare 145

Healthcare Ransomware Cybercrime Advertising 145

Krebs on Security

SEPTEMBER 26, 2024

ru , which periodically published hacking tools and exploits for software vulnerabilities. By 2004, v1pee had adopted the moniker “ Vega ” on the exclusive Russian language hacking forum Mazafaka , where this user became one of the more reliable vendors of stolen payment cards.

Cryptocurrency 244

Cryptocurrency Cybercrime Retail Government 244

Security Affairs

APRIL 8, 2019

Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. Attackers used a new method of phishing with malicious mobile configurations along with previously observed DNS manipulation technique. SecurityAffairs – Roaming Mantis, hacking). Pierluigi Paganini.

DNS 110

DNS Mobile Phishing Malware 110

Security Affairs

MAY 2, 2021

SecurityAffairs – hacking, Mac OS zero-day). Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Password Management 86

Password Management DNS Ransomware Malware 86

Security Affairs

JUNE 27, 2021

Crackonosh has been active since at least June 2018, upon executing an illegal or cracked copy of legitimate software, the malicious code drops an installer and a script that modifies the Windows registry to allow the main malware executable to run in Safe mode. SecurityAffairs – hacking, Crackonosh). Pierluigi Paganini.

Antivirus 144

Antivirus Cryptocurrency Malware Software 144

Security Affairs

JUNE 4, 2020

.” According to the Japanese security expert Masafumi Negishi, threat actors modified the primary DNS entry for the coincheck.com domain. ???????????? Coincheck uses Amazon’s managed DNS service, the attackers first registered a fake domain to the AWS server and replaced the legitimate awsdns-61.org NS ????????????

Accountability 126

Accountability Phishing DNS Cryptocurrency 126

Security Affairs

MARCH 21, 2022

Then the backdoor contacts the command-and-control (C2) server to downloads and executes other malicious payloads, including the TunnelMole, malware that abuses the DNS protocol to establish a tunnel for malicious purposes, and RC2FM and RC2CL. SecurityAffairs – hacking, InvisiMole). ” reads the advisory published by CERT-UA.

Spyware 98

Spyware DNS Phishing Government 98

Security Affairs

MARCH 17, 2022

The attack chain against the routers starts with brute-force attacks or by exploiting the CVE-2018-14847 flaw that allows reading a file that contains passwords. SecurityAffairs – hacking, RouterOS Scanner). Microsoft has analyzed how the malware compromised MikroTik routers and developed a tool to detect signs of compromise.

Malware 132

Malware DNS Passwords Ransomware 132

Security Affairs

MARCH 22, 2019

The financially-motivated hacking group FIN7 is back and used a new piece of malware in a recent hacking campaign. Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak ) used new malware in a recent hacking campaign. ” continues the analysis.

Malware 109

Malware Identity Theft Cybercrime Hacking 109

Krebs on Security

JUNE 21, 2023

guru’s registration records also are hidden, yet passive domain name system (DNS) records for both cryptor[.]biz guru show that in 2018 the domains were forwarding incoming email to the address obelisk57@gmail.com. has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day.

Malware 237

Malware Antivirus Cybercrime Hacking 237

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. Experts also observed attackers using a DNS downloader that was designed for long-term, covert access to the target machine.

DNS 123

DNS Advertising Spyware Software 123

Security Affairs

SEPTEMBER 14, 2018

“In August 2018, Unit 42 observed OilRig targeting a government organization using spear-phishing emails to deliver an updated version of a Trojan known as BONDUPDATER. As expected, OilRig is continuing their onslaught of attacks well into 2018 with continued targeting in the Middle East. Pierluigi Paganini.

DNS 103

DNS Phishing Government Malware 103

Security Affairs

AUGUST 19, 2018

million) in just in 2 days. · CVE-2018-14023 – Recovering expired messages from Signal. · Linux Kernel Project rolled out security updates to fix two DoS vulnerabilities. · 2.6 billion records exposed in 2,308 disclosed data breaches in H1. · Marap modular downloader opens the doors to further attacks.

Data breaches 70

Data breaches DNS Advertising Hacking 70

Security Affairs

DECEMBER 16, 2018

Expert devised a new WiFi hack that works on WPA/WPA2. Hackers defaced Linux.org with DNS hijack. New threat actor SandCat exploited recently patched CVE-2018-8611 0day. French foreign ministry announced its Travel Alert Registry Hack. Which are the worst passwords for 2018? WordPress version 5.0.1

DNS 79

DNS Advertising DDOS Government 79

Security Affairs

MAY 2, 2019

Indeed we might observe a File-based command and control (a quite unusual solution) structure, a VBS launcher, a PowerShell Payload and a covert channel over DNS engine. According to Duo, “ OilRig delivered Trojans that use DNS tunneling for command and control in attacks since at least May 2016. It is not a TXT request.

DNS 111

DNS Computers and Electronics Penetration Testing Government 111

Security Affairs

FEBRUARY 14, 2021

The administrators always claimed the exclusivity of their offer that is based on “self-hacked bases.”. The sized sites were at jstash.bazar, jstash.lib, jstash.emc, and jstash.coin, which are all those accessible via blockchain DNS. SecurityAffairs – hacking, Joker’s Stash). ” continues Elliptic. Pierluigi Paganini.

Cybercrime 115

Cybercrime Backups Hacking DNS 115

Security Affairs

NOVEMBER 9, 2020

Experts attribute the attack to a known threat actor tracked as xHunt , aka Hive0081, which was first discovered in 2018. “The Snugy backdoor uses a DNS tunneling channel to run commands on the compromised server. SecurityAffairs – hacking, Microsoft Exchange). ” reads the analysis published by the experts.

DNS 133

DNS Accountability Government Cyber Attacks 133

Security Affairs

DECEMBER 11, 2018

The Novidade exploit kit leverages cross-site request forgery (CSRF) to change the Domain Name System (DNS) settings of SOHO routers and redirect traffic from the connected devices to the IP address under the control of the attackers. Security Affairs – Novidade exploit kit, hacking). ” continues the analysis.

DNS 111

DNS Advertising Firmware Banking 111

Security Affairs

OCTOBER 15, 2019

The cybercrime organization was first spotted in April 2018 by researchers at Cisco Talos, earlier 2019 researchers from Palo Alto Networks Unit42 found new malware samples used by the Rocke group for cryptojacking that uninstalls from Linux servers cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud. .

Cybercrime 91

Cybercrime DNS Malware Advertising 91

Security Affairs

DECEMBER 12, 2019

Microsoft experts reported that the GALLIUM hacking group exploits unpatched vulnerabilities to compromise systems running /JBoss application servers. ” The GALLIUM threat actor is active, but its activity was more intense between 2018 and mid-2019. . SecurityAffairs – GALLIUM, hacking). ” continues the analysis.

Telecommunications 97

Telecommunications DNS Malware Advertising 97

Security Affairs

FEBRUARY 8, 2022

Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. Since then, the criminal group has continued its attack activities by using various malware families such as HEUR:Trojan-Dropper.AndroidOS.Wroba, and various attack methods such as phishing, mining, smishing and DNS poisoning.

Phishing 98

Phishing Malware DNS Hacking 98

Security Affairs

APRIL 14, 2019

DNS hijacking campaigns target Gmail, Netflix, and PayPal users. Gulf countries came under hackers spotlight in 2018, with more than 130 000 payment cards compromised. WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy. WPA3 attacks allow hackers to hack Wi-Fi password.

Data breaches 87

Data breaches Advertising DNS Surveillance 87

Security Affairs

AUGUST 27, 2019

According to Dragos, the Hexane group has been active since at least the middle of 2018, it intensified its activity since early 2019 with an escalation of tensions within the Middle East. The malware uses DNS and HTTP-based communication mechanisms. Experts pointed out that Lyceum does not use sophisticated hacking techniques.

DNS 107

DNS Passwords Penetration Testing Social Engineering 107

Security Affairs

OCTOBER 12, 2019

FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. The messages sent to the victims were also dropping the backdoor DNSbot that primarily operates over DNS traffic. SecurityAffairs – FIN7, hacking).

Identity Theft 103

Identity Theft Hacking Advertising DNS 103

Security Affairs

NOVEMBER 29, 2019

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018. As for 2019, it has become the year of covert military operations in cyberspace.

Banking 122

Banking Telecommunications Marketing Internet 122