Malwarebytes

OCTOBER 18, 2024

The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later).

Adware 143

Adware Spyware Mobile Technology 143

Krebs on Security

APRIL 19, 2019

Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices. The government says between July 2012 and Sept.

Banking 228

Banking Malware Advertising Government 228

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 228

Malware Advertising Marketing System Administration 228

Krebs on Security

AUGUST 16, 2020

A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week, when Microsoft finally issued a software update to correct the problem. In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018.

Antivirus 363

Antivirus Malware Software 363

Schneier on Security

MARCH 28, 2019

The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. [.]. Kaspersky Labs is reporting on a new supply chain attack they call "Shadowhammer.". In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility.

Hacking 276

Hacking Malware 276

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2018-13379: The Eternal Exploit What is CVE-2018-13379?

VPN 133

VPN Authentication Ransomware Risk 133

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched. In March 2025, threat actors distributed archived messages through Signal.

Computers and Electronics 108

Computers and Electronics Telecommunications Malware Surveillance 108

Krebs on Security

FEBRUARY 17, 2021

million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and New York. Park was previously charged in 2018 in connection with the WannaCry and Sony Pictures attacks. Image: CISA.

Cryptocurrency 333

Cryptocurrency Financial Services Banking Government 333

Krebs on Security

JANUARY 2, 2019

The company says its systems were hit by the Ryuk ransomware, the same malware strain that crippled printing and delivery operations for multiple major U.S. 29, 2018, the attackers broke in through a compromised login account on Christmas Eve and quickly began infecting servers with the Ryuk ransomware strain.

Ransomware 262

Ransomware Malware Backups Accountability 262

Krebs on Security

AUGUST 25, 2021

In 2018, Andrew Schober was digitally mugged for approximately $1 million worth of bitcoin. After several years of working with investigators, Schober says he’s confident he has located two young men in the United Kingdom responsible for using a clever piece of digital clipboard-stealing malware that let them siphon his crypto holdings.

Cryptocurrency 362

Cryptocurrency Malware Mobile Accountability 362

Security Affairs

NOVEMBER 1, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework.

Spyware 142

Spyware Media Malware Hacking 142

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 108

Architecture Internet Internet Malware 108

Security Affairs

NOVEMBER 2, 2024

Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access. The threat actors exploited vulnerabilities in networking devices used by businesses to gain a foothold by installing custom malware.

Firmware 122

Firmware Government Firewall Malware 122

SecureList

JUNE 15, 2023

Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community. A MaaS operator is typically a team consisting of several people with distinct roles.

Malware 143

Malware Ransomware Cybercrime Hacking 143

The Last Watchdog

APRIL 21, 2021

At the time, in the spring of 2018, only 25 percent of commercial websites used HTTPS; today adoption is at 98 percent and rising. Attackers are taking advantage of TLS-protected web and cloud services, for malware delivery and for command-and-control, right under the noses of IT security teams and most security technologies.”.

Malware 214

Malware Firewall Encryption Digital transformation 214

Krebs on Security

JULY 8, 2019

But GandCrab far eclipsed the success of competing ransomware affiliate programs largely because its authors worked assiduously to update the malware so that it could evade antivirus and other security defenses. It remains unclear how many individuals were active in the core GandCrab malware development team.

Ransomware 278

Ransomware Accountability Cybercrime Passwords 278

The Hacker News

JUNE 13, 2024

Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018.

Malware 118

Malware 118

Adam Levin

JANUARY 25, 2019

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes. Kaspersky and McAfee Labs both reported a 30% decline in ransomware attacks in 2018. “[T]he

Spyware 212

Spyware Ransomware Malware Banking 212

Krebs on Security

DECEMBER 19, 2018

The software giant said it learned about the weakness ( CVE-2018-8653 ) after receiving a report from Google about a new vulnerability being used in targeted attacks. “As the flaw is being actively exploited in the wild, users are urged to update their systems as soon as possible to reduce the risk of compromise,” Narang said. .

Internet 260

Internet Internet Software Engineering 260

Security Affairs

JULY 14, 2024

A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details about a DarkGate malware campaign from March-April 2024. The malware is considered a sophisticated threat and is continuously improved.

Malware 134

Malware Cybercrime Software Phishing 134

SecureList

OCTOBER 29, 2024

Attackers are increasingly distributing malware through a rather unusual method: a fake CAPTCHA as the initial infection vector. As with the previous stage, the victim doesn’t always encounter malware. Known since 2018, Amadey has been the subject of numerous security reports.

Adware 125

Adware Malware Cryptocurrency Password Management 125

Security Affairs

DECEMBER 26, 2024

In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai. in newer ones.

Manufacturing 89

Manufacturing Malware Firmware IoT 89

Krebs on Security

FEBRUARY 4, 2020

The government says Quantum Stresser had more than 80,000 customer subscriptions, and that during 2018 the service was used to conduct approximately 50,000 actual or attempted attacks targeting people and networks worldwide. and international authorities in December 2018 as part of a coordinated takedown targeting attack-for-hire services.

Internet 328

Internet Internet Government Accountability 328

CyberSecurity Insiders

APRIL 18, 2022

A malware dubbed MyloBot malware is seen sending extortion emails to victims and demanding a payment of $2,732 in digital currency. This malware that was first detected in 2018 has anti-debugging capabilities and the potential to remove other malware already installed in the system or network.

Malware 135

Malware Firewall Software Ransomware 135

Security Affairs

FEBRUARY 26, 2025

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework.

Data collection 103

Data collection Spyware Media Surveillance 103

Security Affairs

JULY 25, 2022

Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads. Then the malware contacts the C2 and sends system information (i.e.

Software 133

Software Malware Cybercrime VPN 133

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 137

Malware Internet Internet DDOS 137

Security Affairs

MAY 30, 2022

Experts pointed out that the malware is being actively developed. LFI CVE-2018-16763 Fuel CMS 1.4.1 LFI CVE-2018-16763 Fuel CMS 1.4.1 The malware can quickly adopt one-day vulnerabilities (within days of a published proof of concept).” ” concludes the report.

Malware 145

Malware DDOS IoT Cybercrime 145

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 120

Malware Software Passwords Cryptocurrency 120

SecureBlitz

MARCH 5, 2024

Security researchers have identified a new and concerning malware threat: a multi-platform framework called “MATA.” ” This framework has been targeting victims globally since at least April 2018.

Malware 105

Malware Cybersecurity Antivirus 105

Troy Hunt

MARCH 26, 2018

Shofiur R" found troyhunt.com on a "free online malware scanner" and tried to scare me into believing my site had security vulnerabilities then shake me down for a penetration test. pic.twitter.com/lifCZRcICF — Troy Hunt (@troyhunt) March 20, 2018. Here's the tl;dr - someone named "Md. Ooh, he’s good! Suggestions?

Scams 222

Scams Penetration Testing Accountability Data breaches 222

The Hacker News

DECEMBER 27, 2024

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024.

Malware 107

Malware Cyber Attacks Phishing 107

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. nl — circa October 2018. 6 in Miami, Fla.

Cybercrime 356

Cybercrime Ransomware Passwords Banking 356

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. 30, the U.S.

eCommerce 208

eCommerce Cybercrime Accountability Passwords 208

Malwarebytes

FEBRUARY 24, 2022

According to a joint security advisory published yesterday by US and UK cybersecurity and law enforcement agencies, a new malware called Cyclops Blink has surfaced to replace the VPNFilter malware attributed to the Sandworm group, which has always been seen as a Russian state-sponsored group. Cyclops Blink.

Malware 145

Malware Firewall Firmware DDOS 145

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA.

Marketing 308

Marketing Energy and Utilities Malware Ransomware 308

SecureList

OCTOBER 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. The malware uses different strings to load libraries and functions required for execution. In particular, Avast and AVG solutions are of interest to the malware.

Malware 142

Malware Encryption Architecture Phishing 142