2019, Antivirus and Phishing - Cyber Security Informer

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing

Phishing Cybercrime Malware Advertising

2020 Likely To Break Records for Breaches

Adam Levin

JULY 10, 2020

A recent article released by cybersecurity and antivirus firm Bitdefender shows that 8.4 For comparison, that’s a 273% increase over the first two quarters of 2019 combined. Phishing scams skyrocketed as citizens self-isolated during the lockdown, and social-engineering schemes defrauded Internet users of millions.”.

Data breaches

Data breaches Social Engineering Antivirus Scams

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

Be Very Sparing in Allowing Site Notifications

Krebs on Security

NOVEMBER 17, 2020

Frank Angiolelli , vice president of security at Indelible, said rogue notifications can be abused for credential phishing, as well as foisting malware and other unwanted applications on users. Indeed, Malwarebytes’ Pieter Arntz warned about malicious browser push notifications in a January 2019 blog post.

Antivirus

Antivirus Advertising Internet Internet

Spam and phishing in 2020

SecureList

FEBRUARY 15, 2021

The email antivirus was triggered most frequently by email messages containing members of the Trojan.Win32.Agentb The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. Agentb malware family.

Phishing

Phishing Malware Accountability Scams

Threat Group Continuously Updates Malware to Evade Antivirus Software

eSecurity Planet

NOVEMBER 7, 2022

LODEINFO has been observed engaged in a spear- phishing campaign since December 2019 by JPCERT/CC. They observed another spear-phishing campaign in March 2022. However, the same also goes for antivirus software and other anti-malware solutions. The sophisticated malware was hidden in malicious Word file attachments.

Antivirus

Antivirus Software Malware Security Awareness

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Despite billions of dollars spent on the latest, greatest antivirus suites, firewalls and intrusion detection systems, enterprises continue to suffer breaches that can be traced back to the actions of a single, unsuspecting employee.

Social Engineering

Social Engineering Engineering Phishing Banking

4 Best Antivirus Software of 2021

eSecurity Planet

OCTOBER 27, 2021

What’s the best antivirus software? With the rise in malware and ransomware and a growing reliance on the internet, antivirus solutions are critical for protecting your data and applications. Top 4 antivirus software. Anti- phishing , anti-fraud and anti-spam features. Email phishing filter. Bitdefender.

Antivirus

Antivirus Software Malware Marketing

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware: the most likely COVID-19 payload.

Phishing

Phishing Malware Spyware DDOS

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. Pierluigi Paganini.

Phishing

Phishing Social Engineering Malware Advertising

“FudCo” Spam Empire Tied to Pakistani Software Firm

Krebs on Security

SEPTEMBER 6, 2021

The Manipulaters’ core brand in the underground is a shared cybercriminal identity named “ Saim Raza ,” who for the past decade across dozens of cybercrime sites and forums has peddled a popular spamming and phishing service variously called “ Fudtools ,” “ Fudpage ,” “ Fudsender ,” etc.

Software

Software Phishing Cybercrime Accountability

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019. This enhancement appeared in the middle of September 2019.

Malware

Malware Advertising Retail Antivirus

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The attack described by Microsoft begun with a phishing message that was opened by an internal employee, the malware infected its systems and made lateral movements infected other systems in the same network. Emotet re-appeared on the threat landscape in August 2019, with an active spam distribution campaign.

Antivirus

Antivirus Malware Phishing Advertising

NEW TECH: Trend Micro inserts ‘X’ factor into ‘EDR’ – endpoint detection and response

The Last Watchdog

AUGUST 14, 2019

With all the talk of escalating cyber warfare , the spread of counterfeit smartphones and new forms of self-replicating malware , I came away from Black Hat USA 2019 (my 15 th ) marveling, once more, at the panache of modern cyber criminals. Many attacks today begin with a targeted phishing attacks to get a toehold inside a network.

Antivirus

Antivirus Digital transformation Firmware Software

Feds Target $100M ‘GozNym’ Cybercrime Network

Krebs on Security

MAY 16, 2019

“JekaProf” and “procryptgroup” from Moldova, specialized in “crypting” or obfuscating the GozNym malware to evade detection by antivirus software. Nikolov entered a guilty plea in federal court in Pittsburgh on charges relating to his participation in the GozNym conspiracy on April 10, 2019.

Cybercrime

Cybercrime Banking Small Business Computers and Electronics

NIST’s ransomware guidelines look a lot like cyber resilience

Webroot

AUGUST 27, 2021

Already in 2020, according to the report: 2,4000 governmental agencies, healthcare facilities and schools had been hit with ransomware $350 million had been paid out ransomware actors, a 311% increase over 2019 It was taking 287 days on average for a business to fully recover from a ransomware attack.

Ransomware

Ransomware Backups Security Awareness Antivirus

YouTube Accounts Hijacked by Cookie Theft Malware

Hacker Combat

OCTOBER 25, 2021

Google has reported that it disrupted the phishing attacks where threat actors had tried to hijack various YouTube accounts using cookie theft malware. The crypto-currency scams, which started in 2019, saw hackers recruit their targets on one Russian-speaking platform. That way, antivirus detectors that trigger malware will be avoided.

Accountability

Accountability Malware Scams Antivirus

Epic Manchego gang uses Excel docs that avoid detection

Security Affairs

SEPTEMBER 7, 2020

Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since June. The phishing messages carry weaponized Excel documents that are able to bypass security checks and that had low detection rates.

Cybercrime

Cybercrime Phishing Advertising Antivirus

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. It emerges that email marketing giant Mailchimp got hacked.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. New #Mespinoza #Ransomware [link] Ext: locked R/n: Readme.README Affected users, contact the support forum of @BleepinComputer pic.twitter.com/SbKxVEIXUd — Amigo-A (@Amigo_A_) October 25, 2019.

Education

Education Ransomware Encryption Antivirus

AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed

Security Affairs

JUNE 2, 2021

In a sampling of the player profile data, the WizCase security team found that users could spend as much as $907 on the game via in-app microtransactions in the 10,000-player sample from 2019-2020 our team observed. Though most email clients have methods to block spam and phishing attempts, they are not 100% effective.

Data breaches

Data breaches Accountability Mobile Phishing

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

Turchin obtained credentials to target networks by launching spear-phishing attacks and brute-forcing the passwords of remote desktop servers exposed online. Since March 2019, Fxmsp announced in cybercrime forums the availability of information stolen from major antivirus companies located in the U.S.

Hacking

Hacking Antivirus Advertising Cybercrime

Spearphishing attacks hit the oil and gas industry sector

Security Affairs

APRIL 21, 2020

Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. This info-stealer is also able to kill processes associated with malware analysis related processes and antivirus solutions. ” reads the analysis published by Bitdefender.

Spyware

Spyware Manufacturing Malware Engineering

BRATA Android Malware evolves and targets the UK, Spain, and Italy

Security Affairs

JUNE 20, 2022

The malware was first spotted in 2019 by security experts at Kaspersky, the name BRAT comes from ‘Brazilian RAT Android,’ because at the time it was used to spy on Brazilian users. These two permissions allows the operators to receive and read the victim’s sms while performing a phishing attack and takeover the victims’ account.

Malware

Malware Banking Antivirus Phishing

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. According to the experts, LOLbins are very effecting in evading antivirus software. . ” reads the analysis published by Andrea Lelli from Microsoft.

Antivirus

Antivirus Malware Advertising Security Intelligence

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

US agencies also updated information included in a MARs report on the HOPLIGHT proxy-based backdoor trojan that was first analyzed in April 2019. This malware is currently used for phishing & remote access by #DPRK cyber actors to conduct illegal activity, steal funds & evade sanctions. Keep operating system patches up-to-date.

Malware

Malware Passwords Advertising Antivirus

Explorations in the spam folder–Holiday Edition

Cisco Security

DECEMBER 8, 2022

While much of the spam circulating is innocuous, many emails are phishing attempts, and some are indeed malicious. What they may not be aware of, is that they have just given their credit card details away in a phishing scam. Image 10 – Steps in package delivery phishing scam. A word of caution. Your package is in route.

Scams

Scams Phishing Malware Internet

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise. CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor. Avast, Avira, Sophos and other antivirus solutions show problems after. Google is going to block logins from embedded browsers against MitM phishing attacks.

Computers and Electronics

Computers and Electronics Data breaches Advertising Spyware

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Disable hyperlinks in received emails.

Government

Government Passwords Firmware Accountability

Crushing the two biggest threats to mobile endpoint security in 2023

Malwarebytes

MARCH 1, 2023

Malware and phishing are two particular mobile threats that you need to defend against in 2023. Just check out the following stats from last year: 18 percent of clicked phishing emails in 2022 came from a mobile device. It’s not.

Mobile

Mobile Phishing Malware Adware

Malwarebytes vs Bitdefender

eSecurity Planet

FEBRUARY 11, 2022

Malwarebytes and Bitdefender are two of the most recognized names in the cybersecurity market for the latest antivirus software, endpoint detection and response (EDR), and endpoint protection platforms ( EPP ). The Bitdefender GravityZone dashboard showing statuses for audits, malware, blocked applications, and anti-phishing actions.

Antivirus

Antivirus Mobile Malware Threat Detection

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Install an antivirus solution that includes anti-adware capabilities. Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. If your antivirus software fails to notice a new strain, you can reinstall the browser. Jump ahead: Adware. Bots and botnets.

Malware

Malware Adware Spyware Antivirus

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

” The SMOKEDHAM backdoor was associated by FireEye to the activity of the UNC2465 group that dates back to at least April 2019 and is considered a DARKSIDE RaaS affiliate. Figure 2 shows an image of the download page used for SmartPSS software.” ” concludes the report. ” concludes the report.

Cybercrime

Cybercrime Ransomware Software Antivirus

Threat Report Portugal: Q3 2020

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The campaigns were classified as either phishing or malware. Phishing and Malware Q3 2020. From Figure 2, January presented a total of 15 phishing campaigns, 29 in February and 46 during March.

Threat Reports

Threat Reports Phishing Malware Banking

Ransomware: February 2022 review

Malwarebytes

MARCH 10, 2022

Observed since: September 2019 Ransomware note: Restore-My-Files.txt Ransomware extension: lockbit Kill Chain: Brute force attack on a web server containing an outdated VPN service > LockBit Sample hash: 9feed0c7fa8c1d32390e1c168051267df61f11b048ec62aa5b8e66f60e8083af. LockBit 2.0. txt Ransomware extension: .Encoded01 Mitigations.

Ransomware

Ransomware Phishing Accountability Technology

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. Technical Analysis.

Malware

Malware Antivirus Technology Phishing

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

Security Affairs

JUNE 12, 2019

“During the period of March to May 2019, Morphisec Labs observed a new, highly sophisticated variant of the ShellTea / PunchBuggy backdoor malware that attempted to infiltrate a number of machines within the network of a customer in the hotel-entertainment industry.” ” reads the analysis published by Morphisec.

Hacking

Hacking Malware Advertising Retail

How You Get Malware: 8 Ways Malware Creeps Onto Your Device

eSecurity Planet

OCTOBER 4, 2022

The extraordinarily high volume of threats is forcing vendors to include AI-based detection even in consumer antivirus products. Even though there are infinite strains of malware, there are only a handful of vectors, some of which include surfing the Web, phishing emails, Trojan downloads and portable document formats (PDFs).

Malware

Malware Phishing Ransomware Mobile

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The logic of the raid mainly comes down to using unsecured RDP ports or spear-phishing to infiltrate networks and gain a foothold in them. In November 2019, the criminals behind a ransomware species called Maze started a new trend that is currently gaining momentum on the dark web. About the essayist.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Could Your Company Survive a Ransomware Attack?

CyberSecurity Insiders

AUGUST 26, 2022

In 2019, this type of cyberattack cost companies about $7.5 Here are some of the ways companies can protect themselves from ransomware attacks: Update software: One of the best defenses against ransomware is regularly updating software, especially antivirus software installed on the computer. What Companies Have Suffered These Attacks?

Ransomware

Ransomware Education Software Malware

Avast, NordVPN Breaches Tied to Phantom User Accounts

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability

Accountability VPN Software Antivirus

Navigating mobile malware trends: Crucial insights and predictions for MSPs

Malwarebytes

MAY 10, 2023

Just check out the following stats from last year: 18 percent of clicked phishing emails in 2022 came from a mobile device. Examples of recent Android malware iOS isn't off the hook While it's generally harder for malware to get a foothold on iOS, phishing attacks are still a threat. And the kicker? It’s not.

Mobile

Mobile Malware Phishing Spyware

A new trojan Lampion targets Portugal

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. The file “ FacturaNovembro-4492154-2019-10_8.vbs

Malware

Malware Internet Internet Antivirus

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. Computer viruses often utilize deception techniques and keep evolving to evade antivirus software. And it all started with a single employee falling prey to a phishing email. Computer worms.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

2020 Likely To Break Records for Breaches

Trending Sources

A flaw in Kaspersky Antivirus allowed tracking its users online

Be Very Sparing in Allowing Site Notifications

Spam and phishing in 2020

Threat Group Continuously Updates Malware to Evade Antivirus Software

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

4 Best Antivirus Software of 2021

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

“FudCo” Spam Empire Tied to Pakistani Software Firm

Report: Threat of Emotet and Ryuk

Microsoft’s case study: Emotet took down an entire network in just 8 days

NEW TECH: Trend Micro inserts ‘X’ factor into ‘EDR’ – endpoint detection and response

Feds Target $100M ‘GozNym’ Cybercrime Network

NIST’s ransomware guidelines look a lot like cyber resilience

YouTube Accounts Hijacked by Cookie Theft Malware

Epic Manchego gang uses Excel docs that avoid detection

Happy 13th Birthday, KrebsOnSecurity!

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Spearphishing attacks hit the oil and gas industry sector

BRATA Android Malware evolves and targets the UK, Spain, and Italy

A new Astaroth Trojan Campaign uncovered by Microsoft

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Explorations in the spam folder–Holiday Edition

Security Affairs newsletter Round 210 – News of the week

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Crushing the two biggest threats to mobile endpoint security in 2023

Malwarebytes vs Bitdefender

Types of Malware & Best Malware Protection Practices

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Threat Report Portugal: Q3 2020

Ransomware: February 2022 review

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

FIN8 Hacking Group is back with an improved version of the ShellTea Backdoor

How You Get Malware: 8 Ways Malware Creeps Onto Your Device

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Could Your Company Survive a Ransomware Attack?

Avast, NordVPN Breaches Tied to Phantom User Accounts

Navigating mobile malware trends: Crucial insights and predictions for MSPs

A new trojan Lampion targets Portugal

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

Stay Connected