Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. Experts also observed attackers using a DNS downloader that was designed for long-term, covert access to the target machine.

DNS 123

DNS Advertising Spyware Software 123

Security Affairs

JULY 21, 2019

NCSC report warns of DNS Hijacking Attacks. SAP Patch Day – July 2019 addresses a critical flaw in Diagnostics Agent. CVE-2019-6342 flaw allows hackers to fully compromise Drupal 8.7.4 Experts spotted a rare Linux Desktop spyware dubbed EvilGnome. The best news of the week with Security Affairs. Kindle Edition.

Small Business 87

Small Business Media Spyware Advertising 87

Security Affairs

APRIL 21, 2019

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise. CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor. Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading. Analyzing OilRigs malware that uses DNS Tunneling. Blue Cross of Idaho data breach, 5,600 customers affected.

Computers and Electronics 94

Computers and Electronics Advertising Data breaches Spyware 94

SecureList

MAY 27, 2022

Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. Other malware.

Phishing 133

Phishing Spyware Firmware Malware 133

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. Cyber Defense Magazine – July 2019 has arrived. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). Singapore Government will run its third bug bounty program. A cyberattack took offline websites of the Georgia agency.

Scams 69

Scams Advertising Spyware DNS 69

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. One of the suspected FinFly Web servers was active for more than a year between October 2019 and December 2020. This server was disabled a day after our discovery last December.

Malware 145

Malware Government Spyware Social Engineering 145

SecureList

SEPTEMBER 26, 2022

NullMixer is a dropper that includes more than just specific malware families; it drops a wide variety of malicious binaries to infect the machine with, such as backdoors, bankers, downloaders, spyware and many others. Racoon is also known to have evolved over the years since it was discovered in 2019. Satacom DNS request and response.

Malware 145

Malware Cryptocurrency Passwords Software 145