Krebs on Security

AUGUST 13, 2019

“According to Microsoft, at least two of these vulnerabilities ( CVE-2019-1181 and CVE-2019-1182 ) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak.

Backups 226

Backups Software Authentication Internet 226

Krebs on Security

FEBRUARY 12, 2019

Some 20 of the flaws addressed in February’s update bundle are weaknesses labeled “critical,” meaning Microsoft believes that attackers or malware could exploit them to fully compromise systems through little or no help from users — save from convincing a user to visit a malicious or hacked Web site.

Internet 198

Internet Internet Malware Hacking 198

Krebs on Security

DECEMBER 10, 2019

The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks. It is very likely this is being exploited in the wild.”

Backups 172

Backups Software Malware Marketing 172

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. Constella found that a user named Shoppy registered on Cracked in 2019 using the email address finn@shoppy[.]gg.

eCommerce 200

eCommerce Cybercrime Accountability Passwords 200

Krebs on Security

SEPTEMBER 10, 2019

The software giant assigned a “critical” rating to almost a quarter of those vulnerabilities, meaning they could be used by malware or miscreants to hijack vulnerable systems with little or no interaction on the part of the user.

Software 176

Software Backups Malware Hacking 176

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software. NSOs witnesses have refused to answer whether it developed further WhatsApp-based Malware Vectors thereafter.

Spyware 109

Spyware Surveillance Software Hacking 109

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 226

Malware Advertising Marketing System Administration 226

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. WHO IS MEGATRAFFER?

Malware 299

Malware Cybercrime Software Accountability 299

Security Affairs

DECEMBER 22, 2024

The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024. Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds. Arrested in Israel, he awaits extradition to the U.S.

Ransomware 120

Ransomware Small Business Antivirus Malware 120

The Last Watchdog

FEBRUARY 3, 2020

and Saudi Arabia have been steadily escalating for at least the past decade, with notable spikes in activity throughout the course of 2019. It’s notable that hacks to gain access to, and maintain control of, industrial control systems are a recurring theme in cyber warfare. The Saudis aren’t known for being transparent.

Energy and Utilities 330

Energy and Utilities Malware Hacking Passwords 330

Schneier on Security

NOVEMBER 8, 2019

From Symantec : We first began seeing Xhelper apps in March 2019. Back then, the malware's code was relatively simple, and its main function was visiting advertisement pages for monetization purposes. We strongly believe that the malware's source code is still a work in progress. It's a weird piece of malware.

Malware 176

Malware Advertising Encryption Hacking 176

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 115

Cyber Attacks Hacking Government Malware 115

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime 116

Cybercrime Ransomware Healthcare Education 116

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ?

Ransomware 357

Ransomware Cybercrime Malware Encryption 357

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing 298

Marketing Energy and Utilities Malware Ransomware 298

Security Affairs

DECEMBER 1, 2024

A study by the Massachusetts Institute of Technology (MIT) presented in 2019 revealed that deepfakes generated by AI could deceive humans up to 60% of the time. By automating the generation of malware variants, attackers can evade detection mechanisms employed by major anti-malware engines.

Artificial Intelligence 134

Artificial Intelligence Phishing Media Cyber threats 134

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 298

DNS Penetration Testing Malware Hacking 298

Schneier on Security

FEBRUARY 3, 2021

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot , was deployed in September 2019, at the time hackers breached SolarWinds’ internal network.

Computers and Electronics 363

Computers and Electronics Malware Software Government 363

Krebs on Security

NOVEMBER 26, 2019

23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. The other three restaurants are all part of the same parent company and disclosed breaches in August 2019. Image: Gemini Advisory.

Marketing 340

Marketing Cybercrime Retail Advertising 340

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Below are the job descriptions used to recruit the hackers.

Accountability 145

Accountability Malware Phishing Social Engineering 145

Security Affairs

MARCH 20, 2021

Acer is the world’s 6th-largest PC vendor by unit sales as of January 2021, it has more than 7,000 employees (2019) and in 2019 declared 234.29 financial spreadsheets, bank documents and communications) as proof of the hack. SecurityAffairs – hacking, ransoware). billion in revenue. Source LeMagIT.

Ransomware 145

Ransomware Hacking Computers and Electronics Malware 145

Krebs on Security

FEBRUARY 11, 2020

A dozen of the vulnerabilities Microsoft patched today are rated “critical,” meaning malware or miscreants could exploit them remotely to gain complete control over an affected system with little to no help from the user. It could be used to install malware just by getting a user to browse to a malicious or hacked Web site.

Backups 64

Backups Malware Internet Internet 64

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Pierluigi Paganini.

Ransomware 143

Ransomware Hacking Encryption Malware 143

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Here’s what I took away from our discussion: Transient hacks. This quickly gets intricately technical. Branching attacks.

Hacking 212

Hacking Energy and Utilities System Administration Accountability 212

Security Affairs

APRIL 21, 2025

. “In some systems, initial access was gained through exploiting the RDP vulnerability (BlueKeep, CVE-2019-0708). “The threat actor also used other means to distribute the malware, such as attaching the same file to emails and exploiting the Microsoft Office Equation Editor vulnerability (CVE-2017-11882) [1].”

Phishing 80

Phishing Malware Security Intelligence Hacking 80

Security Affairs

AUGUST 4, 2024

A China-linked APT, tracked as StormBamboo, compromised an internet service provider (ISP) to poison software update mechanisms with malware. The threat actors targeted insecure software update mechanisms to install malware on macOS and Windows victim machines. The company linked the attacks to StormBamboo APT group.

Malware 144

Malware DNS Firewall Software 144

Security Affairs

JULY 16, 2021

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Since 2019 experts found many Joker apps on Google Play store, in September 2019 security experts at Google removed from the store 24 apps. ” states a post published by the experts.

Malware 145

Malware Mobile Spyware Encryption 145

The Last Watchdog

AUGUST 20, 2019

And, increasingly, they come riddled with some of the most invasive types of malware. This is putting consumers and companies in harm’s way through yet another attack vector – one which gives professional hacking collectives another means to compromise online accounts and break into company networks.

Malware 185

Malware Mobile Manufacturing Marketing 185

Krebs on Security

DECEMBER 19, 2018

Satnam Narang , senior research engineer at Tenable , said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

Internet 255

Internet Internet Software Engineering 255

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware 119

Spyware Government Surveillance Hacking 119

Security Affairs

APRIL 26, 2021

Apple addresses a zero-day in macOS exploited by Shlayer malware to bypass Apple’s security features and deliver second-stage malicious payloads. The developers behind the Shlayer malware have successfully managed to get their malicious payloads approved by Apple through its automated notarizing process in order to run on macOS.

Malware 145

Malware Software Engineering Hacking 145

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. Now some statistic facts about malware. billion malware attacks.

Firewall 132

Firewall Malware IoT Software 132

Security Affairs

JULY 22, 2021

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products.

Malware 141

Malware Antivirus Passwords Firewall 141

SecureWorld News

OCTOBER 23, 2024

Securities and Exchange Commission (SEC) announced Tuesday that it has fined four companies $7 million for misleading statements about their cybersecurity incidents, particularly concerning the high-profile 2019 SolarWinds hack. Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd.,

Cybersecurity 115

Cybersecurity Risk Hacking Software 115

Security Affairs

APRIL 3, 2021

On April 3, a user has leaked the phone numbers and personal data of 533 million Facebook users in a hacking forum for free online. Bad news for Facebook, a user in a hacking forum has published the phone numbers and personal data of 533 million Facebook users. SecurityAffairs – hacking, data leak). Pierluigi Paganini.

Hacking 145

Hacking Accountability Passwords Data breaches 145

Krebs on Security

MARCH 9, 2021

Ten of these earned Microsoft’s “critical” rating, meaning they can be exploited by malware or miscreants with little or no help from users. Top of the heap this month (apart from the ongoing, global Exchange Server mass-compromise ) is a patch for an Internet Explorer bug that is seeing active exploitation.

DNS 350

DNS Internet Internet Software 350