eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware 72

Malware Phishing Security Intelligence Hacking 72

Security Affairs

OCTOBER 10, 2020

We’re seeing more activity leveraging the CVE-2020-1472 exploit (ZeroLogon). — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. — Microsoft Security Intelligence (@MsftSecIntel) October 6, 2020. states Microsoft. We strongly recommend patching. Pierluigi Paganini.

Cybercrime 137

Cybercrime Security Intelligence Authentication Banking 137

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The latest version of the Java-based STRRAT malware (1.5)

Ransomware 144

Ransomware Malware Encryption Security Intelligence 144

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Shared templates in paste.

Malware 143

Malware Passwords Advertising Ransomware 143

Security Affairs

SEPTEMBER 24, 2020

Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon. — Microsoft Security Intelligence (@MsftSecIntel) September 24, 2020. We strongly recommend customers to immediately apply security updates for CVE-2020-1472.

Security Intelligence 139

Security Intelligence Authentication Advertising Passwords 139

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 124

Malware Hacking Government Telecommunications 124

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Learn how to build organizational security hygiene to prevent human-operated attacks: [link] — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020.

Ransomware 136

Ransomware Security Intelligence Encryption Advertising 136

Security Affairs

OCTOBER 6, 2020

In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities. ” According to CISA, the surge in the attacks has rendered this malware one of the most prevalent ongoing threats.

Government 142

Government Banking Advertising Malware 142

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Security Affairs

MAY 13, 2020

COVID-19 themed phishing campaigns recently observed by Microsoft was using messages with subject lines like “BUSINESS CONTINUITY PLAN ANNOUNCEMENT STARTING MAY 2020.” The emails in both campaigns use ARJ attachments that contain malicious executables disguised as PDF files.

Phishing 132

Phishing Advertising Banking Security Intelligence 132

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. macros in malware campaigns.

Security Intelligence 118

Security Intelligence Advertising Phishing Malware 118

Security Affairs

JULY 18, 2020

The notorious Emotet went into the dark since February 2020, but now has surged back with a new massive spam campaign targeting users worldwide. Emotet AAR for 2020/07/17- Well played Ivan, I dont usually do a Friday report but I did one just for you <3. link] — Joseph Roosen (@JRoosen) July 18, 2020. TNW and Be safe!

Advertising 129

Advertising Malware Banking Security Intelligence 129

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022.

Security Intelligence 98

Security Intelligence Malware Backups Architecture 98

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. . ” continues the report.

Firmware 124

Firmware Malware Security Intelligence Authentication 124

Security Affairs

DECEMBER 1, 2020

New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020.

Cryptocurrency 136

Cryptocurrency Antivirus Manufacturing Government 136

Security Affairs

OCTOBER 6, 2020

The Zerologon vulnerability, tracked as CVE-2020-1472 , is an elevation of privilege that resides in the Netlogon. Administrators of enterprise Windows Servers have to install the August 2020 Patch Tuesday to mitigate “unacceptable risk” posed by the flaw to federal networks. We strongly recommend patching.

Authentication 136

Authentication Advertising Architecture Cyber Attacks 136

Malwarebytes

OCTOBER 8, 2021

Attackers have always liked Office macros because they provide a simple and reliable method to spread malware using legitimate features, and without relying on any vulnerability or exploit. In May 2020, Microsoft itself warned about a massive COVID-19 themed campaign that used emails with attachments containing malicious Excel 4.0

Malware 137

Malware Security Intelligence 137

Webroot

APRIL 21, 2021

Although cybercriminal activity throughout 2020 was as innovative as ever, some of the most noteworthy threat activity we saw came from the old familiar players, namely ransomware, business email compromise (BEC) and phishing. By September 2020, the average ransom payment peaked at $233,817. “In

Threat Reports 119

Threat Reports Phishing Ransomware Backups 119

Security Affairs

NOVEMBER 17, 2021

Over the past year, Microsoft Threat Intelligence Center (MSTIC) has observed an evolution of the tools, techniques, and procedures employed by Iranian nation-state actors. Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021.

VPN 134

VPN Accountability Social Engineering Media 134

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Malware 98

Malware Banking Advertising Financial Services 98

The Last Watchdog

JULY 30, 2018

More than 230,000 new malware samples are launched every day. The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. Categorizing solutions. Enterprise scale.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

Webroot

JANUARY 7, 2022

2020 may have been the year of establishing remote connectivity and addressing the cybersecurity skills gap, but 2021 presented security experts, government officials and businesses with a series of unpresented challenges. Below, our security experts forecast where the main areas of concern lie in the year ahead. Ransomware.

Cybercrime 116

Cybercrime Ransomware Phishing Cryptocurrency 116

Malwarebytes

MAY 18, 2022

In a Twitter thread , the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv botnet. The Sysrv botnet first received attention at the end of 2020 because at the time it was one of the rare malware binaries written in Golang (aka GO). Linux malware. Background.

Cryptocurrency 81

Cryptocurrency IoT Malware DDOS 81

SC Magazine

MAY 14, 2021

American Airlines flight 718, a Boeing 737 Max, is seen parked at its gate at Miami International Airport as passengers board for a flight to New York on December 29, 2020 in Miami, Florida. A campaign of remote access trojans is targeting the aerospace and travel industries. Photo by Joe Raedle/Getty Images).

Phishing 126

Phishing Scams Security Awareness Security Intelligence 126

Security Affairs

APRIL 1, 2021

“The most recent extortion attack — peaking at more than 800 Gbps and targeting a European gambling company — was the biggest and most complex we’ve seen since the widespread return of extortion attacks that kicked off in mid-August 2020. reads the analysis published by Akamai. ” Likely DDoS extortion attacks. .

DDOS 128

DDOS Security Intelligence Hacking Cybersecurity 128

SC Magazine

JANUARY 29, 2021

The security firm, which first detected suspicious activity in early 2020, said the attack was based on a modified JSP file browser with a unique string that the adversary used to deploy “Explosive” V4 Remote Access Tool (RAT) or “Caterpillar” V2 WebShell in the victims’ networks.

Antivirus 93

Antivirus Malware Cyber threats Media 93

Cisco Security

SEPTEMBER 30, 2021

In fact, 25% or more companies experienced a jump in cyber threats or alerts since March 2020 ( Cisco’s Future of Secure Remote Work Report ). The concern over ransomware attacks in a hybrid workplace increased 69% among leaders ( Security Magazine ). Seeking a secure and simple solution.

Marketing 144

Marketing Firewall Cyber threats Cybercrime 144

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020.

Hacking 85

Hacking Security Intelligence Advertising Accountability 85

Security Affairs

OCTOBER 30, 2020

Organizations and security incidents in Kubernetes environments, these are 5 key components of the control plane that demand special attention. Organizations are no strangers to security incidents in their Kubernetes environments. For information on how to secure that part of a Kubernetes cluster, click here.

Advertising 100

Advertising Internet Internet VPN 100

eSecurity Planet

JANUARY 27, 2022

Accenture acquired Symantec’s MSSP services in 2020. Intelligence: Threat intelligence and incident response services supported by IBM Security X-Force. Metrics: 300 billion security events processed daily. Delivery: Shared multi-tenant, on-premises, or as a service. See our in-depth look at IBM.

Firewall 111

Firewall Threat Detection DDOS Marketing 111

Security Affairs

MARCH 19, 2021

In the 2020 Cloud Native Survey , 91% of respondents told the Cloud Native Computing Foundation (CNCF) that they were using Kubernetes—an increase from 78% in 2019 and 58% a year earlier. For more information about other aspects of Amazon EKS security, click here.

Information Security 112

Information Security Security Intelligence Hacking Accountability 112

SC Magazine

JULY 2, 2021

In 2020, for example, the average ransom payment increased by 171% to $312,493, according to Palo Alto Networks. To protect themselves against a constant onslaught from organized ransomware gangs, organizations ideally require intelligence in the form of prior warning of the most serious incoming attacks.

Ransomware 59

Ransomware Engineering Encryption Insurance 59

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking 112

Banking Malware Security Intelligence Advertising 112

CyberSecurity Insiders

JANUARY 25, 2022

.–( BUSINESS WIRE )– CSC , a world leader in business, legal, tax, and domain security, today announced key findings from its new report, which found that nearly 500,000 web domains were registered since January 2020 containing key COVID-related terms. At CSC, we believe domain security intelligence is power.

Artificial Intelligence 52

Artificial Intelligence Phishing Technology DNS 52