Antivirus, Government and Malware - Cyber Security Informer

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab , KrebsOnSecurity has learned. A fake browser update page pushing mobile malware. Image: Intrinsec.

Malware

Malware Antivirus Software DDOS

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus

Antivirus Malware Cybercrime Identity Theft

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Image: FBI. Tan DaiLin, a.k.a. Image: iDefense.

Antivirus

Antivirus Hacking Software Government

US Government Exposes North Korean Malware

Schneier on Security

MAY 14, 2020

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. It's interesting to see the US government take a more aggressive stance on foreign malware.

Government

Government Malware Antivirus Cryptocurrency

Details on Uzbekistan Government Malware: SandCat

Schneier on Security

OCTOBER 11, 2019

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers.

Government

Government Malware Antivirus Hacking

The Pentagon is Publishing Foreign Nation-State Malware

Schneier on Security

NOVEMBER 9, 2018

This is a new thing : The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially a malware zoo that's used by security pros and antivirus/malware detection engines to gain a better understanding of the threat landscape.

Malware

Malware Antivirus Engineering Government

CISA Warns Government Agencies of Increasing Emotet Attacks

Adam Levin

OCTOBER 8, 2020

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning of an increase in Emotet malware-based phishing attacks on state and local agencies. Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails.

Government

Government Antivirus Phishing Malware

When Your Smart ID Card Reader Comes With Malware

Krebs on Security

MAY 17, 2022

government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. government smart cards. government smart cards.

Malware

Malware Government Internet Internet

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015.

Phishing

Phishing Cybercrime Advertising Malware

Adventures in Contacting the Russian FSB

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus

Antivirus VPN Encryption Malware

MY TAKE: Surfshark boosts ‘DIY security’ with its rollout of VPN-supplied antivirus protection

The Last Watchdog

SEPTEMBER 13, 2021

Thus, Surfshark has just become the first VPN provider to launch an antivirus solution as part of its all-in-one security bundle Surfshark One. Related: Turning humans into malware detectors. And let’s not forget the longstanding, multi-billion market of antivirus software subscriptions directed at consumers.

Antivirus

Antivirus VPN Marketing Digital transformation

US charged Dual Russian and Israeli National as LockBit Ransomware developer

Security Affairs

DECEMBER 22, 2024

The ransomware gang and its affiliates targeted hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds.

Ransomware

Ransomware Small Business Antivirus Malware

Threat Group Continuously Updates Malware to Evade Antivirus Software

eSecurity Planet

NOVEMBER 7, 2022

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. The sophisticated malware was hidden in malicious Word file attachments. However, the same also goes for antivirus software and other anti-malware solutions.

Antivirus

Antivirus Software Malware Security Awareness

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Retail

Retail Advertising Cryptocurrency Marketing

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture

Architecture Internet Internet Malware

Beware: Malicious Android Malware Disguised as Government Alerts.

Quick Heal Antivirus

MARCH 21, 2024

Lately, we’ve spotted sneaky malware on Android. The post Beware: Malicious Android Malware Disguised as Government Alerts. In our high-tech world, sneaky cyber threats can pop up anywhere. appeared first on Quick Heal Blog.

Government

Government Malware Cyber threats Social Engineering

SideWinder targets the maritime and nuclear sectors with an updated toolset

SecureList

MARCH 10, 2025

Last year, we published an article about SideWinder , a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. Once their tools are identified, they respond by generating a new and modified version of the malware, often in under five hours.

Energy and Utilities

Energy and Utilities Malware Government Phishing

Spam Kingpin Peter Levashov Gets Time Served

Krebs on Security

JULY 20, 2021

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov , a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. The government argued that under U.S.

Antivirus

Antivirus Cybercrime Identity Theft Scams

Researchers Perform An Analysis on Chinese Malware Used Against Russian Government

Hacker Combat

AUGUST 6, 2021

The disclosure cantered on the Mail-O malware when the attackers attempted to access Russian federal officials’ emails. Then, SentinelOne thought it was related to a malware variant called manager or PhantomNet created by TA428. Group-IB performed an in-depth analysis of the malware families used by the attackers.

Government

Government Malware Energy and Utilities Cyber Attacks

Do you actually need a VPN? Your guide to staying safe online!

Webroot

NOVEMBER 21, 2024

Antivirus augmentation Even if you already have antivirus software, using a VPN enhances your personal cybersecurity. Personal privacy: Antivirus software: Primarily protects your device from malware, viruses, and other malicious software. Keeps your browsing history and personal data private and anonymous.

VPN

VPN Antivirus Internet Internet

Giant health insurer struck by ransomware didn't have antivirus protection

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. PhilHealth is the government owned and controlled corporation that provides universal health coverage in the Philippines. Detect intrusions.

Antivirus

Antivirus Insurance Ransomware Healthcare

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

China-linked hackers carried out cyber espionage campaigns targeting governments, corporations, and think tanks with TAIDOOR malware. “CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 See the latest malware analysis report on their TTPs at @CNMF_CyberAlert. v1 , U.S. .

Malware

Malware Government Passwords Advertising

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities. The malicious code appended the extension. Pierluigi Paganini.

Government

Government Ransomware Encryption Penetration Testing

CISA analyzed stealthy malware found on compromised Pulse Secure devices

Security Affairs

JULY 22, 2021

CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products.

Malware

Malware Antivirus Passwords Firewall

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. These two software are currently unknown to most if not all antivirus companies.” “The 911[.]re ” A depiction of the Proxygate service.

VPN

VPN Computers and Electronics Antivirus Software

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware

Malware Antivirus Software Passwords

A Stealthy Malware Found on Hacked Pulse Secure Devices

Heimadal Security

JULY 22, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released an alert regarding more than a dozen malware samples that were found on exploited Pulse Secure devices and that can go undetected by antivirus products. The post A Stealthy Malware Found on Hacked Pulse Secure Devices appeared first on Heimdal Security Blog.

Malware

Malware Hacking Antivirus Government

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. Each report includes a detailed “malware descriptions, suggested response actions, and recommended mitigation techniques.” Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

CISA, Microsoft Warn of Wiper Malware Amid Russia-Ukraine Tensions

eSecurity Planet

JANUARY 21, 2022

government agency overseeing cybersecurity is urging the country’s businesses and other organizations to take the necessary steps to protect their networks from any spillover that might occur from the ongoing cyberattacks aimed at Ukraine government agencies and private companies. and Russian government leaders.

Malware

Malware Government Ransomware Backups

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

DECEMBER 13, 2021

31, 2021, the HSE’s antivirus software detected the execution of two software tools commonly used by ransomware groups — Cobalt Strike and Mimikatz — on the Patient Zero Workstation. But the antivirus software was set to monitor mode, so it did not block the malicious commands.” Now this is in itself isn’t bad.

Healthcare

Healthcare Ransomware Antivirus Hacking

Lampion malware v2 February 2020

Security Affairs

FEBRUARY 24, 2020

Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Figure 1: Lampion malware email templates. 2020-02-13] #Lampion v2 #portugal #malware #ATA 0998f6473004e0ba54ead5784ba62db8 h}//vrau-x.s3.us-east-2.amazonaws.[com/0.zip zip h//oiurx14x.s3.us-east-2.amazonaws.}com/P-14-7.dll

Malware

Malware Banking Antivirus Advertising

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. This follows on the heels of last week’s news when Sonatype’s Nexus Intelligence engine and it’s release integrity algorithm discovered discord.dll : the successor to “ fallguys ” malware and 3 other components. and ac-addon.

Malware

Malware Engineering Antivirus Software

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware

Malware Hacking Government Telecommunications

No need to RSVP: a closer look at the Tria stealer campaign

SecureList

JANUARY 30, 2025

Our investigation suggests that this campaign is likely operated by an Indonesian-speaking threat actor, as we found artifacts written in the Indonesian language, namely several unique strings embedded in the malware and the naming pattern of the Telegram bots that are used for hosting C2 servers. Contact me at ‘[link].

Accountability

Accountability Malware Banking Phishing

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware

Malware Adware Spyware Antivirus

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. This user said they specialize in developing malware, creating computer worms, and crafting new ways to hijack Web browsers.

Ransomware

Ransomware Cybercrime Accountability Malware

WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents

Quick Heal Antivirus

JULY 1, 2021

Confucius APT is known to target government sectors. The post WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents appeared first on Quick Heal Blog | Latest computer security news, tips, and advice. Warzone RAT is part of an APT campaign named “Confucius.”

Malware

Malware Government Cybersecurity

How You Get Malware: 8 Ways Malware Creeps Onto Your Device

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware

Malware Phishing Ransomware Mobile

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. SecurityAffairs – malware, Coronavirus).

Phishing

Phishing Malware Spyware DDOS

FBI Warns of CyberAttacks Targeting US Healthface Facilities

Adam Levin

NOVEMBER 6, 2020

While there are currently several strains of malware actively targeting healthcare facilities, the advisory primarily focused on TrickBot, a program with a wide range of tools capable of compromising computers and networks to exfiltrate data, intercept credentials, or deploy ransomware. Maintaining and updating antivirus software.

Healthcare

Healthcare Antivirus Backups Cybercrime

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

The Last Watchdog

JANUARY 3, 2023

Criminals who can infiltrate your children’s device through things like ‘free’ games, ringtones or other files that hide malware, can gain access to your entire family’s devices. This includes antivirus software, operating systems, and individual apps. Even if you think you’re not susceptible, your child may not be as knowledgeable.

Risk

Risk Cybersecurity Antivirus Phishing

LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

Security Affairs

MARCH 14, 2025

The ransomware gang and its affiliates targeted hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds.

Ransomware

Ransomware Cryptocurrency Small Business Malware

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

News alert: SpyCloud study shows gaps in EDR, antivirus — 66% of malware infections missed

Trending Sources

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

US Government Exposes North Korean Malware

Details on Uzbekistan Government Malware: SandCat

The Pentagon is Publishing Foreign Nation-State Malware

CISA Warns Government Agencies of Increasing Emotet Attacks

When Your Smart ID Card Reader Comes With Malware

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Adventures in Contacting the Russian FSB

MY TAKE: Surfshark boosts ‘DIY security’ with its rollout of VPN-supplied antivirus protection

US charged Dual Russian and Israeli National as LockBit Ransomware developer

Threat Group Continuously Updates Malware to Evade Antivirus Software

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

An Interview With the Target & Home Depot Hacker

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Beware: Malicious Android Malware Disguised as Government Alerts.

SideWinder targets the maritime and nuclear sectors with an updated toolset

Spam Kingpin Peter Levashov Gets Time Served

Researchers Perform An Analysis on Chinese Malware Used Against Russian Government

Do you actually need a VPN? Your guide to staying safe online!

Giant health insurer struck by ransomware didn't have antivirus protection

US govt agencies share details of the China-linked espionage malware Taidoor

CERT France – Pysa ransomware is targeting local governments

CISA analyzed stealthy malware found on compromised Pulse Secure devices

A Deep Dive Into the Residential Proxy Service ‘911’

How to Prevent Malware: 15 Best Practices for Malware Prevention

A Stealthy Malware Found on Hacked Pulse Secure Devices

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

CISA, Microsoft Warn of Wiper Malware Amid Russia-Ukraine Tensions

Inside Ireland’s Public Healthcare Ransomware Scare

Lampion malware v2 February 2020

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Purple Lambert, a new malware of CIA-linked Lambert APT group

No need to RSVP: a closer look at the Tria stealer campaign

Types of Malware & Best Malware Protection Practices

Grandoreiro banking malware targets Mexico and Spain

How Did Authorities Identify the Alleged Lockbit Boss?

WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents

How You Get Malware: 8 Ways Malware Creeps Onto Your Device

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

FBI Warns of CyberAttacks Targeting US Healthface Facilities

GUEST ESSAY: A new year, a familiar predicament — consumers face intensifying cybersecurity risks

LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

Stay Connected