9 matches found
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 CVSS score: 9.3, an SQL injection bu...
Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
Threat actors associated with the Roaming Mantis attack campaign have been observed delivering an updated variant of their patent mobile malware known as Wroba to infiltrate Wi-Fi routers and undertake Domain Name System DNS hijacking. Kaspersky, which carried out an analysis of the malicious...
Ransomware Going for $4K on the Cyber-Underground
In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That’s according to an analysis by Kaspersky of the three main underground forums where ransomware is circulated...
Facebook Small Business Grants Spark Identity-Theft Scam
Cybercriminals are exploiting a $100 million Facebook grant program designed for small businesses impacted by the pandemic, to phish personal information and take over Facebook accounts. The perpetrators are trying to dupe people into thinking that the social network is handing out free money to...
Financial threats in H1 2019
Introduction and methodology Financial cyberthreats are malicious programs that attack users of online banking services, electronic money, cryptocurrency and other similar services, as well as threats aimed at gaining access to financial organizations and their infrastructure. Kaspersky experts...
Turla APT Returns with New Malware, Anti-Censorship Angle
The Turla APT has revamped its arsenal in 2019, creating new weapons and tools for targeting government entities. It’s now using booby-trapped anti-internet censorship software as an initial infection vector, suggesting Turla is going after dissident or other civil-society targets. The...
Duqu 2.0 Attackers Used Stolen Foxconn Certificate to Sign Driver
The attackers behind the recently disclosed Duqu 2.0 APT have used stolen digital certificates to help sneak their malware past security defenses, and one of the certificates used in the attacks was issued to Foxconn, the Chinese company that manufactures products for Apple, BlackBerry, Dell, and...
Face to Face with Duqu malware
Face to Face with Duqu malware Once again we discuss about Stuxnet, cyber weapons and of the malware that appears derivate from the dangerous virus. The international scientific community has defined a Stuxnet deadly weapon because been designed with a detailed analysis of final target environmen...
Conficker botnet not nearly as large as feared
An analysis of the Conficker peer-to-peer network set up by the latest variant of the worm shows that the size of the network is far smaller than originally thought. Estimates of the size of the botnet have run far into the millions, but analysts at Kaspersky Lab have been observing the network a...