EternalBlue – Computer Security Articles

CISA issues alert with South Korean government about DPRK’s ransomware antics

February 13, 2023 admin andariel, APT, cisa, conti, democratic people’s republic of korea, dprk, EK, EternalBlue, exploit kit, h0lygh0st, Lazarus Group, magniber, magnitude exploit kit, maui, news, NORTH KOREA, plutonium, ransomware, silent chollima, stonefly, WannaCry

Categories: News

Categories: Ransomware

Tags: CISA

Tags: ransomware

Tags: Democratic People’s Republic of Korea

Tags: DPRK

Tags: North Korea

Tags: WannaCry

Tags: EternalBlue

Tags: Lazarus Group

Tags: APT

Tags: Magniber

Tags: Magnitude exploit kit

Tags: exploit kit

Tags: EK

Tags: Andariel

Tags: Silent Chollima

Tags: Stonefly

Tags: Maui

Tags: H0lyGh0st

Tags: PLUTONIUM

Tags: Conti

The tactics of North Korean-sponsored ransomware cyberattacks against the healthcare sector and other vital infrastructure are highlighted in the latest #StopRansomware alert.

Security Sophos

How the most damaging ransomware evades IT security

November 14, 2019 admin brute force, cryptoworm, EternalBlue, Privilege Escalation, raas, ransomware, RDP, SMB, SophosLabs Uncut

Credit to Author: Mark Loman| Date: Thu, 14 Nov 2019 13:50:28 +0000

This article is a condensed version of our report How Ransomware Behaves: What defenders should know about the top families<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-0DnxPzSZek” height=”1″ width=”1″ alt=””/>

Kaspersky Security

Smominru botnet infects 4,700 new PCs daily

October 3, 2019 admin Botnet, credentials, cryptominers, data theft, EternalBlue, news, NotPetya, smominru, Threats, WannaCry, windows

Credit to Author: Marina Mash| Date: Thu, 03 Oct 2019 13:37:51 +0000

The botnet generally propagates through EternalBlue, the same vulnerability that made the WannaCry and NotPetya outbreaks possible.

Security Sophos

Lemon_Duck PowerShell malware cryptojacks enterprise networks

October 1, 2019 admin Cryptojacking, cryptomining, EternalBlue, fileless, lemon_duck, Powershell, SMB, SophosLabs, SophosLabs Uncut

Credit to Author: rajeshnataraj| Date: Tue, 01 Oct 2019 04:01:09 +0000

SophosLabs are monitoring a significant spike in crypto mining attacks, which spread quickly across enterprise networks. Starting from a single infection, these attacks use a variety of malicious scripts that, eventually, turn an enterprise’s large pool of CPU resources into efficient cryptocurrency mining slaves. The threat actors behind these campaigns have been using an array […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/jF91Bgk0dso” height=”1″ width=”1″ alt=””/>

MalwareBytes Security

TrickBot adds new trick to its arsenal: tampering with trusted texts

September 3, 2019 admin 2fa, account takeover fraud, ATO, Authy, C&C, Dell Secureworks, dynamic webinject, dyreza, emotet, Eternal Romance, EternalBlue, EternalChampion, Gold Blackburn, Google Authenticator, hasherezade, point-of-sale, port-out fraud, pos, SIM hijacking, SIM swapping, Sprint, T-Mobile, thetrick, trickbot, trickloader, trickster, Trojan.TrickBot, trojans, two-factor authentication, Verizon Wireless

Credit to Author: Jovi Umawing| Date: Tue, 03 Sep 2019 15:26:01 +0000

TrickBot’s latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.

Categories:

Trojans

Tags: 2fa account takeover fraud ATO Authy C&C Dell Secureworks dynamic webinject dyreza emotet Eternal Romance EternalBlue EternalChampion Gold Blackburn Google Authenticator hasherezade point-of-sale port-out fraud POS SIM hijacking SIM swapping Sprint T-Mobile thetrick trickbot trickloader trickster Trojan.TrickBot two-factor authentication Verizon Wireless

MalwareBytes Security

Sophisticated threats plague ailing healthcare industry

April 30, 2019 admin 2019 data security incident response report, cybercrime, decatur county general hospital breach, EternalBlue, filess malware, healthcare, healthcare cybersecurity, healthcare malware, Healthcare security, hipaa, malware, Ransom.WannaCrypt, ransomware, riskware, riskware.mictray, riskware.tool.hck, rootkit.fileless.mtgen, spyware, spyware.agent, spyware.emotet, spyware.trickbot, trickbot, trojan.bitcoinminer, trojan.emotet, trojan.fakems, Trojan.TrickBot, trojans, WannaCry, worm.parite, worm.qakbot, worms

Credit to Author: Jovi Umawing| Date: Tue, 30 Apr 2019 15:00:00 +0000

Black hat hackers are after patient healthcare data, and such breaches will only intensify. Which forms of malware are behind the attacks? We take a look at the advanced threats targeting a sector struggling to keep up.

Categories:

Tags: 2019 data security incident response report decatur county general hospital breach EternalBlue filess malware healthcare healthcare cybersecurity healthcare malware healthcare security HIPAA Ransom.WannaCrypt ransomware riskware riskware.mictray riskware.tool.hck rootkit.fileless.mtgen spyware spyware.agent spyware.emotet spyware.trickbot trickbot trojan.bitcoinminer trojan.emotet trojan.fakems Trojan.TrickBot Trojans WannaCry worm.parite worm.qakbot worms

Security TrendMicro

This Week in Security News: Medical Malware and Monitor Hacks

April 18, 2019 admin Business Email Compromise, CoinMiner, Current News, EternalBlue, hacking, malware, Security

Credit to Author: Jon Clay (Global Threat Communications)| Date: Thu, 18 Apr 2019 13:00:42 +0000

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how baby monitors may be susceptible to hacking. Also, learn about a medical flaw that enables hackers to hide malware. Read on: Is Your Baby Monitor…

The post This Week in Security News: Medical Malware and Monitor Hacks appeared first on .

MalwareBytes Security

Emotet revisited: pervasive threat still a danger to businesses

March 14, 2019 admin banking Trojan, Botnet, cybercrime, emotet, EternalBlue, information stealer, malware, Ryuk Ransomware, SMB vulnerabilities, trickbot, Trojan

Credit to Author: Pieter Arntz| Date: Thu, 14 Mar 2019 15:00:00 +0000

Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.

Categories:

Tags: banking Trojan botnet emotet EternalBlue information stealer Ryuk ransomware SMB vulnerabilities trickbot trojan

← Previous