Security Affairs

APRIL 6, 2020

According to the BGPmon.net , starting from 2020-04-01 19:27:28 its service detected a possible BGP hijack, the prefix involved is 31.13.64.0 /19, The phenomena were also monitored by security firm Qrator Labs, below and excerpt from its analysis. In November 2018, security researchers Chris C. The prefix 31.13.69.0/24

IT 88

IT Cloud Paper Marketing 88

Security Affairs

FEBRUARY 27, 2020

The post Lampion malware origin servers geolocated in Turkey appeared first on Security Affairs. As confirmed in Figure 3 , the server was created and is maintained to target specificly Portuguese users in-the-wild; as suggested by its internal name: “portaldasfinancas “. Nome do Servidor: Linux portaldasfinancas 4.4.0-116-generic

Government 102

Government IT Security Information Security 102

Security Affairs

APRIL 24, 2020

Singapore, 24/04/2020 – Group-IB , a Singapore-based cybersecurity company, has detected a dump containing details for nearly 400,000 payment card records uploaded to a popular darknet cardshop on April 9. The provenance of this data remains unknown. However, in this case the source of the stolen data remains unknown.

Sales 102

Sales Cybersecurity Risk Marketing 102

Security Affairs

JUNE 10, 2019

Security experts at Trend Micro report that the MuddyWater APT group (aka SeedWorm and TEMP.Zagros ), has used an updated multi-stage PowerShell backdoor in recent cyber espionage campaigns. The macro was used to drop a VBE file that holds a block of data containing an obfuscated PowerShell script. . Pierluigi Paganini.

IT 60

IT Phishing Government Security 60