Contents:
Enterprise Premium Support. Professional Services. Analyse aus den Bitdefender Labs Neu. Veranstaltungen und Webinare. Berichte aus der Bedrohungsforschung. Kostenlose Sicherheits-Tools. Auszeichnungen und Zertifikate. Moderne Bedrohungsabwehr. Hypervisor Introspection. Werden Sie Partner.
Werden Sie Partner Heimanwenderprodukte. Partner finden. Beim PAN-Portal anmelden. Einen MSP-Partner finden. Die IoT-Sicherheitsplattform. Analyst Relations. Media Relations. Aktuelle Meldungen. Log in to your Bitdefender account and manage security for what matters. Bitdefender Unternehmen Fallstudien. Dubbed FIN8, this group is known to have used a diverse array of techniques, from spear-phishing to zero-day exploits in Windows, to infect retail, hospitality and entertainment companies and steal payment card data from POS systems.
Our analysis reveals several differences between three deployed BADHATCH versions and to isolate the differences between versions, which helps us pinpoint campaigns on a timeline. First investigated in May , the Foudre malware is allegedly of Iranian origin and traditionally targets both government and the private sector.
Once unpacked, the archive contained both a document and a binary, both installing a backdoor into the compromised machine. Since the backdoor is designed to work on x86 and x64 Windows machines, threat actors were likely betting that victims would download and open the archive. Dubbed IceID, this new banker Trojan employed several mechanisms to target business, including webinjection and redirection attacks. Since its emergence in , this threat has adopted new tactics, including interjecting into genuine conversations that had been exfiltrated in previous breaches.
Whether in plain sight or hidden under drywall, these convenient and relatively inexpensive intelligent outlets and switches have made their way into the smart home and stayed there.
Je vous donne 72 dernières heures. Mail: hacker et menace de diffusion vidéo. Arnaque video Bitcoin area unit created as a penalty for a process notable every. Stefan Thomas tente de récupérer ses millions de dollars en bitcoins stockés sur un disque dur dont il a Mail de menace diffusion video [Fermé] Signaler.
At Bitdefender, our researchers are regularly inspecting IoT devices and platforms to identify vulnerabilities and develop new mitigations in the Bitdefender IoT Security Platform. The operation was conducted over at least a few years, as the earliest signs of potential compromise date back to late The earliest mainstream use of WMI in malware was Stuxnet, a cyber-weapon that completely reshaped cybersecurity. This whitepaper presents a summary of malware that uses WMI to achieve their goal.
Looking Into the Eye of the Interplanetary Storm Bitdefender researchers have found clues that the Interplanetary Storm Golang botnet could be used as highly anonymous proxy-network-as-a-service and potentially rented using a subscription-based model.
While the botnet has been under previous scrutiny from Bitdefender researchers, constant monitoring of the development lifecycle of Interplanetary Storm has revealed that threat actors are both proficient in using Golang and development best practices, and well-versed at concealment of management nodes. Dissecting LemonDuck Crypto-Miner, a KingMiner Successor Crypto-currencies have enjoyed dramatic adoption in the past few years, with miners attempting to boost mining capabilities while predicting market fluctuations at the same time.
This new crypto-gold rush has been capped as of late by mining corrections and increased energy prices. This whitepaper details on LemonDuck, an advanced piece of malware that compromises enterprise networks for cryptocurrency mining. Bitdefender 10 IN 10 Study: Seven in Ten CISOs Believe Cyberwarfare is an Imminent Threat to Their Organisations The constant state of change and rapidly evolving cybersecurity landscape, has led us to conduct the 10 in 10 Study — a comprehensive piece of independent research — looking at what factors will most impact security success in the next decade.
The research has explored the specific expectations organisations have when it comes to security, and with the help of third parties, examined what security teams would want to do if they had more time, more money and company cultures that embraced and supported cybersecurity. Industrial espionage is nothing new and, since the real-estate industry is highly competitive, with contracts valued at billions of dollars, the stakes are high for winning contracts for luxury projects and could justify turning to mercenary APT groups for gaining a negotiation advantage.
Bitdefender Mid-Year Threat Landscape Report The threat landscape has always been influenced by events and shifts in cybercriminal practices, but the global coronavirus pandemic has caused a significant shift both in how cybercriminals operate and how they hone their skills. A defining characteristic of the first half of in terms of threats and malware is that they all played on the same theme: the pandemic.
A spike in scams, phishing and malware across all platforms and attack vectors seems to have been a direct result of cybercriminals leveraging issues related toCovid to exploit fear and misinformation.
Cracking the August SmartLock: WiFi Password Eavesdropping Made Easy The rise of online property rental in an increasingly competitive sharing economy has had a significant impact on the adoption of Internet-connected smart locks. Packed with features that allow landlords to issue and revoke access by electronically sharing a token or PIN code during booking, smart locks have managed to eliminate the need to meet strangers or use key drops.
Unlike most IoT devices, smart locks create physical security boundaries, and products from top lock companies are preferred to generic brands. But do the devices made by lock companies that made history in the evolution of the modern lock live up to their digital promise? Kingminer — a Crypto-Jacking Botnet Under the Scope n late , crypto currencies in general and Bitcoin in particular have appreciated tremendously.
By compromising computers with coin miners, cyber-criminals could take in great profits at zero hardware costs. This white-paper tells the story of Kingminer, a botnet that has undergone significant changes to stay relevant and avoid detection. Information about this actor was first publicly reported in October with details on attacks against users in Belgium and Italy. Later, in , the attackers shifted their focus on another geographical region, compromising Turkish telecommunication companies to target hundreds of users in Turkey and Syria.
It is believed that the attacks attributed to StrongPity are government-sponsored and are used for population surveillance and intelligence exfiltration. More so, it is believed that these attacks are used as support for the geo-political conflicts in the region. The known preferred infection vector used by the StrongPity group is a watering hole technique, delivering malicious versions of legitimate installers to certain targets. Dubbed Bitter, the Advanced Persistent Threat group also known as APT-C has been active both in desktop and mobile malware campaigns for quite a long time, as their activity seems to date back to This paper is a technical account of the developments related to Bitter, its evolution and how, steadily and surely, threat actors are upping their game and poking holes in Google Play to use it as a propagation vector.
The report, which will form part of the yet to be released 10 in 10 Study, details the pressures faced by IT professionals during the COVID, how these pressures are testing the effectiveness of security measures and the changes they will need to make within their organisations as a result. Loading DLLs for illicit profit.
A story about a Metamorfo distribution campaign Late last year, we noticed a massive ongoing campaign of banker malware concentrated primarily in Brazil. The threat actors behind this campaign have a predilection for defense evasion, with their signature modus operandi revolving around a technique named dynamic-link library DLL hijacking. This whitepaper covers the technical details of the attack and how operators abuse legitimate tools to evade detection. It is known to be active since , focusing on cyber espionage campaigns.
Bitdefender has spotted the group targeting critical infrastructure from the Middle East, presumably for intelligence gathering. Bitdefender researchers have found attacks conducted by this actor in the Middle East region, dating back to Uprooting Mandrake: The Story of an Advanced Android Spyware Framework That Went Undetected for 4 Years In early we identified a new, highly sophisticated Android espionage platform that had been active in the wild for at least 4 years.
We named the threat Mandrake as the actor s behind it used names of toxic plants, or other botanical references, for major development branches: e. Briar, Ricinus or Nerium. This whitepaper provides insight into how the malware operates, what its end goal was and how it successfully managed to stay undetected in an official app store for more than 4 years. Coronavirus Report: Popular Android Apps Impersonated by Malware The serious isolation measures adopted to stop the Coronavirus pandemic has forced people to turn to technology as a bridge to the rest of the world. For the past three months, we have monitored trending mobile applications and have looked for cloned applications rigged with malware.
A Technical Look into Maze Ransomware At the end of May , a new family of ransomware called Maze emerged into the gaping void left by the demise of the GandCrab ransomware. Bitdefender experts take a deep dive into Maze Ransomware to expose the shady techniques it uses to perform obfuscation, evasion, exploitation and ultimately, encryption.
The new module was discovered on January 30 and, based on the IP addresses it targets, victims seem to be US and Hong Kong-based, predominantly in the telecom industry. While TrickBot is a Trojan that has been around since , it started out as a credential-harvesting threat mostly focusing on e-banking, while its plugin-based design has made it much more than just a threat focused on financial data theft. To many parents, the ability to keep an eye on children while away is worth the risk of having video feeds or pictures leaked to unauthorized parties.
PCMag contacted the research team at Bitdefender and asked us to look at several popular internetconnected devices, including the iBaby Monitor M6S camera. But understanding how to hunt across an environment requires that we must first understand exactly what Cyber Threat Hunting is. The best solutions will feature services that have high fidelity threat intelligence and take preapproved proactive response actions on behalf of the customer.
Help Found: Cyber Skills Through Managed Detection and Response Services With the cybersecurity skills shortage continuing unabated year after year, organizations turn to managed detection and response MDR services for help.
It integrates with Google Docs making it an easy way to add feedback to student work From an increase in the number of reported vulnerabilities to ransomware, cryptocurrency miners, fileless malware, and Android threats, we've also seen adware that is now borderline malware and IoT malware that both persistent and resilient. It is interesting to imagine what Charles Darwin would make of the current state of money. As saving creates the possibility for capital accumulation and its associated benefits, debt is what can reverse it by reducing capital stocks, productivity and living standards across generations. Assuming a long-term time horizon, this same glimpse of reality may play out with cryptocurrencies, this time as more than just a temporary phenomenon. Cryptocurrency Mining Craze Going for Data Centers Cybercriminals have always been financially motivated, and cryptocurrency mining is the latest trend in generating revenue by abusing the same age-old malware attack vectors previously associated with ransomware dissemination. First investigated in May , the Foudre malware is allegedly of Iranian origin and traditionally targets both government and the private sector.
Specialized human acumen and tailored threat data in MDR offerings help reduce the security volume faced by security analysts. RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data Bitdefender researchers recently found threat actors abusing a legitimate feature in the RDP service to act as a fileless attack technique, dropping a multi-purpose off-the-shelf tool for device fingerprinting and for planting malware payloads ranging from ransomware and cryptocurrency miners to information and clipboard stealers.
The campaigns do not seem to target specific industries or companies; instead, threat actors have used a shotgun approach, focusing on reaching as many victims as possible. Relatively inexpensive and easy to control remotely, they promise a world at your fingertips. Security vulnerabilities in connected devices can not only affect the user experience but can also give cyber-criminals an open door to your local network. This is also the case with the Belkin WeMo Insight Switch, a smart power plug that lets you turn any conventional device into a smart one.
Threat Intelligence Required for Effective Managed Detection and Response Cybersecurity professionals are responsible for threat prevention, detection, and response and most invest abundant resources, both human and budgetary, into security controls and processes in this area. Threat prevention starts with good security tools hygiene and must-have controls like endpoint security software, intrusion prevention, and the like.
However, despite all the controls in place, adversaries still break through threat defenses and compromise the environment. The rise to prominence of detection and response over mere protection capabilities is a direct result of security tool vulnerability to the continued rise in adversarial sophistication. Bitdefender Mid-Year Threat Landscape Report The first half of brought interesting developments in malware targeting popular operating systems, in hardware and software vulnerabilities affecting consumer and businesses, and in the increased number of attacks aimed at and even carried out by IoTs.
With the money motive driving the proliferation of malware, cybercriminals are nothing if not resourceful when developing new malware strands or coming up with more successful attack vectors. The number of malware samples roaming the internet is about to reach the 1 billion1 milestone. Cumulatively, the apps were apparently downloaded almost , times by Google Play users.
While Google has gone to great lengths to ban malicious or potentially unwanted applications from the official Android app store, malware developers are nothing if not imaginative when coming up with new ideas to dodge Google Play Protect. Increasing Cybersecurity Resilience through Security Automation The ever-evolving threat landscape, coupled with the increased number of cyberattacks aimed at businesses and organizations, has accelerated adoption of a growing number of security solutions.
The malware-as-a-service industry has lowered the bar for cybercriminals -- not having the right technical skills is no longer a barrier for those who want an exploit kit, ransomware kit, or even a botnet. Cyber risk is now among the top 5 risks affecting businesses, according to 65 percent of executives.
One example is the Fallout Exploit Kit, which we will describe in depth in this article. As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats. The investigation revealed that the worm-cryptominer has been constantly updated by its developers.