Tag Archive for: windows

Akira Ransomware Alert! Kaspersky Reveals Global Impact on Windows and Linux

/in


Ransomware

Ransomware, Stealers and Fake Updates – Inside the Evolving Cybercrime Landscape

The online dangers we face are always changing, with cybercriminals coming up with new ways to harm people on the internet. Experts at Kaspersky keep an eye on these threats and study them to help everyone stay safe.

One group at Kaspersky called the Global Research and Analysis Team (GReAT), is focused on understanding and stopping new kinds of malicious software. They’re looking into tricky attacks, like ransomware that works on different devices, viruses that go after Apple computers, and sneaky methods hackers use to trick people, like fake browser alerts. According to Kaspersky’s latest findings, cybercriminals are getting smarter and using more advanced tricks to infect computers without getting caught.

Fake Browser Updates Hide Trojans

One threat uncovered by Kaspersky GReAT researchers is the cunning FakeSG campaign. Legitimate websites are compromised to display fake browser update alerts. Clicking these prompts a file download that seems to update the browser but actually runs hidden malicious scripts. These establish persistence and expose command infrastructure revealing the operation’s sophistication.

Cross-Platform Ransomware Wreaking Havoc

Akira ransomware is the latest threat able to infect both Windows and Linux systems. Within months over 60 organizations globally were impacted, including in retail, manufacturing and education. Akira shares code similarities with Conti ransomware but has an old-school command panel design making analysis trickier. Its cross-platform adaptability shows the broad reach of modern ransomware.

MacOS Malware Joining the Fray

The AMOS information stealer surfaced in April 2023, was sold via Telegram and was initially written in Go before shifting to C code. By deploying malvertising on phishing sites spoofing popular Mac apps, AMOS can infiltrate Apple systems and exfiltrate sensitive user data. This reflects a wider trend of Mac-focused malware moving beyond traditional Windows targets.

Staying Safe in an Evolving Landscape

With cybercriminals rapidly innovating their tools and tactics, end users must be proactive about security. Maintaining device software…

Source…

Avira Antivirus Is Causing Windows PCs To Run So Hard They Freeze Up, Fix Available

/in


One of the telltale signs that your PC has become ill with a virus is an unexpected slowdown in performance. Various forms of malware can sometimes feast on your system’s resources, whether it’s a hidden cryptocurrency miner, keylogger, or something else. Ironically, a recent update to Avira’s antivirus software is having the same effect on system PCs, with users reporting system freezes in Windows.

The issue came to light this week in a post on Reddit. A user who goes by “kiiniiwiinii” reported that their PC had suddenly begun freezing up, which prompted them to start disabling background apps one by one, until only Avira remained running.

“Two other people I know had the same issue (both have Avira). Fixed it by going into safe startup and uninstalling Aviera. This along with the game booster (that we didn’t enable) causing lag (took forever to figure out the cause) and the horrible support, I will be cancelling my subscription and keeping Avira uninstalled,” the user wrote.

Several others chimed in to the Reddit thread and said they too were experiencing the same performance hiccup. One user said they noticed the apparent glitch was causing Avira to utilize 100% of their processor and memory resources. Others reported seeing the same issue on dozens of client PCs. So, what gives?

Avira’s parent company, Gen Digital, confirmed the issue in a statement to Heise.de. According to Gen Digital, a bug in Avira’s firewall was causing the issue “under a certain condition.” The company also said that the issue has been resolved via a new software update.


“We are aware that a recent update from Avira has caused problems for some Windows 10 and Windows 11 users. These were automatically resolved by an update released on Monday, December 11th [at] 11:30 a.m. (CET). In the unlikely event that the update has not reached all computers, users can contact the Avira support team who will be happy to help them,” Gen Digital said.

Interestingly, Gen Digital also said that if the update does not arrive for some reason,…

Source…

Exploit Of Windows 2000 Zero-Day To Hit In June

/in


vulnerability file protocol exploit

According to the Cupertino, Calif. company’s alert, an exploit for the zero-day bug in Windows 2000’s SMB (Server Message Block) protocol has been created by Immunity Security, the makers of the CANVAS exploit-creation platform.

By Immunity researcher Dave Aitel’s account, the exploit leverages a flaw in the operating system’s kernel that can be triggered through SMB, and will give an attacker full access to the PC.

Aitel claimed Immunity will make the exploit public in June.

“Immunity is considered to be a reliable source and we are of the opinion that this information should be treated as fact,” read Symantec’s warning. “An official security update from Microsoft will likely not be in development until after June when the information is released.”

Until then, Symantec recommended that companies restrict SMB services to trusted hosts; if that’s not possible, companies should consider upgrading to a newer version of Windows.

Windows 2000 was last patched against an SMB vulnerability in June 2005.

Although Windows 2000 has been in its last lifespan stage since June 2005 — called “Extended Support” by Microsoft — the Redmond, Wash. developer still patches bugs in the OS during its monthly security updates.

Source…

7 useful hacker tools for Microsoft Windows professionals

/in


The internet offers a rich selection of tools for criminal purposes: password crackers and vulnerability scanners are just two examples. At the same time, one also finds web applications that are suitable for violating privacy — for example, reverse searches for the owners of telephone numbers or a person in a photo.

However, these tools can not only be used for criminal purposes or to find out the identity of other people, you can also use them for your own protection or for emergencies. Password crackers, for example, are often the last resort if you have forgotten an important password. Vulnerability scanners can also be used on your own network to detect and then block possible entry points for hackers.

Caution: Cracking passwords or even spying on networks is only permitted by law if it involves your own passwords and your own network. If you try to decrypt someone else’s password or spy on another network, you are liable to prosecution.

Replace Windows password

Der Offline NT Password & Registry Editor kann auch die Passwörter von Windows 10 und 11 überschreiben. Eine ausführliche Anleitung im Web erklärt Ihnen, wie das geht.

The Offline NT Password & Registry Editor can also overwrite Windows 10 and 11 passwords. A detailed guide on the web explains how to do this.

IDG

The first password you have to enter after turning on your computer is usually the Windows password. If you no longer know this password, your data is not lost — you can boot the computer with a boot stick or a boot CD, for example, and copy important documents to another medium — but you usually have no choice but to reinstall the operating system.

The free tool Offline NT Password & Registry Editor offers a way out. It does not even try to crack the password, but simply overwrites it with a character combination of your choice.

The tool is already quite old, the last version dates from 2014, but it still runs under Windows 10 and 11, albeit with some restrictions. For example, the computer must support legacy mode when booting; the program does not work with a UEFI boot. In addition, the hard disk or SSD must not be encrypted with Bitlocker or any other software.

Also note that Windows’ built-in encryption, the EFS file system, is tied to the password. If you change it with the Offline NT Password & Registry Editor and had…

Source…