Initech Product (INISAFE CrossWEB) Security Update Recommendation Posted By choeyul , April 5, 2023 Overview A security update to patch the vulnerability of Initech’s INISAFE CrossWeb EX V3 has been announced. INISAFE CrossWeb EX V3 is a software program used for electronic financial transactions and financial security certification in the public sector. It is used by various companies and individuals for Internet banking, so it is essential for most users to check if the program is installed on their PC and update it to the latest version following the guide below. Description AhnLab Security…
ASEC Weekly Phishing Email Threat Trends (March 19th, 2023 – March 25th, 2023) Posted By ASEC , April 3, 2023 AhnLab Security Emergency response Center (ASEC) monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and honeypot. This post will cover the cases of distribution of phishing emails during the week from March 19th, 2023 to March 25th, 2023 and provide statistical information on each type. Generally, phishing is cited as an attack that leaks users’ login account credentials by disguising as or impersonating an institute, company, or individual through social engineering methods. On a broader note,…
ASEC Weekly Malware Statistics (March 20th, 2023 – March 26th, 2023) Posted By ASEC , March 30, 2023 AhnLab Security response Center (ASEC) uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from March 20th, 2023 (Monday) to March 26th, 2023 (Sunday). For the main category, backdoor ranked top with 41.7%, followed by downloader with 31.9%, Infostealer with 24.7%, ransomware with 1.1%, backing with 0.3%, and CoinMiner with 0.3%. Top 1 – Redline RedLine ranked first place with 35.6%. The malware steals various information such as…
EDR Product Analysis of an Infostealer Posted By EASTSTON3 , March 30, 2023 AhnLab Security Emergency response Center (ASEC) released an analysis report on an Infostealer that is being distributed through YouTube. Infostealer Being Distributed via YouTube As mentioned in the report, an Infostealer is being distributed through various platforms, and the leaked information is causing both direct and indirect harm to users. Understanding what information has been stolen and where it is being sent is crucial in order to minimize the damage caused by an Infostealer infection. AhnLab EDR keeps logs of…
Kimsuky Group Uses ADS to Conceal Malware Posted By Vanish , March 29, 2023 AhnLab Security Emergency response Center (ASEC) has discovered that the Kimsuky group is using Alternate Data Stream (ADS) to hide their malware. This malware is an Infostealer that collects data by starting the VBScript included inside an HTML file. It can be characterized by its tendency to add the actual code between numerous dummy codes. Figure 1. Part of the initially executed script The following commands are executed in the terminal to collect and transmit data. hostname systeminfo net user…