The Hacker News

APRIL 8, 2024

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023.

Malware 114

Malware Phishing 114

SecureList

MARCH 7, 2024

To get access to the content (or contest), phishing sites prompted the victim to sign in to one of their gaming accounts. If the victim entered their credentials on the phishing form, the account was hijacked. Cryptocurrency scams Phishing aimed at stealing crypto wallet credentials remained a common money-making tool.

Phishing 101

Phishing Scams Cryptocurrency Accountability 101

CSO Magazine

JULY 25, 2022

Phishing , in which an attacker sends a deceptive email tricks the recipient into giving up information or downloading a file, is a decades-old practice that still is responsible for innumerable IT headaches. The fight against phishing is a frustrating one, and it falls squarely onto IT's shoulders.

Phishing 136

Phishing Passwords Malware 136

Security Affairs

NOVEMBER 2, 2022

Four malicious Android apps uploaded by the same developer to Google Play totaled at least one million downloads. The apps are infected with the Android/Trojan.HiddenAds.BTGTHB malware, the apps totaled at least one million downloads. 50,000+ downloads Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices).

Adware 97

Adware Phishing Mobile Malware 97

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 90

Malware Phishing Spyware Cyber threats 90

CyberSecurity Insiders

MAY 5, 2021

Cybersecurity Firm Mandiant has observed that a new malware campaign is on the prowl that started on December 2nd, 2020 targeting over 50 organizations so far. The first campaign started in December last year when the hackers sent phishing emails laced with malicious links to over 247 organizations hailing from US and APAC nations.

Phishing 120

Phishing Malware Education Retail 120

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 112

Phishing Software Scams Banking 112

Security Boulevard

MARCH 27, 2024

The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. The post DarkGate Malware Campaign Exploits Patched Microsoft Flaw appeared first on Security Boulevard.

Malware 69

Malware Phishing Marketing Software 69

Schneier on Security

APRIL 6, 2020

Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash. The malware further spread through the network without raising any red flags by stealing admin account credentials authenticating itself on new systems, later used as stepping stones to compromise other devices.

Malware 285

Malware Phishing Authentication Internet 285

CSO Magazine

NOVEMBER 21, 2022

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. Luna Moth removes malware portion of phishing callback attack.

Phishing 76

Phishing Malware Social Engineering Retail 76

Tech Republic Security

NOVEMBER 8, 2023

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 172

Malware Phishing Software Mobile 172

Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware. Please download and read the attached encrypted document carefully.

Phishing 279

Phishing Antivirus Scams Malware 279

Heimadal Security

NOVEMBER 9, 2022

affiliate is targeting companies with phishing emails, tricking them into installing the Amadey Bot and taking control of their devices. payload is downloaded as a PowerShell script or executable file that runs on the host computer and encrypts files. The Amadey Bot malware […]. A LockBit 3.0 The attack’s LockBit 3.0

Phishing 117

Phishing Encryption Malware Cybersecurity 117

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 120

Malware Antivirus Software Passwords 120

Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. That's when Russian security firm Dr. Web found a sample of spyware in Google's app store that impersonated a downloader of graphic design software but in fact had the capability to steal contacts, call logs, and text messages from Android phones.

Malware 297

Malware Spyware Phishing Government 297

The Hacker News

JANUARY 3, 2023

A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT.

Banking 90

Banking Malware Phishing 90

The Hacker News

SEPTEMBER 30, 2023

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah.

Malware 102

Malware Phishing 102

CyberSecurity Insiders

FEBRUARY 22, 2022

Trickbot Malware that started just as a banking malware has now emerged into a sophisticated data stealing tool capable of injecting malware like ransomware or serve as an Emotet downloader. The post Trickbot Malware hits 140,000 victims appeared first on Cybersecurity Insiders.

Malware 122

Malware Social Engineering Banking Phishing 122

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information.

Phishing 202

Phishing Scams Education Malware 202

Threatpost

MARCH 10, 2021

Spear-phishing emails are spreading the NimzaLoader malware loader, which some say may be used to download Cobalt Strike.

Phishing 93

Phishing Malware 93

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware 122

Malware Phishing Ransomware Mobile 122

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 84

Phishing Software Scams Banking 84

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 136

Malware Cybercrime Phishing Ransomware 136

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 99

Phishing Banking Mobile Scams 99

SecureList

JUNE 22, 2023

We wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. The attackers target German-speaking companies in the DACH region.

Phishing 116

Phishing Encryption Cybercrime Ransomware 116

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing 109

Phishing Malware Cryptocurrency Information Security 109

Hot for Security

JANUARY 29, 2021

The company believes the incident occurred on January 4, 2021, after threat actors managed to trick employees into accessing and downloading malicious software on some retail-store computers. “A few employees in retail stores were successfully scammed by unauthorized individuals and downloaded software onto a store computer.”

Data breaches 133

Data breaches Wireless Retail Malware 133

Identity IQ

FEBRUARY 14, 2024

What Is Spear Phishing and How to Avoid It IdentityIQ Have you ever clicked a suspicious link or opened an unexpected attachment, only to realize it was a scam? That’s where spear phishing comes in – a particularly cunning form of online deception. What Is Spear Phishing?

Phishing 83

Phishing Identity Theft Social Engineering Scams 83

Graham Cluley

DECEMBER 2, 2021

Finland’s National Cyber Security Centre has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. Read more in my article on the Tripwire State of Security blog.

Malware 133

Malware Phishing Mobile 133

Malwarebytes

SEPTEMBER 11, 2023

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. exe and a bundled script.

Malware 114

Malware Social Engineering Cryptocurrency Cybercrime 114

Hot for Security

FEBRUARY 3, 2021

Bitdefender Antispam Lab has observed a spike in phishing campaigns impersonating popular delivery services that seek to lure consumers into downloading malicious files on their devices. Overall, nearly 30% of all spam received relating to the delivery service was either a phishing attempt or had malicious attachments.

Phishing 119

Phishing Malware Scams Ransomware 119

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware 83

Malware Phishing Banking Hacking 83

Malwarebytes

NOVEMBER 1, 2022

In total, four apps are listed, and together they have amassed at least one million downloads. Yet, the developer is still on Google Play dispensing its latest HiddenAds malware. Our analysis of this malware starts with us finding an app named Bluetooth Auto Connect (full app information at the bottom of this article).

Phishing 94

Phishing Malware Mobile Adware 94

Hot for Security

MARCH 18, 2021

The Cybersecurity & Infrastructure Security Agency (CISA) and the FBI have released a Joint Cybersecurity Advisory on TrickBot warning that a sophisticated group of cyber actors are sending phishing emails claiming to contain proof of traffic violations to lure victims into downloading the insidious malware.

Phishing 119

Phishing Social Engineering Antivirus Malware 119

CyberSecurity Insiders

APRIL 7, 2022

According to a discovery made by security researchers from Cybereason, top-ranking officials from Israel were being targeted by spear phishing cyber attacks. Catfishing cyber attack campaign is simple, just to create fake social media account pages and target individuals and trick them into downloading malware.

Phishing 126

Phishing Government Cyber Attacks Surveillance 126

Malwarebytes

APRIL 6, 2021

In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Upon analysis, the obfuscated PowerShell downloader initiated a chain of infection leading to a lesser-known malware called Saint Bot. It was seen dropping stealers (i.e. Distribution.

Malware 122

Malware Phishing Passwords Architecture 122

CyberSecurity Insiders

OCTOBER 13, 2022

Researchers from Kaspersky have discovered that those using YoWhatsApp are being targeted with trojan malware named Triada having capabilities of stealing data from mobile phone and indulging in espionage. Usually, such malware is circulated as apps like Snaptube, that promise video downloads from Facebook, YouTube and Instagram all for free.

Malware 115

Malware Mobile Media Encryption 115