Government, Phishing, Social Engineering and Spyware

AI likely to boost ransomware, warns government body

Malwarebytes

JANUARY 25, 2024

The impact is expected to grow for several reasons: AI already helps cybercriminals to compose more effective phishing emails. Reconnaissance and social engineering are specific fields where AI can be deployed. Professional spyware vendors have deep enough pockets to invest in new tools, training, and development.

Ransomware

Ransomware Government Social Engineering Spyware

Spam and phishing in 2023

SecureList

MARCH 7, 2024

To get access to the content (or contest), phishing sites prompted the victim to sign in to one of their gaming accounts. If the victim entered their credentials on the phishing form, the account was hijacked. Refunds were offered not only under the guise of government agencies. The required amount is most likely unattainable.

Phishing

Phishing Scams Cryptocurrency Accountability

The US Capitol Riot is a National Cybersecurity Emergency

Adam Levin

JANUARY 7, 2021

The potentially compromised data could include: Social Security numbers, health records (including mental health), home addresses, phone numbers, etc., as well as details about state business and likely correspondents, which could be used in a spear phishing attack, doxxing , and other social engineering ploys.

Computers and Electronics

Computers and Electronics Cybersecurity Social Engineering Spyware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Spam and phishing in 2022

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait.

Phishing

Phishing Scams Accountability Energy and Utilities

Spam and phishing in Q2 2021

SecureList

AUGUST 5, 2021

A fake notification about a Microsoft Teams meeting or a request to view an important document traditionally takes the victim to a phishing login page asking for corporate account credentials. This time, offers of financial assistance were mostly sent in the name of government agencies. Statistics: phishing. Top-level domains.

Phishing

Phishing Banking Scams Computers and Electronics

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

Being Used to Phish So Many of Us? Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US

Social Engineering

Social Engineering Spyware Data breaches Surveillance

Zero-Click Attacks a Growing Threat

eSecurity Planet

FEBRUARY 22, 2022

Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. There is no need for social engineering , as the program can implant backdoors directly without forced consent. Spyware and Zero-Days: A Troubling Market. Zero-click attacks remove this hurdle.

Spyware

Spyware Software Government Social Engineering

Spam and phishing in 2021

SecureList

FEBRUARY 9, 2022

Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. Hurry up and lose your account: phishing in the corporate sector. Another noticeable phishing trend targeting the corporate sector was to exploit popular cloud services as bait.

Phishing

Phishing Scams Accountability Banking

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

The attackers study their victims carefully and use the information they find to frame social engineering attacks. The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. Subsequently, DDoS attacks hit some government websites. Other malware.

Phishing

Phishing Spyware Firmware Malware

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. Additional features of botnets include spam, ad and click fraud, and spyware. Phishing and Social Engineering. How to Defend Against Phishing. Examples of Phishing Malware Attacks.

Malware

Malware Adware Spyware Antivirus

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Security Affairs

NOVEMBER 25, 2020

Since at least 2017, the prolific gang compromised at least 500,000 government and private sector companies in more than 150 countries. Business Email Compromise (BEC) is a type of email phishing attack that relies on social engineering. 2 Sample of the TMT’s phishing email. 1 Courtesy of INTERPOL.

Cybercrime

Cybercrime Phishing Social Engineering Spyware

Gamblers’ data compromised after casino giant Strendus fails to set password

Security Affairs

NOVEMBER 15, 2023

Source: Cybernews Usernames Names Government ID numbers (CURP) Phone numbers Email addresses Home addresses Dates of Birth Gender KYC status IP addresses used to register for an account IP addresses used to log in Deposit amounts Withdrawal amounts Notes on users, submitted by admins and customer support agents. Amount of leaked data.

Passwords

Passwords Identity Theft Social Engineering Spyware

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The emails provide updates on the Coronavirus outbreak, it includes stats on the epidemic and contains an email of corona-virus@caramail.com that is likely used for phishing purposes. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.

Malware

Malware Scams Social Engineering Phishing

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023.

Media

Media Social Engineering Ransomware Hacking

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

The rise of destructive attacks In December of last year, shortly after we released our predictions for 2023, Russian government agencies were reported to have been targeted by a data wiper called CryWiper. This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware.

Hacking

Hacking Energy and Utilities Media Malware

APT trends report Q2 2023

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware

Malware Government Phishing Social Engineering

APT trends report Q3 2022

SecureList

NOVEMBER 1, 2022

The victims are targeted with spear-phishing emails that trick them into mounting a malicious ISO file and double-clicking an LNK, which starts the infection chain. In most cases, the targets appear to be diplomatic and government organizations in Europe. The group’s TTPs remained consistent with those we described before.

Malware

Malware Ransomware Spyware Encryption

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1970-1995 — Kevin Mitnick — Beginning in 1970, Kevin Mitnick penetrates some of the most highly-guarded networks in the world, including Nokia and Motorola, using elaborate social engineering schemes, tricking insiders into handing over codes and passwords, and using the codes to access internal computer systems.

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

First, the threat actor sends a spear-phishing email to the potential victim with a lure to download additional documents. The attacks, which took place earlier this year, affected industrial plants, design bureaus and research institutes, government agencies, ministries and departments. The attacks occur in several stages.

Malware

Malware Computers and Electronics Adware Cryptocurrency

Cyber Security Informer

AI likely to boost ransomware, warns government body

Spam and phishing in 2023

Webinars

Trending Sources

The US Capitol Riot is a National Cybersecurity Emergency

Webinars

Spam and phishing in 2022

Spam and phishing in Q2 2021

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Zero-Click Attacks a Growing Threat

Spam and phishing in 2021

IT threat evolution Q1 2022

Types of Malware & Best Malware Protection Practices

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Gamblers’ data compromised after casino giant Strendus fails to set password

New Coronavirus-themed malspam campaign delivers FormBook Malware

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

Advanced threat predictions for 2024

APT trends report Q2 2023

APT trends report Q3 2022

Cyber CEO: The History Of Cybercrime, From 1834 To Present

IT threat evolution Q3 2022

Stay Connected