Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool. Target reshuffle.

Phishing 87

Phishing Spyware Banking Malware 87

SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The attack starts with phishing emails purporting to be a court order or summons from an institution in Colombia’s judicial system.

Energy and Utilities 101

Energy and Utilities Ransomware Malware Government 101

Heimadal Security

JULY 20, 2021

They were charged with several hacking crimes that unfolded between 2011 and 2018 where they targeted state entities, universities, and enterprises. 4 members belonging to APT40, a hacking group supported by the Chinese government, were indicted yesterday by the U.S. DOJ (Department of Justice).

Hacking 111

Hacking Government Phishing Cybersecurity 111

Security Affairs

FEBRUARY 7, 2020

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011 targeting journalists and activists in the Middle East, as well as organizations in the United States, and entities in the U.K., Israel, Iraq, and Saudi Arabia. ” concludes the report.

Phishing 118

Phishing Malware Advertising Media 118

Security Affairs

JANUARY 12, 2022

Russia-linked cyber-espionage groups have used common tactics, such as spear-phishing, and brute force attacks. Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018. Some of the hacking campaigns that were publicly attributed to Russian state-sponsored APT actors by U.S. Pierluigi Paganini.

Malware 143

Malware Cyber threats Government Hacking 143

Malwarebytes

MARCH 31, 2022

Witness 419 scammers misusing Google calendar invites in 2011 , or even using Yahoo! Calendar app spam leads to phishing pages. According to Bleeping Computer, it’s been abused to send phishing missives. The phish routine ends with that time honoured process of redirecting the phished individual to a real website afterwards.

Phishing 101

Phishing Password Management Passwords 101

Malwarebytes

SEPTEMBER 22, 2021

Ayesha fled Libya shortly after the Battle of Tripoli back in 2011. The scammers can’t even get this right; Aisha has had four children , but two of them were killed during the fighting in 2011. She eventually moved from Algeria to Oman, where she claims political asylum to this day.

Identity Theft 117

Identity Theft Scams Banking Government 117

Security Affairs

OCTOBER 13, 2019

Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September. Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. . The link points to a malicious phishing website.

Media 93

Media Social Engineering Phishing Advertising 93

SecureList

NOVEMBER 28, 2024

Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails. In this most recent campaign, the actor uses spear-phishing emails, embedding a JavaScript loader as the initial infection vector.

Malware 117

Malware Government Software Spyware 117

Security Affairs

JUNE 30, 2023

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. In Many, Volexity observed Charming Kitten attempting to distribute POWERSTAR via spear-phishing messages with an LNK file inside a password-protected RAR file.

Phishing 98

Phishing Malware Passwords Media 98

CyberSecurity Insiders

FEBRUARY 8, 2023

According to the sources reporting to Cybersecurity Insiders, threat actors, probably funded by Kremlin, hacked the email account of Stewart McDonald via a spear-phishing act. Second is the news related to the leak of sensitive details belonging to over 20 million users created between the time frame of 2011 and 2019.

Cyber Attacks 105

Cyber Attacks Ransomware Accountability Data breaches 105

Security Affairs

SEPTEMBER 11, 2022

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. . The APT group previously targeted medical research organizations in the US and Israel in late 2020, and for targeting academics from the US, France, and the Middle East region in 2019.

Surveillance 100

Surveillance Social Engineering Phishing Government 100

eSecurity Planet

SEPTEMBER 14, 2022

As a matter of fact, the most-reported crime in the 2021 Internet Crime Report report was phishing , a social engineering scam wherein the victim receives a deceptive message from someone in an attempt to get the victim to reveal personal information or account credentials or to trick them into downloading malware. Technological tactics.

Social Engineering 121

Social Engineering Energy and Utilities Phishing Scams 121

Security Affairs

JULY 10, 2024

Justice Department (DoJ) indicted four members of the cyber espionage group APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. They prioritize obtaining valid credentials for subsequent activities.

Cybersecurity 129

Cybersecurity Hacking Software Government 129

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. Instead of using the “spray and pray” technique, they started zeroing in on enterprise networks.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Herjavec Group

AUGUST 26, 2021

Justice Department announces more than 70 indictments and 125 convictions or arrests for phishing, hacking, spamming and other Internet fraud as part of Operation CyberSweep. . 2011 — Sony Pictures — A hack of Sony’s data storage exposes the records of over 100 million customers using their PlayStation’s online services.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

OCTOBER 28, 2018

The attack between 2000 and early 2010, the hackers targeted company admins with spear-phishing attacks aimed at infecting their machines. Attackers infected at least three Belgian techies’ machines and used them as entry points into the Belgacom’s networks, then they infected more than 5,000 machines.

Hacking 110

Hacking Spyware Telecommunications Malware 110

SecureList

OCTOBER 7, 2024

Based on our telemetry, we concluded that the implant was delivered to victims’ devices via a malicious URL, likely obtained through phishing emails. Awaken Likho operators typically use search engines to gather as much information as possible about their victims and prepare convincing messages.

Phishing 135

Phishing Government Malware Software 135

Security Affairs

AUGUST 10, 2023

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011 targeting journalists and activists in the Middle East, as well as organizations in the United States, and entities in the U.K., Israel, Iraq, and Saudi Arabia.

Social Engineering 98

Social Engineering Engineering Media Cyber Attacks 98

Security Affairs

MARCH 31, 2019

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. In past campaigns, the APT group launched spear-phishing attacks against activists and journalists focusing on the Middle East, US organizations, and entities located in Israel , the U.K.,

Advertising 108

Advertising Internet Internet Hacking 108

Webroot

MAY 12, 2021

“What Bitcoin was to 2011, NFTs are to 2021.”. It seems phishing for users’ passwords to the sites used to buy and sell NFTs is the main method of compromise. Once a key is stolen—either by phishing, a keylogger or some other means—there’s very little in terms of a realistic prospect of getting it back.

Cryptocurrency 111

Cryptocurrency Marketing Phishing Authentication 111

Malwarebytes

FEBRUARY 9, 2022

Other cybercrimes that specifically target accounts are spear phishing, social engineering attacks, and password sprays —basic password attack tactics that nation-states carry out against target companies and governments. Google introduced 2FA to Gmail in 2011. billion account hijacking attempts using brute-forced stolen passwords.

Authentication 92

Authentication Social Engineering Accountability Passwords 92

Security Affairs

AUGUST 31, 2022

Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018.

Energy and Utilities 98

Energy and Utilities Manufacturing Government Media 98

Security Affairs

MARCH 25, 2022

The attackers also launched spear-phishing and “watering hole” attacks that allowed them to instal malware on more than 17,000 unique devices in the United States and abroad, including ICS/SCADA controllers used by power and energy companies. . and international Energy Sector organizations. ” reads the joint advisory.

Government 116

Government Energy and Utilities Hacking Malware 116

Security Affairs

JANUARY 28, 2023

The LockBit Locker group is known for using a combination of advanced techniques, even phishing, and also social engineering, to gain initial access to a company’s network. He is a former member of the ANeSeC CTF team, one of the firsts Italian cyber wargame teams born back in 2011.

Penetration Testing 98

Penetration Testing Firewall Ransomware Social Engineering 98

Malwarebytes

JANUARY 20, 2022

From untargeted to very targeted… During the Japan tsunami and earthquake of 2011, a huge volume of scam attacks sank their claws into the disaster. Phishing, social engineering, blackmail, fraud: all of these things and more could be in the running. The pilfered details could be used for all manner of scam attempts.

Scams 91

Scams Social Engineering Phishing Engineering 91

Security Affairs

OCTOBER 29, 2020

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. In past campaigns, the APT group launched spear-phishing attacks against activists and journalists focusing on the Middle East, US organizations, and entities located in Israel , the U.K.,

Hacking 85

Hacking Accountability Security Intelligence Advertising 85

The Last Watchdog

JANUARY 31, 2024

For threats such as deepfake video, audio, images, phishing, and fraud, it’s clear that we need a new approach.” He is a graduate of MIT and in 2011 was named by The Boston Globe to their MIT150 list of the top MIT innovators of the past 150 years. He is also a regular guest lecturer at Stanford. Media Contact: press@reken.ai

Artificial Intelligence 100

Artificial Intelligence Education Cybercrime Social Engineering 100

Security Affairs

SEPTEMBER 2, 2018

. · Iran-linked COBALT DICKENS group targets universities in new phishing campaign. · Security firm attributes Cosmos Bank cyberheist to Lazarus APT. · Cryptocurrency Platform Atlas Quantum hacked, 260k users impacted. · CVE-2018-15919 username enumeration flaw affects OpenSSH Versions Since 2011. · Data of 130 Million hotel (..)

Banking 60

Banking Data breaches Spyware Advertising 60

SecureWorld News

NOVEMBER 4, 2021

According to a New York City federal court, the attack campaign is believed to have started around late 2011 and ramped up quickly. Colonel Cedric Leighton, a CNN military analyst and former Air Force Colonel, explains the reasons to SecureWorld: "Iran, of course, is a key player.

Government 98

Government Social Engineering DDOS Engineering 98

SiteLock

AUGUST 27, 2021

It quickly became one of the biggest online shopping days of the year, and by 2011 consumers were spending $1.25 Beware of unsolicited emails that look like a coupon or promotion from a company; they could be a phishing scam that attempts to steal your credit card information. billion online on the Monday after Thanksgiving.

eCommerce 52

eCommerce Retail Scams Phishing 52

Thales Cloud Protection & Licensing

MAY 9, 2022

SIM swapping attacks were the key reason that back in 2011, NIST deprecated SMS-based OTP authentication. The Office of Management and Budget (OMB) in the United States and ENISA in the European Union both called for not using OTP authentication because it is not phishing resistant.

Authentication 71

Authentication Social Engineering Mobile Digital transformation 71

eSecurity Planet

MAY 24, 2023

DKIM Fundamentals The Internet Engineering Task Force (IETF) publishes full information on the DKIM and its standards, which were last updated in 2011. Additionally, this will help to block phishing attacks attempting to spoof the organization’s own employees — such as when a phishing attack attempts to impersonate the CEO.

Technology 103

Technology DNS Encryption Authentication 103

SecureList

SEPTEMBER 26, 2022

SmokeLoader (aka Smoke) is a modular malware that has been known since 2011, distributed via phishing emails and drive-by downloads. The malware is known to be sold on online forums, and distributed via phishing emails. A full technical description will be provided in subsequent reports. SmokeLoader. RedLine Stealer.

Malware 143

Malware Cryptocurrency Passwords Software 143

Thales Cloud Protection & Licensing

APRIL 7, 2022

In 2011, Forrester estimated that each call to the help desk for a password reset costs $70. We are committed to strong security at the access point and if help desk intervention is required, we require complexity and tell Operations to budget for it. Reduce password management pain and the risk of a breach.

Password Management 71

Password Management Passwords Authentication Social Engineering 71

SiteLock

AUGUST 27, 2021

According to The Intercept, the publication that first reported the WikiLeaks data, the surveillance was alleged to start no later than 2011 and there was no indication that the eavesdropping had stopped. This latest WikiLeaks disclosure was followed by the website’s recent releases about the surveillance of U.S.

Cybersecurity 52

Cybersecurity Surveillance Cyber Attacks Government 52

Jane Frankland

JUNE 20, 2023

Since 2011, I’ve consistently spoken, and written about the dangers of burnout in cybersecurity, and proposed leadership strategies for employee wellbeing. This increases the likelihood of making mistakes, such as clicking on phishing links, sharing data in insecure ways, using weak passwords, or not spotting cyber threat patterns.

Cybersecurity 130

Cybersecurity Risk InfoSec CISO 130