Security Affairs

OCTOBER 7, 2020

The hacking technique was employed by an unidentified hacking group to avoid detection. The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. SecurityAffairs – hacking, Kraken). Pierluigi Paganini.

Advertising 131

Advertising Hacking Manufacturing Phishing 131

Security Affairs

MARCH 27, 2023

Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda ) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. In a recent campaign analyzed by Trend Micro, the threat actors used spear-phishing emails and Google Drive links as attack vectors.

Malware 83

Malware Phishing Passwords Government 83

Security Affairs

FEBRUARY 28, 2022

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 355 appeared first on Security Affairs. Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware 52

Ransomware Malware Encryption Phishing 52

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. SecurityAffairs – hacking, SideWinder). To nominate, please visit:?

Encryption 96

Encryption Malware Phishing Hacking 96

Security Affairs

MARCH 25, 2022

Scarab APT was first spotted in 2015, but experts believe it has been active since at least 2012, conducting surgical attacks against a small number of individuals across the world, including Russia and the United States. The attacker spread their malware through phishing messages using weaponized documents that deploy the HeaderTip malware.

Malware 85

Malware Phishing Hacking Information Security 85

Security Affairs

MAY 9, 2022

In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. “The threat actor heavily relies on sending lures via phishing emails to achieve initial infection. To nominate, please visit:?

Government 76

Government Malware Phishing Hacking 76

Security Affairs

FEBRUARY 24, 2021

“Amnesty Tech’s Security Lab found technical evidence in phishing emails sent to two prominent Vietnamese human rights defenders, one of whom lives in Germany, and a Vietnamese NGO based in the Philippines, showing that Ocean Lotus is responsible for the attacks between 2018 and November 2020.” Pierluigi Paganini.

Spyware 92

Spyware Surveillance Government Phishing 92

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko. Adobe, Last.

Data breaches 99

Data breaches DNS Advertising Engineering 99

Security Affairs

DECEMBER 11, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Threat actors were contacting people of interest with romantic lures, they set up pages that were specifically designed to target followers with malware and phishing attacks.

Retail 129

Retail Malware Mobile Accountability 129

Security Affairs

MAY 2, 2023

” ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. RokRat is believed to be the handiwork of the ScarCruft group. .”

Malware 82

Malware Education Media Phishing 82

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko. Adobe, Last.

Data breaches 60

Data breaches DNS Advertising Engineering 60

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels.”

Encryption 71

Encryption Government Advertising Cyber Attacks 71

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

Malware 84

Malware Spyware Advertising Encryption 84

Security Affairs

FEBRUARY 26, 2020

Probably, the infection vector was a phishing mail containing a specific attachment. However, detailed information about the vector used to spread the malware are unknown. Figure 8: Path and file containing the sensitive information about the victim. Technical Analysis. Figure 9: C2 connection.

Cyber Attacks 115

Cyber Attacks Malware Social Engineering Advertising 115

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. Inova has been operating since 2012 and has handled thousands of cases since then. SecurityAffairs – hacking, Data Breach).

Data breaches 96

Data breaches Insurance Identity Theft Education 96

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption 46

Encryption Passwords Malware Software 46

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This threat has been closely observed by researchers from Proofpoint that discovered the RAT used since the beginning of 2016 in targeted phishing campaigns as well as massive, multi-million message campaigns.

Malware 84

Malware Antivirus Technology Phishing 84

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? The attack vectors have broadened past spear phishing and vulnerable software. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France.

Cyber threats 40

Cyber threats Cyber Attacks Ransomware Manufacturing 40

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.

Malware 74

Malware Hacking Advertising Cybercrime 74

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. The PowerPepper attack chain is being delivered through weaponized Word documents distributed through spear-phishing messages. SecurityAffairs – hacking, backdoor).

DNS 84

DNS Phishing Antivirus Encryption 84

Security Affairs

JUNE 24, 2019

Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing.

Backups 81

Backups Advertising Passwords Accountability 81

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” The advisory urges administrators of the assets to implement basic defenses and immediately reports any information or suspects in ongoing attacks. Iran, hacking). The attacks were targeting U.S.

Cyber Attacks 71

Cyber Attacks Backups Passwords Advertising 71

Security Affairs

JANUARY 23, 2022

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, . Although we are not sure how these RAR/ZIP files were delivered but considering the past attacks they were likely delivered using Phishing PDFs. SecurityAffairs – hacking, Molerats APT). Pierluigi Paganini.

Manufacturing 122

Manufacturing Banking Phishing Malware 122

Security Affairs

JUNE 18, 2021

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, in 2018 monitoring the operation of the group, Kaspersky identified different techniques utilized by very similar attackers in the MENA region. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Government 85

Government Telecommunications Malware Passwords 85