Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012.

Identity Theft 106

Identity Theft Cybercrime Advertising Hacking 106

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

Government 94

Government Energy and Utilities Malware Hacking 94

Security Affairs

APRIL 6, 2023

Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. The attack chain associated with ARCHIPELAGO starts with phishing emails that embed malicious links.

Phishing 80

Phishing Media Passwords Malware 80

Security Affairs

MARCH 27, 2023

Earth Preta, also known as “RedDelta” or “Bronze President,” has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. The report details the execution flow for each of the above malware.

Malware 83

Malware Phishing Passwords Government 83

CyberSecurity Insiders

FEBRUARY 13, 2022

A report published by Sentinel One states that a hacking group named “Modified Elephant” was seen carrying out such criminal activities since 2012 and has started the game of planting criminal evidence on devices of innocent online users. Then how to keep such cyber crimes at bay?

Surveillance 94

Surveillance Passwords Malware Hacking 94

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. SecurityAffairs – hacking, SideWinder). The experts observed some newly registered domains that were likely used to expand the list of targets in other countries. ” states Kaspersky.

Encryption 96

Encryption Malware Phishing Hacking 96

Security Affairs

MARCH 25, 2022

Scarab APT was first spotted in 2015, but experts believe it has been active since at least 2012, conducting surgical attacks against a small number of individuals across the world, including Russia and the United States. The attacker spread their malware through phishing messages using weaponized documents that deploy the HeaderTip malware.

Malware 85

Malware Phishing Hacking Information Security 85

Security Affairs

OCTOBER 7, 2020

The hacking technique was employed by an unidentified hacking group to avoid detection. The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. SecurityAffairs – hacking, Kraken). Pierluigi Paganini.

Advertising 131

Advertising Hacking Manufacturing Phishing 131

Security Affairs

FEBRUARY 28, 2022

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor Sophos linked Entropy ransomware to Dridex malware. SecurityAffairs – hacking, newsletter). Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware. Pierluigi Paganini.

Ransomware 52

Ransomware Malware Encryption Phishing 52

Security Affairs

DECEMBER 11, 2020

Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware. SecurityAffairs – hacking, Facebook). ” concludes the report.”To

Retail 129

Retail Malware Mobile Accountability 129

Security Affairs

MAY 2, 2023

North Korea-linked ScarCruft APT group started using oversized LNK files to deliver the RokRAT malware starting in early July 2022. The end goal of the nation-state actors is to deploy the ROKRAT on the victims’ systems by using spear-phishing emails. RokRat is believed to be the handiwork of the ScarCruft group.

Malware 82

Malware Education Media Phishing 82

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that deployed multiple malware families, including ransomware and information stealers (i.e.

Healthcare 114

Healthcare Ransomware Phishing Government 114

Security Affairs

MAY 9, 2022

In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system. Pierluigi Paganini.

Government 76

Government Malware Phishing Hacking 76

Security Affairs

FEBRUARY 24, 2021

“Amnesty Tech’s Security Lab found technical evidence in phishing emails sent to two prominent Vietnamese human rights defenders, one of whom lives in Germany, and a Vietnamese NGO based in the Philippines, showing that Ocean Lotus is responsible for the attacks between 2018 and November 2020.” SecurityAffairs – hacking, APT32).

Spyware 92

Spyware Surveillance Government Phishing 92

Security Affairs

APRIL 23, 2020

The Vietnam-linked cyberespionage group tracked as APT32 carried out hacking campaigns against Chinese entities to collect intelligence on the COVID-19 crisis. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists.

Government 83

Government Advertising Phishing Malware 83

Security Affairs

AUGUST 23, 2019

Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. CVE-2012-0158 is a critical remote code execution (RCE) vulnerability that affected Microsoft Office. . SecurityAffairs – Asruex Trojan, malware).

Malware 84

Malware Spyware Advertising Encryption 84

Security Boulevard

MARCH 30, 2022

Three Russian computer hackers, who were officers in Center 16, carried out energy sector attacks between 2012 and 2014 in phase one of the campaign. The hackers then hid the malware inside legitimate software updates. The hacking campaigns were directed at hundreds of companies and organizations in 135 countries.

Software 52

Software Government InfoSec Malware 52

Security Affairs

FEBRUARY 26, 2020

Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. It is not new for cyber-crooks to exploit social phenomena to spread malware in order to maximize the impact and dissemination of a malicious campaign. Introduction. Technical Analysis.

Cyber Attacks 115

Cyber Attacks Malware Social Engineering Advertising 115

Security Affairs

MARCH 5, 2019

The APT levera ges a variety of techniques for initial compromise, including web server exploitation, phishing campaigns delivering publicly available and custom backdoors, and strategic web compromises. SecurityAffairs – China APT40, hacking). The attackers also use TCP ports 80 and 443 to masquerade malicious network traffic. .

Technology 82

Technology Advertising Government Phishing 82

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels.”

Encryption 72

Encryption Government Advertising Cyber Attacks 72

Security Affairs

AUGUST 3, 2018

If an admin chooses to turn the feature on, an email alert (to admins) is triggered when we believe a government-backed attacker has likely attempted to access a user’s account or computer through phishing, malware, or another method.” ” reads the security advisory published by Google.

Accountability 47

Accountability Advertising Government Phishing 47

Security Affairs

OCTOBER 10, 2018

Attacks on bank customers: The decline of Android Trojans and the triumph of phishing. This trend aimed at reducing threats from banking Trojans for PCs has been continuing in Russia since 2012. An exception to this is the malware Banks in Your Hand. Using web phishing, criminals have managed to steal $3.7

Cyber Attacks 83

Cyber Attacks Banking Cyber threats Phishing 83

Security Affairs

MARCH 2, 2019

SI-LAB captured a piece of the FlawedAmmyy malware that leverages undetected XLM macros as an Infection Vehicle to compromise user’s devices. In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0

Malware 84

Malware Antivirus Technology Phishing 84

Security Affairs

SEPTEMBER 5, 2018

The group also knows as Cycldek was first spotted in September 2013, it was mainly targeting entities in Southeast Asia using different malware variants mainly PlugX and HttpTunnel. Experts from security firm CrowdStrike have uncovered a new campaign associated with the GOBLIN PANDA APT group.

Advertising 45

Advertising Government Malware Phishing 45

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – Necurs botnet, hacking). ” continues the blog post.

DNS 80

DNS Banking Advertising Ransomware 80

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. “The malware hides at every step by mimicking common software (protection related, sound software , DVD video creation tools).”

Encryption 46

Encryption Passwords Malware Software 46

Security Affairs

FEBRUARY 26, 2021

Inova has been operating since 2012 and has handled thousands of cases since then. Although your data may not have been found by anyone else, in case any ill-intentioned hacker discovered it, here are some of the risks people exposed could face: Phishing Scams and Malware. SecurityAffairs – hacking, Data Breach).

Data breaches 97

Data breaches Insurance Identity Theft Education 97

Spinone

NOVEMBER 30, 2018

In March 2014, hackers used login information leaked by eBay employees to access sensitive user data of 145 million customers , putting these users at risk of identity theft, password theft and phishing risks. A 2015 report by Risk Based Security found that hacking accounted for over half of all reported data breaches during the year.

Data breaches 40

Data breaches Passwords Backups Mobile 40

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats 40

Cyber threats Cyber Attacks Ransomware Manufacturing 40

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.

Malware 74

Malware Hacking Advertising Cybercrime 74

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. Once executed the command, the malware the malicious code sends back command execution results. “On SecurityAffairs – hacking, backdoor). Pierluigi Paganini.

DNS 85

DNS Phishing Antivirus Encryption 85

Security Affairs

AUGUST 21, 2019

The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Malware 84

Malware Telecommunications Advertising Healthcare 84

SecureList

OCTOBER 17, 2023

The initial attack vector was a phishing email disguised as an email from a government entity or service. The final payload was a loaded malware implant, the Remcos RAT – the fourth type of remote administration tool adopted by this threat actor within a few months of operation.

Government 101

Government Malware VPN Manufacturing 101

Cisco Security

OCTOBER 19, 2021

There are other protection mechanisms, such as Malware Defense , that can block further threats. Phishing [ T1566 ]. Like ShellShock, the exploit for this vulnerability is present in many automated hacking tools. CVE-2012-0391. CVE-2012-2998. Techniques seen. (in in order of frequency). Initial Access.

Firewall 125

Firewall Authentication DNS Accountability 125

Security Affairs

JUNE 24, 2019

US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing. ” Past attacks attributed to Iran-linked hackers are: 2012 – Shamoon wiped over 30,000 computers at Saudi Aramco. The attacks are targeting U.S.

Backups 82

Backups Advertising Passwords Accountability 82

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” In June 2019, US DHS CISA agency already warned of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing.

Cyber Attacks 71

Cyber Attacks Backups Passwords Advertising 71

Security Affairs

JANUARY 15, 2020

Bonupdater, Helminth, Quadangent and PowRuner are some of the most sophisticated Malware attributed to OilRig and analyzed over the past few years. For example by using: user credential leaks, social engineering toolkits, targeted phishing, and so on and so forth or is more on there to be discovered ? MuddyWater. CopyKittens.

Computers and Electronics 76

Computers and Electronics Penetration Testing Malware Government 76