Security Affairs

MARCH 25, 2022

Scarab APT was first spotted in 2015, but experts believe it has been active since at least 2012, conducting surgical attacks against a small number of individuals across the world, including Russia and the United States. The attacker spread their malware through phishing messages using weaponized documents that deploy the HeaderTip malware.

Malware 85

Malware Phishing Hacking Information Security 85

Security Affairs

DECEMBER 11, 2020

Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has suspended several accounts linked to the APT32 cyberespionage that abused the platform to spread malware. APT32 also carried out watering hole attacks through compromised websites or their own sites.

Retail 125

Retail Malware Mobile Accountability 125

Security Affairs

MAY 2, 2023

North Korea-linked ScarCruft APT group started using oversized LNK files to deliver the RokRAT malware starting in early July 2022. The end goal of the nation-state actors is to deploy the ROKRAT on the victims’ systems by using spear-phishing emails. RokRat is believed to be the handiwork of the ScarCruft group.

Malware 82

Malware Education Media Phishing 82

Security Affairs

MAY 9, 2022

In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system.

Government 76

Government Malware Phishing Hacking 76

Security Affairs

FEBRUARY 28, 2022

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware.

Ransomware 52

Ransomware Malware Encryption Phishing 52

Security Affairs

OCTOBER 7, 2020

The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. The.ZIP archive, titled, “Compensation manual.doc,” claims to contain information relating to worker compensation rights.

Advertising 127

Advertising Hacking Manufacturing Phishing 127

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

AUGUST 23, 2019

Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. CVE-2012-0158 is a critical remote code execution (RCE) vulnerability that affected Microsoft Office. . SecurityAffairs – Asruex Trojan, malware).

Malware 82

Malware Spyware Advertising Encryption 82

Security Affairs

FEBRUARY 24, 2021

“Amnesty Tech’s Security Lab found technical evidence in phishing emails sent to two prominent Vietnamese human rights defenders, one of whom lives in Germany, and a Vietnamese NGO based in the Philippines, showing that Ocean Lotus is responsible for the attacks between 2018 and November 2020.”

Spyware 88

Spyware Surveillance Government Phishing 88

Security Affairs

FEBRUARY 26, 2020

Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. It is not new for cyber-crooks to exploit social phenomena to spread malware in order to maximize the impact and dissemination of a malicious campaign. Introduction. Technical Analysis.

Cyber Attacks 111

Cyber Attacks Malware Social Engineering Advertising 111

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels.”

Encryption 68

Encryption Government Advertising Cyber Attacks 68

Security Affairs

MARCH 2, 2019

SI-LAB captured a piece of the FlawedAmmyy malware that leverages undetected XLM macros as an Infection Vehicle to compromise user’s devices. In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0

Malware 84

Malware Antivirus Technology Phishing 84

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. “The malware hides at every step by mimicking common software (protection related, sound software , DVD video creation tools).”

Encryption 46

Encryption Passwords Malware Software 46

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. Inova has been operating since 2012 and has handled thousands of cases since then.

Data breaches 93

Data breaches Insurance Identity Theft Education 93

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats 40

Cyber threats Cyber Attacks Ransomware Manufacturing 40

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. ” continues the report.

Malware 72

Malware Hacking Advertising Cybercrime 72

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. Once executed the command, the malware the malicious code sends back command execution results. “On

DNS 82

DNS Phishing Antivirus Encryption 82

Security Affairs

JUNE 24, 2019

Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing.

Backups 79

Backups Advertising Passwords Accountability 79

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” The advisory urges administrators of the assets to implement basic defenses and immediately reports any information or suspects in ongoing attacks. The attacks were targeting U.S.

Cyber Attacks 71

Cyber Attacks Backups Passwords Advertising 71

Security Affairs

JANUARY 23, 2022

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, . ’ The.NET-based malware masquerades itself as a WinRAR application by using the icon and other resources and is obfuscated using the ConfuserEx packer. ” reads the analysis published by Zscaler.

Manufacturing 118

Manufacturing Banking Phishing Malware 118

Security Affairs

JUNE 18, 2021

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, in 2018 monitoring the operation of the group, Kaspersky identified different techniques utilized by very similar attackers in the MENA region. Proofpoint researchers assess LastConn is very actively developed and maintained malware.

Government 84

Government Telecommunications Malware Passwords 84