Security Affairs

MARCH 27, 2023

Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda ) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. In a recent campaign analyzed by Trend Micro, the threat actors used spear-phishing emails and Google Drive links as attack vectors.

Malware 82

Malware Phishing Passwords Government 82

Security Affairs

OCTOBER 7, 2020

The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. The.ZIP archive, titled, “Compensation manual.doc,” claims to contain information relating to worker compensation rights.

Advertising 126

Advertising Hacking Manufacturing Phishing 126

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.

Malware 71

Malware Hacking Advertising Cybercrime 71

Security Affairs

MARCH 25, 2022

Scarab APT was first spotted in 2015, but experts believe it has been active since at least 2012, conducting surgical attacks against a small number of individuals across the world, including Russia and the United States. The attacker spread their malware through phishing messages using weaponized documents that deploy the HeaderTip malware.

Malware 84

Malware Phishing Hacking Information Security 84

Security Affairs

MAY 9, 2022

In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. “The threat actor heavily relies on sending lures via phishing emails to achieve initial infection.

Government 75

Government Malware Phishing Hacking 75

Security Affairs

FEBRUARY 24, 2021

“Amnesty Tech’s Security Lab found technical evidence in phishing emails sent to two prominent Vietnamese human rights defenders, one of whom lives in Germany, and a Vietnamese NGO based in the Philippines, showing that Ocean Lotus is responsible for the attacks between 2018 and November 2020.”

Spyware 87

Spyware Surveillance Government Phishing 87

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020.

Encryption 96

Encryption Malware Phishing Hacking 96

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. The PowerPepper attack chain is being delivered through weaponized Word documents distributed through spear-phishing messages.

DNS 81

DNS Phishing Antivirus Encryption 81

Security Affairs

JANUARY 23, 2022

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, . Although we are not sure how these RAR/ZIP files were delivered but considering the past attacks they were likely delivered using Phishing PDFs. ” reads the analysis published by Zscaler. .

Manufacturing 117

Manufacturing Banking Phishing Malware 117

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko. Adobe, Last.

Data breaches 60

Data breaches DNS Advertising Engineering 60

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. The logic of the raid mainly comes down to using unsecured RDP ports or spear-phishing to infiltrate networks and gain a foothold in them. None of these early threats went pro.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 28, 2022

Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware.

Ransomware 52

Ransomware Malware Encryption Phishing 52

Security Affairs

DECEMBER 11, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Threat actors were contacting people of interest with romantic lures, they set up pages that were specifically designed to target followers with malware and phishing attacks.

Retail 124

Retail Malware Mobile Accountability 124

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

Malware 82

Malware Spyware Advertising Encryption 82

Security Affairs

MAY 2, 2023

” ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. RokRat is believed to be the handiwork of the ScarCruft group.

Malware 81

Malware Education Media Phishing 81

Security Affairs

JUNE 18, 2021

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, in 2018 monitoring the operation of the group, Kaspersky identified different techniques utilized by very similar attackers in the MENA region.

Government 83

Government Telecommunications Malware Passwords 83

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels.”

Encryption 68

Encryption Government Advertising Cyber Attacks 68

Security Affairs

JUNE 24, 2019

Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in cyberattacks from Iranian hackers spreading data wipers. US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing.

Backups 78

Backups Advertising Passwords Accountability 78

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” The advisory urges administrators of the assets to implement basic defenses and immediately reports any information or suspects in ongoing attacks. The attacks were targeting U.S.

Cyber Attacks 70

Cyber Attacks Backups Passwords Advertising 70

Herjavec Group

AUGUST 2, 2021

He has over 30 years of experience in information security and has established himself as a leading voice in business and cybersecurity. Adam is the VP of Managed Security Services at Herjavec Group and has extensive experience in risk management & compliance, security operations, incident response, and cloud adoption.

InfoSec 52

InfoSec Cybersecurity Computers and Electronics Marketing 52

Security Affairs

FEBRUARY 26, 2020

Probably, the infection vector was a phishing mail containing a specific attachment. However, detailed information about the vector used to spread the malware are unknown. Figure 8: Path and file containing the sensitive information about the victim. Technical Analysis. Figure 9: C2 connection.

Cyber Attacks 110

Cyber Attacks Malware Social Engineering Advertising 110

Krebs on Security

JULY 18, 2023

” PicTrace appears to have been a service that allowed users to glean information about anyone who viewed an image hosted on the platform, such as their Internet address, browser type and version number. A copy of pictrace[.]com ” Bloom said he still considers himself independently wealthy, and that still has the lime green Lambo.

Hacking 200

Hacking Accountability Data breaches Marketing 200

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. Inova has been operating since 2012 and has handled thousands of cases since then.

Data breaches 93

Data breaches Insurance Identity Theft Education 93

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption 46

Encryption Passwords Malware Software 46

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? The attack vectors have broadened past spear phishing and vulnerable software. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France.

Cyber threats 40

Cyber threats Ransomware Cyber Attacks Manufacturing 40

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This threat has been closely observed by researchers from Proofpoint that discovered the RAT used since the beginning of 2016 in targeted phishing campaigns as well as massive, multi-million message campaigns.

Malware 84

Malware Antivirus Technology Phishing 84