2013, Hacking, Information Security and Phishing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ? North Korea-linked cyber espionage group Kimsuky (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. SecurityAffairs – hacking, North Korea).

Hacking

Hacking VPN Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

New phishing campaign targets bank customers with WSH RAT

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. Within five days, WSH RAT was observed being actively distributed via phishing.

Banking

Banking Phishing Advertising Malware

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea-US military exercises appeared first on Security Affairs.

Phishing

Phishing Hacking Cyber Attacks Government

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013.

Phishing

Phishing Government Hacking Malware

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. Weak passwords are the easiest way hackers can hack into a system. Pierluigi Paganini.

Data breaches

Data breaches Passwords Social Engineering Encryption

Misconfigured WBSC server leaks thousands of passports

Security Affairs

SEPTEMBER 29, 2023

The WBSC, headquartered in Switzerland, was established in 2013 and currently has 141 countries as members located in Asia, Africa, the Americas, Europe, and Oceania. Another risk people whose passports were exposed have to deal with is spear phishing attacks.

Identity Theft

Identity Theft Social Engineering Banking Risk

Kimsuky APT poses as journalists and broadcast writers in its attacks

Security Affairs

JUNE 3, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. .

Social Engineering

Social Engineering Phishing System Administration Engineering

CERT-UA warns of an ongoing SmokeLoader campaign

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file.

Malware

Malware Phishing VPN Accountability

Russia-linked InvisiMole APT targets state organizations of Ukraine

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. SecurityAffairs – hacking, InvisiMole). Pierluigi Paganini.

Spyware

Spyware DNS Phishing Government

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. SecurityAffairs – hacking, Earth Lusca ).

Cryptocurrency

Cryptocurrency Social Engineering Media Phishing

Russia-linked Gamaredon APT continues to target Ukraine

Security Affairs

AUGUST 16, 2022

Symantec and TrendMicro first discovered the Gamaredon group in 2015, but evidence of its activities has been dated back to 2013. The attack chain starts with spear-phishing messages using a self-extracting 7-Zip file, which was downloaded via the system’s default browser. SecurityAffairs – hacking, Gamaredon).

Malware

Malware Phishing Hacking Government

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware

Malware Phishing DNS Cybercrime

Russian Gamaredon APT is targeting Ukraine since October

Security Affairs

FEBRUARY 6, 2022

Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. Palo Alto Network experts mapped out three large clusters of the infrastructure used by the nation-state APT group used to support different phishing and malware campaigns. Pierluigi Paganini.

Government

Government Phishing Malware Hacking

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

MAY 16, 2021

At that time, the researchers tracked the sources IP in Pakistan, the attacks were part of a wider operation that relies on multi-vector such as watering hole websites and phishing email campaigns delivering custom RATs dubbed Crimson and Peppy. These RATs are capable of exfiltrate information, take screenshot, and record webcam streams.

Malware

Malware Phishing Hacking Information Security

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

AUGUST 14, 2020

The CactusPete cyber-espionage group has been active since at least 2013, it has been mainly focused on military, diplomatic, and infrastructure targets in Asia and Eastern Europe. Since the malware contains mostly information gathering functionality, most likely they hack into organizations to gain access to the victims’ sensitive data.

Malware

Malware Advertising Phishing Hacking

North Korea-linked TA406 cyberespionage group activity in 2021

Security Affairs

NOVEMBER 19, 2021

The TA406 cyber espionage group was first spotted by Kaspersky researchers in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information of their TTPs and infrastructure. SecurityAffairs – hacking, North Korea). Follow me on Twitter: @securityaffairs and Facebook.

Cryptocurrency

Cryptocurrency Malware Government Education

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Security Affairs

FEBRUARY 4, 2022

Palo Alto Network experts mapped out three large clusters of the infrastructure used by the nation-state APT group used to support different phishing and malware campaigns. This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.”. SecurityAffairs – hacking, Gamaredon APT).

Government

Government Malware Phishing Software

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Security Affairs

FEBRUARY 10, 2020

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. The advisory doesn’t explicitly attribute the campaign to the Chinese APT, but references included in the alert p oint to the APT40 hacking group.

Government

Government Advertising Malware Hacking

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Security Affairs

SEPTEMBER 12, 2019

Iran-linked Cobalt Dickens APT group carried out a spear-phishing campaign aimed at tens of universities worldwide. This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.” ” reads the analysis published by Secureworks.

Phishing

Phishing Advertising Hacking Accountability

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. How not to disclosure a Hack. UK fashion retailer FatFace angered customers in its handling of a customer data theft hack. conduct employee phishing tests.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique

Security Affairs

AUGUST 26, 2022

Kimsuky cyberespiona group (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. SecurityAffairs – hacking, Kimsuky).

Malware

Malware Media Phishing Hacking

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Thus, it can be difficult for even small enterprises to keep up with information security and data privacy compliance. Sometimes, however, information security, data privacy, and IT compliance overall are people problems more than they are pure data problems. Security, Privacy and Compliance Can Conflict.

Data privacy

Data privacy Encryption Data breaches Insurance

Experts detail a new Kimsuky social engineering campaign

Security Affairs

JUNE 8, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure.

Social Engineering

Social Engineering Engineering Malware Risk

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. lnk formats. .

Malware

Malware Phishing Advertising Government

Gangnam Industrial Style APT campaign targets industrial firms worldwide

Security Affairs

DECEMBER 18, 2019

Threat actors launched spear-phishing attacks using emails with malicious attachments often disguised as PDF files. Attackers used a new variant of the Separ credential-stealing malware, a malicious code that was first spotted by Sonicwall in 2013. SecurityAffairs – Gangnam Industrial Style , hacking). Pierluigi Paganini.

Manufacturing

Manufacturing Advertising Phishing Malware

350 million decrypted email addresses left exposed on an unsecured server

Security Affairs

AUGUST 27, 2020

Screenshot from the latest forum discussion about RepWatch in 2013: The CSV files appear to have included the same set of 350 million unique emails, separated into three groups: hashed, hashed and salted, and unencrypted files. Watch out for potential spam messages and phishing emails. SecurityAffairs – hacking, email addresses).

Social Engineering

Social Engineering Passwords Marketing Phishing

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. SecurityAffairs – hacking, BISMUTH). The post Vietnam-linked Bismuth APT leverages coin miners to stay under the radar appeared first on Security Affairs. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Charming Kitten Campaign involved new impersonation methods

Security Affairs

OCTOBER 13, 2019

Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September. Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians.

Media

Media Social Engineering Phishing Advertising

The parabola of a prolific cyber-criminal known as Dton

Security Affairs

MARCH 17, 2020

The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount. The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks.

Cybercrime

Cybercrime Malware Advertising Phishing

Cycldek APT targets Air-Gapped systems using the USBCulprit Tool

Security Affairs

JUNE 4, 2020

Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The group’s arsenal includes multiple tools for information stealing and lateral movements, some of them are previously unreported.

Malware

Malware Media Advertising Phishing

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

The Gamaredon APT was first spotted in 2013, last year researchers at LookingGlass have shared the details of a cyber espionage campaign, tracked as Operation Armageddon , targeting Ukrainian entities. The Security Service of Ukraine (SBU) blamed theRussia’s Federal Security Service (FSB) for the cyber attacks. .

Spyware

Spyware Malware Advertising Cyber Attacks

Top 5 Attack Vectors to Look Out For in 2022

Security Affairs

OCTOBER 21, 2021

Phishing techniques use social engineering to trick victims into taking an action that helps an attacker compromise your network or access your sensitive information assets. Fraudulent emails purporting to be from authoritative company sources are the main phishing attacks that employees fall victim to. Stolen Credentials.

IoT

IoT Phishing Passwords Scams

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

The attack vectors have broadened past spear phishing and vulnerable software. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. These were distributed via spear phishing attacks and watering hole attacks.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

Prestige reservation platform exposes millions of hotel guests

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The availability of such kind of data could expose hotel guests to a wide range of malicious activities, including identity theft, phishing attacks, scams, malware attacks, and reservation takeover. According to the experts.

Identity Theft

Identity Theft Scams Phishing Malware

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Accountability Advertising

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Security Affairs

AUGUST 31, 2022

TA423 is a China-linked cyber espionage group that has been active since 2013, it focuses on political events in the Asia-Pacific region, specifically on the South China Sea. SecurityAffairs – hacking, ScanBox). The researchers attribute the campaign to the China-linked APT group tracked as TA423 /Red Ladon. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Manufacturing Government Media

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast Asia, India, and the U.S. at least since 2013.

Government

Government Malware Phishing Education

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

Security Affairs

JUNE 30, 2023

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. In Many, Volexity observed Charming Kitten attempting to distribute POWERSTAR via spear-phishing messages with an LNK file inside a password-protected RAR file.

Phishing

Phishing Malware Passwords Media

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security enthusiast and Linux evangelist Binni Shah consistently offers valuable tutorials, guides, and insights for the cybersecurity community. Street @jaysonstreet.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Iran-linked APT42 is behind over 30 espionage attacks

Security Affairs

SEPTEMBER 11, 2022

APT42’s TTPs overlap with another Iran-linked APT group tracked as APT35 (aka ‘ Charming Kitten ‘, ‘ Phosphorus ‘, Newscaster , and Ajax Security Team) which made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.

Surveillance

Surveillance Social Engineering Phishing Government

Charming Kitten APT is targeting Iranian dissidents in Germany

Security Affairs

AUGUST 10, 2023

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011 targeting journalists and activists in the Middle East, as well as organizations in the United States, and entities in the U.K., Israel, Iraq, and Saudi Arabia.

Social Engineering

Social Engineering Engineering Media Cyber Attacks

Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn

Security Affairs

AUGUST 28, 2020

The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. SecurityAffairs – hacking, LinkedIn).

Phishing

Phishing Accountability Advertising Media

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Webinars

Trending Sources

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Webinars

New phishing campaign targets bank customers with WSH RAT

N. Korean Kimsuky APT targets S. Korea-US military exercises

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Misconfigured WBSC server leaks thousands of passports

Kimsuky APT poses as journalists and broadcast writers in its attacks

CERT-UA warns of an ongoing SmokeLoader campaign

Russia-linked InvisiMole APT targets state organizations of Ukraine

Financially motivated Earth Lusca threat actors targets organizations worldwide

Russia-linked Gamaredon APT continues to target Ukraine

Threat actor has been targeting the aviation industry since at least 2018

Russian Gamaredon APT is targeting Ukraine since October

Pakistan-linked Transparent Tribe APT expands its arsenal

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

North Korea-linked TA406 cyberespionage group activity in 2021

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Cyber Security Roundup for April 2021

GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique

Security Compliance & Data Privacy Regulations

Experts detail a new Kimsuky social engineering campaign

Gamaredon group uses a new Outlook tool to spread malware

Gangnam Industrial Style APT campaign targets industrial firms worldwide

350 million decrypted email addresses left exposed on an unsecured server

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Charming Kitten Campaign involved new impersonation methods

The parabola of a prolific cyber-criminal known as Dton

Cycldek APT targets Air-Gapped systems using the USBCulprit Tool

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Top 5 Attack Vectors to Look Out For in 2022

Growing Cyber Threats to the Energy and Industrial Sectors

Prestige reservation platform exposes millions of hotel guests

Iran-linked Phosphorous APT hacked emails of security conference attendees

China-linked APT40 used ScanBox Framework in a long-running espionage campaign

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

Top Cybersecurity Accounts to Follow on Twitter

Iran-linked APT42 is behind over 30 espionage attacks

Charming Kitten APT is targeting Iranian dissidents in Germany

Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn

Stay Connected