Security Affairs

APRIL 21, 2025

Experts observed Kimsuky sending phishing emails targeting Korea and Japan from compromised systems. Their activity includes phishing campaigns against South Korea and Japan and attacks on South Koreas software, energy, and financial sectors starting in October 2023. China, Japan, Germany, Singapore, and several other countries.

Phishing 80

Phishing Malware Security Intelligence Hacking 80

Security Affairs

JUNE 19, 2021

Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ? North Korea-linked cyber espionage group Kimsuky (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. SecurityAffairs – hacking, North Korea).

Hacking 145

Hacking VPN Internet Internet 145

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Phishing 74

Phishing Malware Security Intelligence Hacking 74

Security Affairs

AUGUST 28, 2018

Experts from SecureWorks discovered a large phishing campaign targeting universities carried out by an Iran-linked threat actor COBALT DICKENS. Iranian hacking activity is intensifying in the last years, security firms uncovered the activities of many Iran-linked APT groups. Securi ty Affairs – COBALT DICKENS, hacking).

Phishing 106

Phishing Advertising DNS Hacking 106

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. ” These web-based backdoors offer attackers an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser.

Hacking 236

Hacking Passwords Internet Internet 236

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Within five days, WSH RAT was observed being actively distributed via phishing. SecurityAffairs – WSH Remote Access Trojan, hacking). Pierluigi Paganini.

Banking 110

Banking Phishing Advertising Malware 110

The Last Watchdog

DECEMBER 3, 2018

Related: Uber hack shows DevOps risk. The Starwood hack appears to come in second in scale only to the 2013 Yahoo breac h, which affected as many as 3 billion accounts, while a subsequent Yahoo breach also hit 500 million accounts. In 2014, a JP Morgan Chase hack exposed 76 million households.

Hacking 157

Hacking eCommerce Authentication Social Engineering 157

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. com , an Arabic-language computer hacking forum. But he denied ever participating in illegal hacking activities.

DNS 319

DNS Penetration Testing Malware Hacking 319

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking 110

Hacking Spyware Telecommunications Malware 110

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013.

Phishing 140

Phishing Government Hacking Malware 140

Security Affairs

OCTOBER 1, 2020

A North-Korea-linked cyber espionage group has launched spear-phishing attacks aimed at compromising tens of officials from the United Nations Security Council. The campaign took place between March and April, threat actors attempted to compromise the Gmail accounts of UN officials by carrying out spear-phishing messages.

Phishing 138

Phishing Advertising Malware Accountability 138

CyberSecurity Insiders

JULY 30, 2021

Britain-based luxury clothing designer & lifestyle service offering company says that DarkTrace has thwarted most of the weekly cyber attacks that include 200 targeted hacks such as spear phishing emails targeting high-level executives and cyber campaigns that help steal critical data from companies.

Retail 144

Retail Artificial Intelligence Cyber Attacks Cyber threats 144

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The availability of such kind of data could expose hotel guests to a wide range of malicious activities, including identity theft, phishing attacks, scams, malware attacks, and reservation takeover. SecurityAffairs – hacking, Prestige).

Identity Theft 135

Identity Theft Scams Phishing Hacking 135

Security Affairs

OCTOBER 1, 2024

The Kimsuky APT group breached Diehl Defence through a sophisticated phishing campaign, reported the German newspaper Der Spiegel. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a cyberattack by the North Korean hacking group Kimsuky targeting Diehl Defence.” ” reported Der Spiegel.

Manufacturing 135

Manufacturing Hacking Cyber Attacks Malware 135

Security Affairs

AUGUST 28, 2020

The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. SecurityAffairs – hacking, LinkedIn).

Phishing 145

Phishing Accountability Advertising Media 145

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. Saudi Arabia, and Iraq.

Hacking 86

Hacking Security Intelligence Accountability Advertising 86

Malwarebytes

MAY 2, 2025

In 2013, Intel introduced World Password Day to remind people of the importance of strong passwords. Passwords are: Hard to create Easy to forget Often reused across sites Vulnerable to hacking techniques like brute-force attacks and phishing.

Passwords 102

Passwords Password Management Authentication Accountability 102

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. SecurityAffairs – hacking, Earth Lusca ).

Cryptocurrency 138

Cryptocurrency Social Engineering Media Phishing 138

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. In May 2023, Ukraine’s CERT-UA warned of another phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ukraine)

Malware 140

Malware Banking Accountability Phishing 140

Security Affairs

AUGUST 14, 2020

The CactusPete cyber-espionage group has been active since at least 2013, it has been mainly focused on military, diplomatic, and infrastructure targets in Asia and Eastern Europe. Since the malware contains mostly information gathering functionality, most likely they hack into organizations to gain access to the victims’ sensitive data.

Malware 135

Malware Advertising Phishing Hacking 135

Security Affairs

MAY 16, 2021

At that time, the researchers tracked the sources IP in Pakistan, the attacks were part of a wider operation that relies on multi-vector such as watering hole websites and phishing email campaigns delivering custom RATs dubbed Crimson and Peppy. SecurityAffairs – hacking, APT). ” continues the report. Pierluigi Paganini.

Malware 142

Malware Phishing Hacking Information Security 142

Security Affairs

FEBRUARY 10, 2020

Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. The advisory doesn’t explicitly attribute the campaign to the Chinese APT, but references included in the alert p oint to the APT40 hacking group.

Government 145

Government Advertising Malware Hacking 145

Security Affairs

OCTOBER 21, 2021

Phishing techniques use social engineering to trick victims into taking an action that helps an attacker compromise your network or access your sensitive information assets. Fraudulent emails purporting to be from authoritative company sources are the main phishing attacks that employees fall victim to. Stolen Credentials.

IoT 140

IoT Phishing Passwords Scams 140

Security Affairs

JULY 10, 2024

Justice Department (DoJ) indicted four members of the cyber espionage group APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. They prioritize obtaining valid credentials for subsequent activities.

Cybersecurity 131

Cybersecurity Hacking Software Government 131

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 126

Malware Phishing DNS Cybercrime 126

Security Affairs

FEBRUARY 7, 2020

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011 targeting journalists and activists in the Middle East, as well as organizations in the United States, and entities in the U.K., Israel, Iraq, and Saudi Arabia. .

Phishing 120

Phishing Malware Advertising Media 120

Security Affairs

SEPTEMBER 29, 2023

The WBSC, headquartered in Switzerland, was established in 2013 and currently has 141 countries as members located in Asia, Africa, the Americas, Europe, and Oceania. Another risk people whose passports were exposed have to deal with is spear phishing attacks.

Identity Theft 138

Identity Theft Social Engineering Banking Risk 138

Security Affairs

AUGUST 20, 2023

North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South South Korea military exercise. ” reported Reuters agency.

Phishing 98

Phishing Hacking Cyber Attacks Government 98

Security Affairs

APRIL 6, 2021

China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast Asia, India, and the U.S. at least since 2013.

Government 121

Government Malware Phishing Education 121

Security Affairs

AUGUST 21, 2024

Kimsuky cyberespionage group (aka Springtail, ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. AhnLab recently reported a spear-phishing campaign involving an early variant of XenoRAT, which has evolved into a new RAT known as “MoonPeak.”

Malware 135

Malware Phishing Hacking Information Security 135

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. Weak passwords are the easiest way hackers can hack into a system. SecurityAffairs – hacking, data breaches).

Data breaches 108

Data breaches Passwords Social Engineering Encryption 108

Krebs on Security

JANUARY 22, 2019

Large-scale spam campaigns often are conducted using newly-registered or hacked email addresses, and/or throwaway domains. Guilmette told KrebsOnSecurity he initially considered the possibility that GoDaddy had been hacked, or that thousands of the registrar’s customers perhaps had their GoDaddy usernames and passwords stolen.

DNS 276

DNS Internet Internet Computers and Electronics 276

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. lnk formats. .

Malware 143

Malware Phishing Advertising Government 143

Security Affairs

SEPTEMBER 12, 2019

Iran-linked Cobalt Dickens APT group carried out a spear-phishing campaign aimed at tens of universities worldwide. This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.” ” reads the analysis published by Secureworks.

Phishing 103

Phishing Advertising Hacking Accountability 103

SecureWorld News

AUGUST 15, 2024

In what could be one of the largest data breaches in history, personal information of potentially billions of individuals may have been compromised in a hack of National Public Data (NPD), a Florida-based background check company. Stay alert for phishing attempts and other scams. Bloomberg Law was the first to report on the lawsuit.

Data breaches 109

Data breaches Identity Theft Password Management Data collection 109

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. SecurityAffairs – hacking, InvisiMole). Pierluigi Paganini.

Spyware 98

Spyware DNS Phishing Government 98

Security Affairs

AUGUST 27, 2020

Screenshot from the latest forum discussion about RepWatch in 2013: The CSV files appear to have included the same set of 350 million unique emails, separated into three groups: hashed, hashed and salted, and unencrypted files. Watch out for potential spam messages and phishing emails. SecurityAffairs – hacking, email addresses).

Social Engineering 145

Social Engineering Passwords Marketing Phishing 145