Security Affairs

JUNE 3, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. . ” continues the advisory.

Social Engineering 89

Social Engineering Phishing System Administration Engineering 89

Security Affairs

MAY 16, 2021

Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco Talos warn that the Pakistan-linked APT group Transparent Tribe expanded its Windows malware arsenal. ” read the analysis published Cisco Talos. ” continues the report.

Malware 104

Malware Phishing Hacking Information Security 104

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. Near the holiday season of 2013, hackers exposed the credit and debit card information of over 110 million Target customers. Here are three of the worst data breaches that could have been avoided: Yahoo. Pierluigi Paganini.

Data breaches 94

Data breaches Passwords Social Engineering Encryption 94

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. attacks conducted by UAC-0035 group (aka InvisiMole) on state organizations of Ukraine.

Spyware 84

Spyware DNS Phishing Government 84

Security Affairs

FEBRUARY 6, 2022

Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government 82

Government Phishing Malware Hacking 82

Security Affairs

NOVEMBER 19, 2021

The TA406 cyber espionage group was first spotted by Kaspersky researchers in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information of their TTPs and infrastructure. In March, the group orchestrated a malware campaign targeting North American entities.

Cryptocurrency 85

Cryptocurrency Malware Government Education 85

Security Affairs

FEBRUARY 4, 2022

In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS. These clusters link to over 700 malicious domains, 215 IP addresses, and over 100 samples of malware.

Government 81

Government Malware Phishing Software 81

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. Both clusters served as a C&C server.

Cryptocurrency 111

Cryptocurrency Social Engineering Media Phishing 111

Security Affairs

AUGUST 14, 2020

The CactusPete cyber-espionage group has been active since at least 2013, it has been mainly focused on military, diplomatic, and infrastructure targets in Asia and Eastern Europe. Since the malware contains mostly information gathering functionality, most likely they hack into organizations to gain access to the victims’ sensitive data.

Malware 92

Malware Advertising Phishing Hacking 92

Security Affairs

JUNE 8, 2023

The campaign has the objective of stealing Google and subscription credentials of a reputable news and analysis service focusing on North Korea, as well as delivering reconnaissance malware. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013.

Social Engineering 70

Social Engineering Engineering Malware Risk 70

Security Affairs

MARCH 17, 2020

The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount. The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks.

Cybercrime 103

Cybercrime Malware Advertising Phishing 103

Security Affairs

AUGUST 26, 2022

Kimsuky cyberespiona group (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure. ” reads the report from Kaspersky.

Malware 70

Malware Media Phishing Hacking 70

Security Affairs

FEBRUARY 10, 2020

The attackers aimed at stealing confidential documents from government systems after having infected them with malware. The attackers exploit the CVE-2014-6352 and CVE-2017-0199 Office vulnerabilities to drop and execute the malware on the victim’s computer. ” reads the alert issued by MyCERT.

Government 122

Government Advertising Malware Hacking 122

NopSec

FEBRUARY 15, 2017

Do you feel confident that everyone in your organization could identify a phishing email that contained ransomware? In today’s post, we share information with the goal that it will help everyone in your organization protect themselves from phishing attacks.

Phishing 40

Phishing Social Engineering Engineering Healthcare 40

Security Affairs

DECEMBER 18, 2019

Threat actors launched spear-phishing attacks using emails with malicious attachments often disguised as PDF files. Attackers used a new variant of the Separ credential-stealing malware, a malicious code that was first spotted by Sonicwall in 2013. ” concludes the analysis.

Manufacturing 62

Manufacturing Advertising Phishing Malware 62

Security Affairs

JUNE 4, 2020

Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The group’s arsenal includes multiple tools for information stealing and lateral movements, some of them are previously unreported.

Malware 78

Malware Media Advertising Phishing 78

Security Affairs

AUGUST 27, 2020

Screenshot from the latest forum discussion about RepWatch in 2013: The CSV files appear to have included the same set of 350 million unique emails, separated into three groups: hashed, hashed and salted, and unencrypted files. Watch out for potential spam messages and phishing emails.

Social Engineering 122

Social Engineering Passwords Marketing Phishing 122

Security Affairs

DECEMBER 1, 2020

The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. ” According to Microsoft, the APT group started using the crypto-mining malware to trick the defense staff of the targets into believing their attacks are not highly targeted intrusions.

Cryptocurrency 96

Cryptocurrency Antivirus Manufacturing Government 96

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

JULY 18, 2019

Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware 84

Spyware Malware Advertising Cyber Attacks 84

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. conduct employee phishing tests. conduct employee phishing tests. CopperStealer Malware infected up to 5,000 hosts per day over the First Three Months of 2021.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware 107

Malware Computers and Electronics Adware Spyware 107

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats 40

Cyber threats Cyber Attacks Ransomware Manufacturing 40

Security Affairs

APRIL 6, 2021

China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast Asia, India, and the U.S. at least since 2013.

Government 83

Government Malware Phishing Education 83

Security Affairs

JUNE 30, 2023

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. In Many, Volexity observed Charming Kitten attempting to distribute POWERSTAR via spear-phishing messages with an LNK file inside a password-protected RAR file. ” continues the report.

Phishing 83

Phishing Malware Passwords Media 83

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The availability of such kind of data could expose hotel guests to a wide range of malicious activities, including identity theft, phishing attacks, scams, malware attacks, and reservation takeover.

Identity Theft 124

Identity Theft Scams Phishing Malware 124

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Security Affairs

SEPTEMBER 11, 2022

APT42’s TTPs overlap with another Iran-linked APT group tracked as APT35 (aka ‘ Charming Kitten ‘, ‘ Phosphorus ‘, Newscaster , and Ajax Security Team) which made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.

Surveillance 95

Surveillance Social Engineering Phishing Government 95

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Brian Krebs | @briankrebs.

Accountability 134

Accountability Cybersecurity Penetration Testing InfoSec 134

Security Affairs

AUGUST 31, 2022

TA423 is a China-linked cyber espionage group that has been active since 2013, it focuses on political events in the Asia-Pacific region, specifically on the South China Sea. The researchers attribute the campaign to the China-linked APT group tracked as TA423 /Red Ladon. ” read the report published by the experts.

Energy and Utilities 94

Energy and Utilities Manufacturing Government Media 94

Security Affairs

AUGUST 1, 2022

The man created the malicious code, a remote access trojan (RAT), when he was 15 years old, and maintained its infrastructure from 2013 to 2019. The authorities believe the man earned between $300,000 and $400,000 from selling the malware. ” reads a press release published by the Australian Federal Police (AFP).

Spyware 104

Spyware Malware Cybercrime Hacking 104

Security Affairs

AUGUST 28, 2020

The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Israel, Iraq, and Saudi Arabia.

Phishing 120

Phishing Accountability Advertising Media 120

eSecurity Planet

SEPTEMBER 25, 2022

In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology. On the other hand, while passkeys may do much to stop email phishing , as biometrics won’t be an easy target, cyber criminals can turn to other malware to remotely hack and unlock a phone.

Passwords 117

Passwords Password Management Authentication Technology 117

Security Affairs

JULY 31, 2020

The motion picture acquisition agreements, tax ID requests, and contract addendum scans all date between 2013 and 2016. Even the humble email address can be enough for bad actors to run spamming campaigns and send phishing emails to the unsuspecting recipient. What to do if you’ve been affected?

Identity Theft 56

Identity Theft Accountability Advertising Marketing 56

Security Affairs

OCTOBER 29, 2020

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011. In past campaigns, the APT group launched spear-phishing attacks against activists and journalists focusing on the Middle East, US organizations, and entities located in Israel , the U.K.,

Hacking 69

Hacking Security Intelligence Accountability Advertising 69

Security Affairs

MAY 5, 2023

SentinelOne researchers observed an ongoing campaign from North Korea-linked Kimsuky Group that is using a new malware called ReconShark. The reconnaissance tool is delivered through spear-phishing emails, OneDrive links leading to document weaponized downloads, and the execution of malicious macros.

Phishing 86

Phishing Malware Hacking Risk 86

Security Affairs

OCTOBER 1, 2020

North Korea-linked APT group targeted UN Security Council officials over the past year, states a report from the United Nations organ. A North-Korea-linked cyber espionage group has launched spear-phishing attacks aimed at compromising tens of officials from the United Nations Security Council. ” reads the report.

Phishing 121

Phishing Advertising Malware Accountability 121