Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file.

Malware 91

Malware Phishing VPN Accountability 91

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. attacks conducted by UAC-0035 group (aka InvisiMole) on state organizations of Ukraine.

Spyware 83

Spyware DNS Phishing Government 83

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. Both clusters served as a C&C server.

Cryptocurrency 108

Cryptocurrency Social Engineering Media Phishing 108

Security Affairs

AUGUST 16, 2022

Symantec and TrendMicro first discovered the Gamaredon group in 2015, but evidence of its activities has been dated back to 2013. The attack chain starts with spear-phishing messages using a self-extracting 7-Zip file, which was downloaded via the system’s default browser.

Malware 81

Malware Phishing Hacking Government 81

NopSec

FEBRUARY 15, 2017

Do you feel confident that everyone in your organization could identify a phishing email that contained ransomware? In today’s post, we share information with the goal that it will help everyone in your organization protect themselves from phishing attacks.

Phishing 40

Phishing Social Engineering Engineering Healthcare 40

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 95

Malware Phishing DNS Cybercrime 95

Security Affairs

FEBRUARY 6, 2022

Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. Palo Alto Network experts mapped out three large clusters of the infrastructure used by the nation-state APT group used to support different phishing and malware campaigns.

Government 80

Government Phishing Malware Hacking 80

Security Affairs

JUNE 19, 2021

North Korea-linked cyber espionage group Kimsuky (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information of their TTPs and infrastructure. ” reported The Record.

Hacking 140

Hacking VPN Internet Internet 140

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. lnk formats. .

Malware 103

Malware Phishing Advertising Government 103

Security Affairs

FEBRUARY 4, 2022

Palo Alto Network experts mapped out three large clusters of the infrastructure used by the nation-state APT group used to support different phishing and malware campaigns. This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.”. 19, 2022. .”

Government 79

Government Malware Phishing Software 79

Security Affairs

MAY 16, 2021

At that time, the researchers tracked the sources IP in Pakistan, the attacks were part of a wider operation that relies on multi-vector such as watering hole websites and phishing email campaigns delivering custom RATs dubbed Crimson and Peppy. These RATs are capable of exfiltrate information, take screenshot, and record webcam streams.

Malware 102

Malware Phishing Hacking Information Security 102

Security Affairs

NOVEMBER 19, 2021

The TA406 cyber espionage group was first spotted by Kaspersky researchers in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information of their TTPs and infrastructure.

Cryptocurrency 83

Cryptocurrency Malware Government Education 83

eSecurity Planet

AUGUST 9, 2022

Thus, it can be difficult for even small enterprises to keep up with information security and data privacy compliance. Sometimes, however, information security, data privacy, and IT compliance overall are people problems more than they are pure data problems. Security, Privacy and Compliance Can Conflict.

Data privacy 145

Data privacy Encryption Data breaches Insurance 145

Krebs on Security

JULY 18, 2023

us began in September 2013 as a forum for learning and teaching how to hack accounts at Runescape, an MMORPG set in a medieval fantasy realm where players battle for kingdoms and riches. A review of passive DNS records from DomainTools indicates that in 2013 pictrace[.]com An administrator account Xerx3s on Abusewithus. Abusewith[.]us

Hacking 186

Hacking Accountability Data breaches Marketing 186

Security Affairs

OCTOBER 13, 2019

Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September. Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians.

Media 70

Media Social Engineering Phishing Advertising 70

Security Affairs

SEPTEMBER 12, 2019

Iran-linked Cobalt Dickens APT group carried out a spear-phishing campaign aimed at tens of universities worldwide. This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.” ” reads the analysis published by Secureworks.

Phishing 79

Phishing Advertising Hacking Accountability 79

Security Affairs

AUGUST 14, 2020

The CactusPete cyber-espionage group has been active since at least 2013, it has been mainly focused on military, diplomatic, and infrastructure targets in Asia and Eastern Europe. Experts pointed out that despite the lack of sophistication, the group carried out successful attacks. reads the analysis published by Kaspersky.

Malware 90

Malware Advertising Phishing Hacking 90

Security Affairs

AUGUST 27, 2020

Screenshot from the latest forum discussion about RepWatch in 2013: The CSV files appear to have included the same set of 350 million unique emails, separated into three groups: hashed, hashed and salted, and unencrypted files. Watch out for potential spam messages and phishing emails.

Social Engineering 120

Social Engineering Passwords Marketing Phishing 120

Security Affairs

AUGUST 26, 2022

Kimsuky cyberespiona group (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure.

Malware 69

Malware Media Phishing Hacking 69

Security Affairs

DECEMBER 18, 2019

Threat actors launched spear-phishing attacks using emails with malicious attachments often disguised as PDF files. Attackers used a new variant of the Separ credential-stealing malware, a malicious code that was first spotted by Sonicwall in 2013. One of the emails was disguised as a legitimate message sent by a Siemens subsidiary.

Manufacturing 61

Manufacturing Advertising Phishing Malware 61

Security Affairs

FEBRUARY 10, 2020

” The attackers used spear-phishing messages sent to government officials, they posed as a journalist, an individual from a trade publication, or individuals from a relevant military organization or non-governmental organization (NGO). ” reads the alert issued by MyCERT.

Government 121

Government Advertising Malware Hacking 121

Security Affairs

JUNE 8, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure.

Social Engineering 69

Social Engineering Engineering Malware Risk 69

Security Affairs

MARCH 17, 2020

The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount. The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks.

Cybercrime 102

Cybercrime Malware Advertising Phishing 102

Security Affairs

DECEMBER 1, 2020

The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. Cryptocurrency miners are typically associated with financially motivated attacks, but BISMUTH is attempting to take advantage of the low-priority alerts coin miners cause to establish persistence remaining under the radar.

Cryptocurrency 94

Cryptocurrency Antivirus Manufacturing Government 94

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware 124

Ransomware Passwords Scams Government 124

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. conduct employee phishing tests. conduct employee phishing tests. How not to disclosure a Hack. conduct penetration testing. review Active Directory password policy.

Energy and Utilities 120

Energy and Utilities Ransomware Banking Hacking 120

Security Affairs

JUNE 4, 2020

Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The group’s arsenal includes multiple tools for information stealing and lateral movements, some of them are previously unreported.

Malware 76

Malware Media Advertising Phishing 76

Security Affairs

JULY 18, 2019

The Gamaredon APT was first spotted in 2013, last year researchers at LookingGlass have shared the details of a cyber espionage campaign, tracked as Operation Armageddon , targeting Ukrainian entities. The Security Service of Ukraine (SBU) blamed theRussia’s Federal Security Service (FSB) for the cyber attacks. .

Spyware 83

Spyware Malware Advertising Cyber Attacks 83

Security Affairs

OCTOBER 21, 2021

Phishing techniques use social engineering to trick victims into taking an action that helps an attacker compromise your network or access your sensitive information assets. Fraudulent emails purporting to be from authoritative company sources are the main phishing attacks that employees fall victim to. Stolen Credentials.

IoT 118

IoT Phishing Passwords Scams 118

NopSec

DECEMBER 7, 2016

The attack vectors have broadened past spear phishing and vulnerable software. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. According to the information security giants, there is one known criminal that uses the handle of Bonito, and has been identified as selling access to SCADA systems.

Cyber threats 40

Cyber threats Cyber Attacks Ransomware Manufacturing 40

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The availability of such kind of data could expose hotel guests to a wide range of malicious activities, including identity theft, phishing attacks, scams, malware attacks, and reservation takeover. According to the experts.

Identity Theft 122

Identity Theft Scams Phishing Malware 122

Security Affairs

APRIL 6, 2021

China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast Asia, India, and the U.S. at least since 2013.

Government 81

Government Malware Phishing Education 81

Security Affairs

JUNE 30, 2023

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. In Many, Volexity observed Charming Kitten attempting to distribute POWERSTAR via spear-phishing messages with an LNK file inside a password-protected RAR file.

Phishing 81

Phishing Malware Passwords Media 81

Security Affairs

AUGUST 31, 2022

TA423 is a China-linked cyber espionage group that has been active since 2013, it focuses on political events in the Asia-Pacific region, specifically on the South China Sea. The researchers attribute the campaign to the China-linked APT group tracked as TA423 /Red Ladon. ” read the report published by the experts.

Energy and Utilities 93

Energy and Utilities Manufacturing Government Media 93

Security Affairs

SEPTEMBER 11, 2022

APT42’s TTPs overlap with another Iran-linked APT group tracked as APT35 (aka ‘ Charming Kitten ‘, ‘ Phosphorus ‘, Newscaster , and Ajax Security Team) which made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.

Surveillance 94

Surveillance Social Engineering Phishing Government 94

Security Affairs

AUGUST 28, 2020

The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Israel, Iraq, and Saudi Arabia.

Phishing 118

Phishing Accountability Advertising Media 118

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Read more: Top IT Asset Management Tools for Security. With deep industry experience, Jeremiah Grossman was the Information Security Officer for Yahoo!,

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139