2013, Information Security, Phishing and Social Engineering

Experts detail a new Kimsuky social engineering campaign

Security Affairs

JUNE 8, 2023

North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. ” concludes the report.

Social Engineering

Social Engineering Engineering Malware Risk

Kimsuky APT poses as journalists and broadcast writers in its attacks

Security Affairs

JUNE 3, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure.

Social Engineering

Social Engineering Phishing System Administration Engineering

Misconfigured WBSC server leaks thousands of passports

Security Affairs

SEPTEMBER 29, 2023

The WBSC, headquartered in Switzerland, was established in 2013 and currently has 141 countries as members located in Asia, Africa, the Americas, Europe, and Oceania. Another risk people whose passports were exposed have to deal with is spear phishing attacks.

Identity Theft

Identity Theft Social Engineering Banking Risk

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. Near the holiday season of 2013, hackers exposed the credit and debit card information of over 110 million Target customers. Here are three of the worst data breaches that could have been avoided: Yahoo. Pierluigi Paganini.

Data breaches

Data breaches Passwords Social Engineering Encryption

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. Both clusters served as a C&C server.

Cryptocurrency

Cryptocurrency Social Engineering Media Phishing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Phishing: What Everyone in Your Organization Needs to Know

NopSec

FEBRUARY 15, 2017

Do you feel confident that everyone in your organization could identify a phishing email that contained ransomware? In today’s post, we share information with the goal that it will help everyone in your organization protect themselves from phishing attacks.

Phishing

Phishing Social Engineering Engineering Healthcare

350 million decrypted email addresses left exposed on an unsecured server

Security Affairs

AUGUST 27, 2020

Screenshot from the latest forum discussion about RepWatch in 2013: The CSV files appear to have included the same set of 350 million unique emails, separated into three groups: hashed, hashed and salted, and unencrypted files. Watch out for potential spam messages and phishing emails.

Social Engineering

Social Engineering Passwords Marketing Phishing

Charming Kitten Campaign involved new impersonation methods

Security Affairs

OCTOBER 13, 2019

Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September. Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians.

Media

Media Social Engineering Phishing Advertising

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

The attack vectors have broadened past spear phishing and vulnerable software. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. According to the information security giants, there is one known criminal that uses the handle of Bonito, and has been identified as selling access to SCADA systems.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

Top 5 Attack Vectors to Look Out For in 2022

Security Affairs

OCTOBER 21, 2021

Phishing techniques use social engineering to trick victims into taking an action that helps an attacker compromise your network or access your sensitive information assets. Fraudulent emails purporting to be from authoritative company sources are the main phishing attacks that employees fall victim to.

IoT

IoT Phishing Passwords Scams

Charming Kitten APT is targeting Iranian dissidents in Germany

Security Affairs

AUGUST 10, 2023

The Charming Kitten group made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media. The cyber spies used social media to gather information on the targets and as a vector for social engineering attacks.

Social Engineering

Social Engineering Engineering Media Cyber Attacks

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Fifteen years after the launch of the microblogging social media platform, Twitter remains a dominant public forum for instant communication with individuals and organizations worldwide on a universe of topics, including #cybersecurity. Read more: Top IT Asset Management Tools for Security. Jeremiah Grossman | @jeremiahg.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Iran-linked APT42 is behind over 30 espionage attacks

Security Affairs

SEPTEMBER 11, 2022

APT42’s TTPs overlap with another Iran-linked APT group tracked as APT35 (aka ‘ Charming Kitten ‘, ‘ Phosphorus ‘, Newscaster , and Ajax Security Team) which made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.

Surveillance

Surveillance Social Engineering Phishing Government

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

Australian man charged with creating and selling the Imminent Monitor spyware

Security Affairs

AUGUST 1, 2022

The Australian Federal Police (AFP) launched an investigation into the case, codenamed Cepheus, in 2017 after it received information about a “suspicious RAT” from cybersecurity firm Palo Alto Networks and the U.S. The Imminent Monitor RAT is a hacking tool that allows threat actors to remotely control the victim’s computers.

Spyware

Spyware Malware Cybercrime Hacking

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Cyber Security Informer

Experts detail a new Kimsuky social engineering campaign

Kimsuky APT poses as journalists and broadcast writers in its attacks

Webinars

Trending Sources

Misconfigured WBSC server leaks thousands of passports

Webinars

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Financially motivated Earth Lusca threat actors targets organizations worldwide

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Phishing: What Everyone in Your Organization Needs to Know

350 million decrypted email addresses left exposed on an unsecured server

Charming Kitten Campaign involved new impersonation methods

Growing Cyber Threats to the Energy and Industrial Sectors

Top 5 Attack Vectors to Look Out For in 2022

Charming Kitten APT is targeting Iranian dissidents in Germany

Top Cybersecurity Accounts to Follow on Twitter

Iran-linked APT42 is behind over 30 espionage attacks

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

Australian man charged with creating and selling the Imminent Monitor spyware

The Most Common Types of Malware in 2021

Stay Connected