2014, Hacking, Information Security and Phishing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users

Security Affairs

OCTOBER 24, 2020

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams. Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a phishing campaign that pretends to be automated message from Microsoft Teams. ” concludes the report.

Phishing

Phishing Advertising Passwords Hacking

Homoglyph attacks used in phishing campaign and Magecart attacks

Security Affairs

AUGUST 9, 2020

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. Pierluigi Paganini.

Phishing

Phishing Advertising Scams Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

Security Affairs

NOVEMBER 18, 2023

An Israeli hacker has been sentenced to 80 months in prison in the US for his role in a massive spear-phishing campaign. Azari orchestrated the international hacking-for-hire spearphishing campaign from his home in Israel. and around worldwide. and around worldwide. The man was arrested in September 2019 while traveling to the U.

Identity Theft

Identity Theft Phishing Hacking Accountability

How much is the phish? Underground market of phishing kits is booming – Group-IB

Security Affairs

APRIL 15, 2020

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. The growing demand for phishing kits is also reflected in its price that skyrocketed last year by 149 percent and exceeded $300 per item.

Phishing

Phishing Marketing Advertising Cyber threats

Your colleague was infected with Coronavirus, this is the latest phishing lure

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Advertising Cryptocurrency Malware

Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

Security Affairs

APRIL 11, 2020

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. Pierluigi Paganini.

Phishing

Phishing Advertising Healthcare Cyber Attacks

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The malware has evolved over the years, it is able to log keystrokes, steal files, capture screenshots, collect information about the infected system, steal credentials from major browsers (i.e. The malware has been active since at least 2014, it was undetected for more than 3 years and was used in highly targeted attacks.

Phishing

Phishing Malware Advertising Architecture

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing

Phishing Malware Government Small Business

New phishing campaign targets bank customers with WSH RAT

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. Within five days, WSH RAT was observed being actively distributed via phishing.

Banking

Banking Phishing Advertising Malware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Secure web- phishing. In the light of global pandemic and the businesses’ dive into online world, the share of this phishing category increased to remarkable 46 percent.

Phishing

Phishing Ransomware Spyware Banking

Experts uncovered an advanced phishing campaign delivering the Quasar RAT

Security Affairs

AUGUST 27, 2019

Researchers at Cofense uncovered an advanced phishing campaign delivering Quasar RAT via fake resumes. Experts at security firm Cofense observed an advanced phishing campaign delivering Quasar RAT via fake resumes. The fake resumes distributed in this phishing campaign detected are password-protected Microsoft Word documents.

Phishing

Phishing Passwords Advertising Malware

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

Phishing is one of the oldest methods of cyberattacks. People fell prey for these manipulative emails and provide confidential details like passwords and bank information in their negligence. This information is then used for unauthorized and illegal activities, which could have a devastating impact on individuals and organizations.

Phishing

Phishing Accountability Authentication Passwords

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities.

Advertising

Advertising Phishing Cybercrime Hacking

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

The company confirmed that the an investigation into the hack is still ongoing. Unfortunately stolen data are already available for sale on the dark web, security researchers at CloudSEK reported. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, LiveAuctioneers ).

Hacking

Hacking Data breaches Identity Theft Advertising

Fraudster stole $870,000 from 2 US universities with spear-phishing mails

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing

Phishing Banking Advertising Accountability

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. The post U.S.

Phishing

Phishing Social Engineering Malware Advertising

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware: the most likely COVID-19 payload.

Phishing

Phishing Malware Spyware DDOS

US Utilities Targeted with LookBack RAT in a new phishing campaign

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing

Phishing Energy and Utilities Advertising Engineering

Fullz House hacked the website of Boom! Mobile provider to steal credit cards

Security Affairs

OCTOBER 6, 2020

The Fullz House group was first spotted by security experts at RiskIQ in November 2019, when it was using phishing and web skimming for its attacks. Since August-September of 2019, the group started using a hybrid technique that leverages on MiTM and phishing attacks to target sites using external payment processors.

Mobile

Mobile Hacking Wireless Advertising

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . PerSwaysion is a highly-targeted phishing campaign. New round of phishing attempts leveraging current victim’s account usually takes less than 24 hours.

Phishing

Phishing Accountability Financial Services Cloud Migration

A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

Security Affairs

JULY 19, 2020

A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Advertising Hacking Information Security

Full(z) House Magecart group mix phishing and MiTM in its attacks

Security Affairs

NOVEMBER 26, 2019

A group under the Magecart umbrella adopted a new tactic that leverages on MiTM and phishing attacks to target sites using external payment processors. The name Fullz House comes from two different attack techniques, the phishing, and the web skimming. The [phishing] pages are part of a framework,” they wrote.

Phishing

Phishing Cybercrime Advertising Software

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

The Carbanak malware has been active since at least 2014 and has been used by ransomware gangs to infiltrate financial systems. The threat actors used sophisticated phishing techniques against bank employees. In November, the LockBit ransomware gang was the most active threat actor.

Malware

Malware Ransomware Banking Healthcare

Iran-linked Silent Librarian APT targets universities again

Security Affairs

OCTOBER 18, 2020

Iran-linked cyberespionage group Silent Librarian has launched a new phishing campaign aimed at universities around the world. Iran-linked APT group Silent Librarian has launched another phishing campaign targeting universities around the world. Clearly we only uncovered a small portion of this phishing operation.

Phishing

Phishing Advertising Hacking Technology

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. Nikulin used data stolen from Linkedin to launch spear-phishing attacks against employees at other companies, including Dropbox. Pierluigi Paganini.

Hacking

Hacking Cybercrime Data breaches Advertising

Hackers published a list of allegedly phished Discord login credentials

Security Affairs

JULY 22, 2019

Last week, hackers published a list of Discord credentials (email addresses/passwords) that were allegedly phished from the users of the gaming chat platform. Last week, a group of hackers published a list of Discord login credentials (email addresses and passwords) that were allegedly phished from the users of the gaming chat platform.

Phishing

Phishing Data breaches Passwords Advertising

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The campaigns were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Phishing and Malware Q2 2020. Threats by Sector.

Threat Reports

Threat Reports Phishing Banking Malware

US authorities have sentenced to prison 3 Romanian men who hacked US servers

Security Affairs

JULY 24, 2019

US authorities have sentenced to prison three Romanian men who hacked US servers and used them in a fraud scheme that totaled more than $21 million. The crooks also carried out a phishing campaign that reached thousands of victims and tricked them into providing social security numbers and bank account information. .

Hacking

Hacking Banking Identity Theft Phishing

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Security Affairs

JULY 8, 2020

The US Department of Justice has indicted a hacker named Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks. The US Department of Justice has indicted a hacker that goes online with the moniker Fxmsp for hacking over three hundred organizations worldwide and selling access to their networks.

Hacking

Hacking Antivirus Advertising Cybercrime

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Accountability Advertising

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Cybercriminals are interested in hacking your IP address for various reasons. The hacked and stolen IPs are often used for carrying out illegal activities.

Hacking

Hacking VPN Internet Internet

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

AUGUST 20, 2023

North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea-US military exercises appeared first on Security Affairs.

Phishing

Phishing Hacking Cyber Attacks Government

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

“Based on the message body of the leak, the cyber attack indicates hacktivism, but last year, around May 23, 2019, UK warned NATO allies of hacking activities of Russia -> Link. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Manufacturing Hacking Cyber Attacks

Fake Microsoft Teams notifications aim at stealing Office365 logins

Security Affairs

MAY 2, 2020

Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins.

Phishing

Phishing Advertising Financial Services Marketing

Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court

Security Affairs

OCTOBER 23, 2019

A Texas man found guilty of hacking the Los Angeles Superior Court (LASC) computer system and used it to send out phishing emails. A Texas man, Oriyomi Sadiq Aloba (33), was found guilty of hacking the Los Angeles Superior Court (LASC) computer system and abusing it to send out roughly 2 million phishing messages.

Hacking

Hacking Phishing Identity Theft Advertising

Threat Report Portugal Q1 2020

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The campaigns were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way.

Threat Reports

Threat Reports Phishing Banking Malware

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

The hacking technique was employed by an unidentified hacking group to avoid detection. The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Hacking Manufacturing Phishing

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – APT28, hacking).

Phishing

Phishing Accountability Advertising DNS

Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek

Security Affairs

OCTOBER 15, 2020

Security researcher MalwareHunterTeam has attempted, without success, to warn Ubisoft for almost a year that their employees were the victims of phishing attacks. Hey @Ubisoft , what would happen if someone from your company registers to @abuse_ch 's I Got Phished ( [link] ) service? Can you guess it? Pierluigi Paganini.

Ransomware

Ransomware Advertising Phishing Media

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 and was employed in highly targeted attacks.

Encryption

Encryption Malware Phishing Hacking

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. In September, the US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Manufacturing Hacking Advertising

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. An attacker could exploit the weakness to carry out spear-phishing campaigns using messages that include links to malicious files hosted on Google Drive. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Phishing Advertising Antivirus

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users

Webinars

Trending Sources

Homoglyph attacks used in phishing campaign and Magecart attacks

Webinars

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

How much is the phish? Underground market of phishing kits is booming – Group-IB

Your colleague was infected with Coronavirus, this is the latest phishing lure

Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

CISA warns of phishing attacks delivering KONNI RAT

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

New phishing campaign targets bank customers with WSH RAT

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Experts uncovered an advanced phishing campaign delivering the Quasar RAT

5 Common Phishing Attacks and How to Avoid Them?

Hackers stole a six-figure amount from Swiss universities

3.4 Million user records from LiveAuctioneers hack available for sale

Fraudster stole $870,000 from 2 US universities with spear-phishing mails

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

US Utilities Targeted with LookBack RAT in a new phishing campaign

Fullz House hacked the website of Boom! Mobile provider to steal credit cards

Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

Full(z) House Magecart group mix phishing and MiTM in its attacks

Carbanak malware returned in ransomware attacks

Iran-linked Silent Librarian APT targets universities again

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Hackers published a list of allegedly phished Discord login credentials

Threat Report Portugal: Q2 2020

US authorities have sentenced to prison 3 Romanian men who hacked US servers

DOJ indicts Fxmsp hacker for selling access to hacked businesses

Iran-linked Phosphorous APT hacked emails of security conference attendees

5 Ways to Protect Yourself from IP Address Hacking

N. Korean Kimsuky APT targets S. Korea-US military exercises

Researchers found alleged sensitive documents of NATO and Turkey

Fake Microsoft Teams notifications aim at stealing Office365 logins

Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court

Threat Report Portugal Q1 2020

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek

North Korea-linked Konni APT uses Russian-language weaponized documents

Israel announced to have foiled an attempted cyber-attack on defence firms

A Google Drive weakness could allow attackers to serve malware

Stay Connected