2014, Information Security, Malware and Phishing

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing

Phishing Malware Government Small Business

Your colleague was infected with Coronavirus, this is the latest phishing lure

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. “If a user enables content, malicious macros will be executed to download a malware executable to the computer and launch it.” Pierluigi Paganini.

Phishing

Phishing Advertising Cryptocurrency Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The malware has evolved over the years, it is able to log keystrokes, steal files, capture screenshots, collect information about the infected system, steal credentials from major browsers (i.e. The malware has been active since at least 2014, it was undetected for more than 3 years and was used in highly targeted attacks.

Phishing

Phishing Malware Advertising Architecture

Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

Security Affairs

APRIL 11, 2020

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. Pierluigi Paganini.

Phishing

Phishing Advertising Healthcare Cyber Attacks

Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users

Security Affairs

OCTOBER 24, 2020

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams. Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a phishing campaign that pretends to be automated message from Microsoft Teams. ” concludes the report.

Phishing

Phishing Advertising Passwords Hacking

Homoglyph attacks used in phishing campaign and Magecart attacks

Security Affairs

AUGUST 9, 2020

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. Pierluigi Paganini.

Phishing

Phishing Advertising Scams Accountability

Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA

Security Affairs

SEPTEMBER 18, 2020

Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Pierluigi Paganini.

Malware

Malware Phishing Accountability Advertising

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware.

Malware

Malware Scams Social Engineering Phishing

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group.

Malware

Malware Advertising IoT Government

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. An attacker could exploit the weakness to carry out spear-phishing campaigns using messages that include links to malicious files hosted on Google Drive. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Phishing Advertising Antivirus

New phishing campaign targets bank customers with WSH RAT

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. Within five days, WSH RAT was observed being actively distributed via phishing.

Banking

Banking Phishing Advertising Malware

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware

Malware Antivirus Phishing Cryptocurrency

Malware campaign employs fake security certificate updates

Security Affairs

MARCH 5, 2020

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. We have already observed threat actors distributing malware masqueraded by legitimate software updates. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Software Phishing

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Downloaders , intended for the installation of additional malware,and backdoors , granting cybercriminals remote access to victims’ computers, also made it to top-3.

Phishing

Phishing Ransomware Spyware Banking

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing

Phishing Social Engineering Malware Advertising

Emotet malware employed in fresh COVID19-themed spam campaign

Security Affairs

AUGUST 15, 2020

The Emotet malware has begun to spam COVID19-themed emails to U.S. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were already affected by the pandemic.

Malware

Malware Advertising Phishing Hacking

Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP)

Security Affairs

OCTOBER 10, 2020

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). The Advanced Protection Program aims at protecting users with high visibility and sensitive information (i.e. Google announced an improved malware protection. continues the post. ” . .

Accountability

Accountability Malware Phishing Advertising

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

JUNE 12, 2020

The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. This is the first time researchers publicly document an attack employing an OTM file and Outlook macro to carry out spear-phishing campaigns. SecurityAffairs – Gamaredon, malware).

Malware

Malware Phishing Advertising Government

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation.

Malware

Malware Passwords Advertising Antivirus

BlackWater, a malware that uses Cloudflare Workers for C2 Communication

Security Affairs

MARCH 15, 2020

Crooks continue to abuse the interest in Coronavirus outbreak, now experts found a new backdoor called BlackWater that pretends to provide information about COVID-19. Researchers from MalwareHunterTeam discovered a suspicious RAR file named “COVID-19-” that was being distributed online, likely through phishing emails. "Important

Malware

Malware Advertising Phishing Hacking

Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks

Security Affairs

JUNE 28, 2020

In other attempts detected by ACSC, threat actors launched spear-phishing to harvest credentials, deliver malware, and steal other sensitive data from the victims. “The ACSC has identified instances where users have executed malware embedded in email attachments. The threat actors used malware (i.e.

Malware

Malware Advertising Government Cyber Attacks

Experts uncovered an advanced phishing campaign delivering the Quasar RAT

Security Affairs

AUGUST 27, 2019

Researchers at Cofense uncovered an advanced phishing campaign delivering Quasar RAT via fake resumes. Experts at security firm Cofense observed an advanced phishing campaign delivering Quasar RAT via fake resumes. The fake resumes distributed in this phishing campaign detected are password-protected Microsoft Word documents.

Phishing

Phishing Passwords Advertising Malware

Hackers published a list of allegedly phished Discord login credentials

Security Affairs

JULY 22, 2019

Last week, hackers published a list of Discord credentials (email addresses/passwords) that were allegedly phished from the users of the gaming chat platform. Last week, a group of hackers published a list of Discord login credentials (email addresses and passwords) that were allegedly phished from the users of the gaming chat platform.

Phishing

Phishing Data breaches Passwords Advertising

US Utilities Targeted with LookBack RAT in a new phishing campaign

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing

Phishing Energy and Utilities Advertising Engineering

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. .

Government

Government Malware Advertising Passwords

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government

Government Malware Computers and Electronics Advertising

Full(z) House Magecart group mix phishing and MiTM in its attacks

Security Affairs

NOVEMBER 26, 2019

A group under the Magecart umbrella adopted a new tactic that leverages on MiTM and phishing attacks to target sites using external payment processors. The name Fullz House comes from two different attack techniques, the phishing, and the web skimming. The [phishing] pages are part of a framework,” they wrote.

Phishing

Phishing Cybercrime Advertising Software

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware

Malware Security Intelligence Banking Phishing

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. ” concludes the report.

Encryption

Encryption Malware Phishing Hacking

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK. The macros download and execute the FRIENDSPEAK code, which in turn downloads the MIXLABEL malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Malware Telecommunications Advertising

Internal Revenue Service warns taxpayers of a malware campaign

Security Affairs

AUGUST 25, 2019

The Internal Revenue Service (IRS) is warning of an active IRS impersonation scam campaign sending spam emails to distribute malware. The Internal Revenue Service (IRS) issued an alert to warn taxpayers of a new scam campaign distributing malware. See Report Phishing and Online Scams for more details.” Pierluigi Paganini.

Malware

Malware Computers and Electronics Scams Passwords

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

According to the experts the nation-state actors leverage stolen security certificates from two separate, legitimate South Korean companies. . The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. ” reads the analysis published by ESET.

Malware

Malware Software Cryptocurrency Financial Services

North Korea-linked Konni APT targets Russian diplomatic bodies

Security Affairs

JANUARY 6, 2022

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants.

Phishing

Phishing Malware Hacking Accountability

A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

Security Affairs

JULY 19, 2020

A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Advertising Hacking Information Security

Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016

Security Affairs

JULY 9, 2019

The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. ” reads a report published by Kaspersky.

Malware

Malware InfoSec Advertising Government

Threat actors abuse Microsoft Azure to Host Malware and C2 Servers

Security Affairs

JUNE 2, 2019

Microsoft Azure cloud services are being abused by threat actors to host malware and as command and control (C&C) servers. Threat actors look with great interest at cloud services that could be abused for several malicious purposes, like storing malware or implementing command and control servers. u/a Mozilla/4.0

Malware

Malware Advertising Scams Software

COVID-19 themed attacks increase in Brazil, India, and UK

Security Affairs

JUNE 13, 2020

Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. The malware scanners implemented by Google are able to block over 99.9% of all spam, phishing, and malware messages sent to Gmail users. ” Google concludes.

Phishing

Phishing Scams Insurance Malware

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. “This report aims to shed light on some of Pawn Storm’s attacks that did not use malware in the initial stages.

Phishing

Phishing Accountability Advertising DNS

Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

Security Affairs

SEPTEMBER 27, 2020

GADOLINIUM abuses Microsoft cloud services as command and control infrastructure, the experts uncovered a spear-phishing campaign using messages with weaponized attachments. Once infected computers, the threat actors used the PowerShell malware to install one of the 18 Azure AD apps. Pierluigi Paganini.

Advertising

Advertising Malware Phishing Hacking

Visa shares details for two attacks on North American hospitality merchants

Security Affairs

OCTOBER 4, 2020

Visa revealed that two unnamed North American hospitality merchants have been infected with some strains of point-of-sale (POS) malware. According to a security alert published last week, the attacks took place in May and June 2020, respectively. ” reads the VISA security alert.”In ” continues the report.

Malware

Malware Advertising Accountability Hacking

WhiteShadow downloader leverages Microsoft SQL to retrieve multiple malware

Security Affairs

SEPTEMBER 29, 2019

In August, malware researchers at Proofpoint spotted a new downloader which is being used to deliver a variety of malware via Microsoft SQL queries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Pierluigi Paganini.

Malware

Malware Advertising Phishing Information Security

The University of Utah Health discloses security breach

Security Affairs

MARCH 23, 2020

The University of Utah Health disclosed a security breach, it has discovered malware on its systems and revealed unauthorized access to some employee email accounts. Attackers breached the organization with a phishing attack, the intrusion took place between January 7 and February 21, 2020. ” continues the alert.

Accountability

Accountability Advertising Malware Phishing

Carbanak malware returned in ransomware attacks

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Webinars

Trending Sources

Your colleague was infected with Coronavirus, this is the latest phishing lure

Webinars

CISA warns of phishing attacks delivering KONNI RAT

Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

Microsoft Teams phishing campaign targeted up to 50,000 Office 365 users

Homoglyph attacks used in phishing campaign and Magecart attacks

Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA

New Coronavirus-themed malspam campaign delivers FormBook Malware

FBI and NSA joint report details APT28’s Linux malware Drovorub

A Google Drive weakness could allow attackers to serve malware

New phishing campaign targets bank customers with WSH RAT

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Malware campaign employs fake security certificate updates

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Emotet malware employed in fresh COVID19-themed spam campaign

Google enhances malware protection for accounts enrolled in Advanced Protection Program (APP)

Gamaredon group uses a new Outlook tool to spread malware

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

BlackWater, a malware that uses Cloudflare Workers for C2 Communication

Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks

Experts uncovered an advanced phishing campaign delivering the Quasar RAT

Hackers published a list of allegedly phished Discord login credentials

US Utilities Targeted with LookBack RAT in a new phishing campaign

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Croatia government agencies targeted with news SilentTrinity malware

Full(z) House Magecart group mix phishing and MiTM in its attacks

Raccoon Malware, a success case in the cybercrime ecosystem

Microsoft warns TA505 changed tactic in an ongoing malware campaign

North Korea-linked Konni APT uses Russian-language weaponized documents

FIN11 gang started deploying ransomware to monetize its operations

Internal Revenue Service warns taxpayers of a malware campaign

Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Konni APT targets Russian diplomatic bodies

A flaw in Zoom’s Vanity URL feature could have been exploited in phishing attacks

Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016

Threat actors abuse Microsoft Azure to Host Malware and C2 Servers

COVID-19 themed attacks increase in Brazil, India, and UK

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

Visa shares details for two attacks on North American hospitality merchants

WhiteShadow downloader leverages Microsoft SQL to retrieve multiple malware

The University of Utah Health discloses security breach

Stay Connected