Security Affairs

APRIL 11, 2020

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. ” concludes the experts.

Phishing 145

Phishing Advertising Healthcare Cyber Attacks 145

Security Boulevard

JANUARY 20, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user. Approximately 70% of observed malware cases in 2024 derived from browser-based malware.

Surveillance 97

Surveillance Malware Data breaches Scams 97

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 134

Malware Phishing Spyware Cyber threats 134

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware 145

Malware Scams Social Engineering Phishing 145

Security Affairs

MARCH 31, 2025

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Armageddon , Primitive Bear , ACTINIUM , Callisto ) targets Ukraine with a phishing campaign. The APT group has been launching cyber-espionage campaigns against Ukraine since at least 2014.

Phishing 114

Phishing Antivirus Encryption Hacking 114

Security Affairs

MARCH 5, 2020

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. We have already observed threat actors distributing malware masqueraded by legitimate software updates. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 145

Malware Advertising Software Phishing 145

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 138

Malware Ransomware Banking Healthcare 138

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA. .

Marketing 309

Marketing Energy and Utilities Malware Ransomware 309

Security Affairs

OCTOBER 24, 2020

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams. Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a phishing campaign that pretends to be automated message from Microsoft Teams. ” concludes the report.

Phishing 145

Phishing Advertising Passwords Hacking 145

Security Affairs

AUGUST 9, 2020

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. Pierluigi Paganini.

Phishing 145

Phishing Advertising Scams Accountability 145

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules.

Banking 139

Banking Malware Phishing Advertising 139

Security Affairs

JUNE 12, 2020

The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. This is the first time researchers publicly document an attack employing an OTM file and Outlook macro to carry out spear-phishing campaigns. SecurityAffairs – Gamaredon, malware).

Malware 143

Malware Phishing Advertising Government 143

Security Affairs

APRIL 26, 2020

Several US universities and colleges were targeted in phishing attacks aimed at delivering malware previously used by China-linked APT groups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 133

Malware Phishing Advertising Education 133

Security Affairs

AUGUST 23, 2020

enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. An attacker could exploit the weakness to carry out spear-phishing campaigns using messages that include links to malicious files hosted on Google Drive. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 145

Malware Phishing Advertising Antivirus 145

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware 144

Malware Antivirus Phishing Cryptocurrency 144

Security Affairs

AUGUST 15, 2020

The Emotet malware has begun to spam COVID19-themed emails to U.S. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were already affected by the pandemic.

Malware 134

Malware Advertising Phishing Hacking 134

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. Each report includes a detailed “malware descriptions, suggested response actions, and recommended mitigation techniques.” Pierluigi Paganini.

Malware 144

Malware Passwords Advertising Antivirus 144

Security Affairs

MARCH 15, 2020

Experts found a new backdoor malware called BlackWater that pretends to provide information about the COVID-19 outbreak while abusing Cloudflare Workers as an interface to the C2 server. Upon execution, the BlackWater malware connects to a Cloudflare Worker that acts as a command and control server. "Important – COVID-19.rar"

Malware 143

Malware Advertising Phishing Hacking 143

Security Affairs

DECEMBER 8, 2024

warn of PRC-linked cyber espionage targeting telecom networks U.S. Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence 104

Artificial Intelligence Spyware Hacking Ransomware 104

Security Affairs

AUGUST 13, 2020

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group.

Malware 144

Malware Advertising IoT Government 144

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Downloaders , intended for the installation of additional malware,and backdoors , granting cybercriminals remote access to victims’ computers, also made it to top-3.

Phishing 136

Phishing Ransomware Spyware Banking 136

Security Affairs

APRIL 18, 2020

TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. Based on Office 365 ATP data, Trickbot is the most prolific malware operation using COVID-19 themed lures. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 144

Malware Advertising Security Intelligence Phishing 144

Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . PerSwaysion is a highly-targeted phishing campaign. New round of phishing attempts leveraging current victim’s account usually takes less than 24 hours.

Phishing 138

Phishing Accountability Financial Services Cloud Migration 138

Security Affairs

FEBRUARY 23, 2020

Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. .

Government 144

Government Malware Advertising Passwords 144

SecureWorld News

APRIL 22, 2025

Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages. Once control is granted, the attacker can secretly install malware, including infostealers and remote access trojans (RATs), onto the victim's machine. Lazarus is also behind significant cryptocurrency heists, such as the $1.5

Cryptocurrency 90

Cryptocurrency Social Engineering Cybercrime Engineering 90

Security Affairs

FEBRUARY 24, 2020

Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware , Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. ” reads the report published by CyberArk.

Cybercrime 132

Cybercrime Malware Cryptocurrency Advertising 132

Security Affairs

NOVEMBER 26, 2019

A group under the Magecart umbrella adopted a new tactic that leverages on MiTM and phishing attacks to target sites using external payment processors. The name Fullz House comes from two different attack techniques, the phishing, and the web skimming. The [phishing] pages are part of a framework,” they wrote.

Phishing 134

Phishing Cybercrime Advertising Software 134

Security Affairs

AUGUST 14, 2020

The campaigns were classified as either phishing or malware. Phishing and Malware Q2 2020. The results depicted in Figure 1 show that phishing campaigns (84,5%) were more prevalent than malware (15,5%) during Q2 2020. Malware by Numbers.

Threat Reports 145

Threat Reports Phishing Banking Malware 145

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The campaigns were classified as either phishing or malware. Phishing and Malware Q1 2020. The results depicted in Figure 1 show that phishing campaigns (57,7%) were more prevalent than malware (42,3%) during Q1 2020.

Threat Reports 137

Threat Reports Phishing Banking Malware 137

Security Affairs

SEPTEMBER 18, 2020

Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Pierluigi Paganini.

Malware 110

Malware Phishing Accountability Advertising 110

Security Affairs

JUNE 28, 2020

In other attempts detected by ACSC, threat actors launched spear-phishing to harvest credentials, deliver malware, and steal other sensitive data from the victims. “The ACSC has identified instances where users have executed malware embedded in email attachments. The threat actors used malware (i.e.

Malware 126

Malware Advertising Government Cyber Attacks 126

Security Affairs

OCTOBER 10, 2020

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). Google announced an improved malware protection. Google announced an improved malware protection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” . .

Accountability 102

Accountability Malware Phishing Advertising 102

Security Affairs

APRIL 26, 2020

Several US universities and colleges were targeted in phishing attacks aimed at delivering malware previously used by China-linked APT groups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 107

Malware Phishing Advertising Education 107

Security Affairs

MAY 28, 2020

Valak malware has rapidly changed over the past six months, it was initially designed as a loader, but now it implemented infostealer capabilities. The Valak malware completely changed over the past six months, it was first developed to act as a loader, but now it implements also infostealer capabilities. .

Malware 123

Malware Advertising Phishing Passwords 123

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned.

DNS 319

DNS Penetration Testing Malware Hacking 319

Security Affairs

JULY 19, 2020

A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing 131

Phishing Advertising Hacking Information Security 131

Security Affairs

DECEMBER 1, 2019

Over 90 percent of the users identified by Google were targeted via “credential phishing emails” that attempt to trick victims into providing their password or other account credentials to hijack their Google account. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing 145

Phishing Accountability Advertising Cyber Attacks 145