Krebs on Security

AUGUST 8, 2023

Faced with customers trying to use WormGPT to create ransomware and phishing scams, the 23-year-old Portuguese programmer who created the project now says his service is slowly morphing into “a more controlled environment.” ” SlashNext asked WormGPT to compose this BEC phishing email. . ” Image: SlashNext.com.

Malware 212

Malware Cybercrime Advertising Phishing 212

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Source: CERT-GIB. Source: CERT-GIB.

Phishing 106

Phishing Malware Spyware DDOS 106

SecureList

FEBRUARY 15, 2021

Agentb malware family. The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. The most frequent targets of phishing attacks were online stores (18.12 The contact phone trick was heavily used both in email messages and on phishing pages. Trends of the year. Malicious links.

Phishing 136

Phishing Malware Scams Accountability 136

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. The phishing messages tell the victims that one of their colleagues, friends, or family members has tested positive for the virus, then it urges them to print the attached “EmergencyContact.

Phishing 138

Phishing Advertising Cryptocurrency Malware 138

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. A malware campaign conducted by alleged Russian threat actors has been targeting users in Eastern European in the crypto industry. ” continues the report. Stolen data are exfiltrated through Telegram.

Cryptocurrency 80

Cryptocurrency Malware Media Phishing 80

CyberSecurity Insiders

MARCH 28, 2023

The malware is primarily used to steal sensitive information, such as login credentials and financial information, from victims. The Dridex malware typically spreads through spam email campaigns, with the emails containing a malicious attachment or link that, when clicked, will install the malware on the victim's computer.

Banking 78

Banking Malware Backups Education 78

Security Affairs

JUNE 29, 2023

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year.

Malware 80

Malware Cybercrime Phishing Internet 80

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. In 2015, penetration tester Oliver Münchow was asked by a Swiss bank to come up with a better way to test and educate bank employees so that passwords never left the network perimeter. It is headquartered in Zurich, with a U.S

Social Engineering 166

Social Engineering Engineering Phishing Banking 166

Security Affairs

APRIL 11, 2020

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. ” concludes the experts.

Phishing 139

Phishing Advertising Healthcare Cyber Attacks 139

Security Affairs

AUGUST 8, 2022

LogoKit – Threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters in phishing campaigns. Using highly trusted service domains like Snapchat and other online-services, they create special URLs which lead to malicious resources with phishing kits. Resecurity, Inc.

Phishing 94

Phishing Passwords Threat Detection Cybercrime 94

Security Affairs

OCTOBER 24, 2020

Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams. Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a phishing campaign that pretends to be automated message from Microsoft Teams. ” concludes the report.

Phishing 145

Phishing Advertising Passwords Hacking 145

Security Affairs

AUGUST 17, 2020

The malware has evolved over the years, it is able to log keystrokes, steal files, capture screenshots, collect information about the infected system, steal credentials from major browsers (i.e. The malware has been active since at least 2014, it was undetected for more than 3 years and was used in highly targeted attacks.

Phishing 122

Phishing Malware Advertising Architecture 122

Security Affairs

JANUARY 2, 2020

Crooks are exploiting the popularity of the Star Wars saga to monetize their efforts, experts warn of online streaming sites delivering malware. Cybercriminals leverage popular movies like Star Wars to lure users into downloading malware to watch exclusive scenes or the full movie. Pierluigi Paganini.

Phishing 80

Phishing Malware Advertising Media 80

Security Affairs

AUGUST 9, 2020

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. Pierluigi Paganini.

Phishing 143

Phishing Advertising Scams Accountability 143

Krebs on Security

AUGUST 2, 2018

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack ).

Phishing 142

Phishing Scams Passwords Password Management 142

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules.

Banking 103

Banking Malware Phishing Advertising 103

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware 121

Malware Scams Social Engineering Phishing 121

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. “This new variant is named WSH Remote Access Tool (RAT) by the malware’s author and was released on June 2, 2019. . ” continues the post.

Banking 104

Banking Phishing Advertising Malware 104

eSecurity Planet

NOVEMBER 2, 2022

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Though often conflated with one another, malware and computer viruses aren’t necessarily the same thing. Looking to Protect Yourself Against Malware?

Malware 138

Malware Ransomware Antivirus Internet 138

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. SecurityAffairs – Gamaredon, malware).

Malware 105

Malware Phishing Advertising Government 105

Heimadal Security

DECEMBER 2, 2021

Emotet is a malware known as a banking Trojan. Malspam, which are spam emails that contain malware, is the primary means by which it spreads. Since 2015, Emotet started assaulting the United […]. Since 2015, Emotet started assaulting the United […].

Malware 87

Malware Banking Phishing Cybersecurity 87

Security Affairs

AUGUST 13, 2020

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group.

Malware 138

Malware Advertising IoT Government 138

Security Affairs

AUGUST 23, 2020

enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. An attacker could exploit the weakness to carry out spear-phishing campaigns using messages that include links to malicious files hosted on Google Drive. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 132

Malware Phishing Advertising Antivirus 132

Security Affairs

SEPTEMBER 18, 2020

Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten. Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Pierluigi Paganini.

Malware 103

Malware Phishing Accountability Advertising 103

Security Affairs

MARCH 5, 2020

Crooks are using a new phishing technique to trick victims into accepting the installation of a security certificate update and deliver malware. We have already observed threat actors distributing malware masqueraded by legitimate software updates. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 115

Malware Advertising Software Phishing 115

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing 82

Phishing Social Engineering Malware Advertising 82

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Downloaders , intended for the installation of additional malware,and backdoors , granting cybercriminals remote access to victims’ computers, also made it to top-3.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

APRIL 26, 2020

Several US universities and colleges were targeted in phishing attacks aimed at delivering malware previously used by China-linked APT groups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – US universities, phishing). Faculty and students at several U.S.

Malware 100

Malware Phishing Advertising Education 100

Security Affairs

MARCH 20, 2019

Security experts at Check Point uncovered a sophisticated malware campaign spreading the SimBad malicious code through the official Google Play Store. Researchers at Check Point have uncovered a sophisticated malware campaign spreading the SimBad agent through the official Google Play Store. com ’ as an ad-related SDK.

Malware 108

Malware Phishing Advertising Scams 108

Security Affairs

AUGUST 15, 2020

The Emotet malware has begun to spam COVID19-themed emails to U.S. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were already affected by the pandemic.

Malware 97

Malware Advertising Phishing Hacking 97

Security Affairs

OCTOBER 10, 2020

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). Google announced an improved malware protection. Google announced an improved malware protection. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” . .

Accountability 72

Accountability Malware Phishing Advertising 72

Security Affairs

JANUARY 18, 2024

Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. In the past, the group’s activity involved persistent phishing and credential theft campaigns leading to intrusions and data theft.

Phishing 95

Phishing Malware Encryption Accountability 95

Security Affairs

APRIL 26, 2020

Several US universities and colleges were targeted in phishing attacks aimed at delivering malware previously used by China-linked APT groups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – US universities, phishing). Faculty and students at several U.S. Pierluigi Paganini.

Malware 85

Malware Phishing Advertising Education 85

Security Affairs

AUGUST 27, 2019

Researchers at Cofense uncovered an advanced phishing campaign delivering Quasar RAT via fake resumes. Experts at security firm Cofense observed an advanced phishing campaign delivering Quasar RAT via fake resumes. The fake resumes distributed in this phishing campaign detected are password-protected Microsoft Word documents.

Phishing 79

Phishing Passwords Advertising Malware 79

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. Each report includes a detailed “malware descriptions, suggested response actions, and recommended mitigation techniques.” Pierluigi Paganini.

Malware 114

Malware Passwords Advertising Antivirus 114

Security Affairs

MARCH 15, 2020

Experts found a new backdoor malware called BlackWater that pretends to provide information about the COVID-19 outbreak while abusing Cloudflare Workers as an interface to the C2 server. Upon execution, the BlackWater malware connects to a Cloudflare Worker that acts as a command and control server. "Important – COVID-19.rar"

Malware 111

Malware Advertising Phishing Hacking 111

Security Affairs

APRIL 18, 2020

TrickBot is the malware that most of all is involved in COVID-19-themed attacks, Microsoft’s Office 365 Advanced Threat Protection (ATP) data reveals. Based on Office 365 ATP data, Trickbot is the most prolific malware operation using COVID-19 themed lures. This means we’re seeing a changing of lures, not a surge in attacks.”

Malware 114

Malware Advertising Security Intelligence Phishing 114