2017, Cyber Attacks and Social Engineering

Ransomware attack on Brazil Nuclear Power Facility via Vulnerability

CyberSecurity Insiders

FEBRUARY 8, 2021

Reuters’ published a news article saying Brazil’s electro-nuclear power plant was hit by a ransomware attack, bringing down the operations to a halt on a partial note. Also known with the names Hidden Cobra and Zinc, the cyber crime group is known to hack critical infrastructure, thus making money through double extortion techniques.

Ransomware

Ransomware Social Engineering Cryptocurrency Cybercrime

Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million

Security Affairs

OCTOBER 18, 2018

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018. In most cases, cybercriminals, while attacking cryptocurrency exchanges, use traditional tools and methods, such as spear phishing, social engineering, distribution of malware, and website defacement.

Cyber Attacks

Cyber Attacks Cryptocurrency Phishing Social Engineering

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 million (2.96 million (2.96

Cyber Attacks

Cyber Attacks Banking Cyber threats Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Top 5 Cybersecurity and Computer Threats of 2017

NopSec

FEBRUARY 9, 2017

The year 2016 will be remembered for some big moments in the world of cybersecurity: the largest known distributed denial of service (DDoS) attack, a phishing attack on a United States presidential candidate’s campaign, and ransomware attacks on major healthcare organizations are just a few. For a preview, read on.

Cybersecurity

Cybersecurity DDOS IoT Social Engineering

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

billion in 2017; Avast acquired AVG for $1.3 There are simple steps consumers can take today, for free, to lower their overall risk of a cyber attack, including using multi-factor authentication for their accounts and using strong passwords. A lot of water has flowed under the bridge since then. billion in 2016, for instance.

Antivirus

Antivirus Marketing Identity Theft Social Engineering

UNRAVELING EternalBlue: inside the WannaCry’s enabler

Security Affairs

SEPTEMBER 1, 2023

Here is how the NSA-developed cyber monster works, and how you should defend against it. EternalBlue is a Windows exploit created by the US National Security Agency (NSA) and used in the 2017 WannaCry ransomware attack. EternalBlue gained notable attention through its involvement in prominent cyber attacks.

Social Engineering

Social Engineering Penetration Testing Engineering Malware

Years of Aviation Cyberattacks Connected to Single APT

SecureWorld News

FEBRUARY 17, 2022

Security researchers from Proofpoint have tracked an APT that has targeted the aviation, aerospace, transportation, manufacturing, and defense industries dating back to 2017, and are calling it TA2541. Proofpoint has tracked this threat actor since 2017, and it has used consistent tactics, techniques, and procedures (TTPs) in that time.

Social Engineering

Social Engineering Engineering Phishing Manufacturing

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

eSecurity Planet

SEPTEMBER 14, 2022

According to statistics from the FBI’s 2021 Internet Crime Report , complaints to the Internet Crime Complaint Center (IC3) have been rising since 2017. According to the 2021 IBM Threat Force Intelligence Index , Manufacturing was the industry most likely to be attacked last year, comprising 23.2% of cyber attacks IBM handled.

Social Engineering

Social Engineering Energy and Utilities Phishing Scams

Russia-Ukraine War: 3 Cyber Threat Effects, 1 Year In

Digital Shadows

FEBRUARY 22, 2023

State-Backed Tactics Above the Battlefield During the weeks preceding the official invasion of Ukraine, the ReliaQuest Photon Research team observed foreboding signs—among them, military movements along the Ukrainian borders and minor cyber attacks against Ukrainian private and public entities.

Cyber threats

Cyber threats Cybercrime Cyber Attacks DDOS

North Korea’s Lazarus compromised dozens of organizations in Israel

Security Affairs

AUGUST 14, 2020

The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. According to the officials, the attack was launched by “an international cyber group called ‘ Lazarus.’

Cyber Attacks

Cyber Attacks Social Engineering Advertising Manufacturing

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

Reflecting on the Wannacry ransomware attack, which is the lesson learnt e why most organizations are still ignoring it. The spread of this ransomware was considered to be the worst cyber attack in terms of contamination rate and scope, putting public offices and companies (especially healthcare facilities) out of operation.

Malware

Malware Computers and Electronics Encryption Ransomware

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

In 2017, hackers stole some personal information belonging to T-Mobile customers by exploiting a well-known vulnerability. Exploiting the vulnerability attackers were able to access certain customers’ data, including email addresses, billing account numbers, and the phone’s IMSI numbers.

Mobile

Mobile Telecommunications Data breaches Identity Theft

News alert: Massachusetts pumps $1.1 million into state college cybersecurity training programs

The Last Watchdog

OCTOBER 5, 2023

Defending our technology against cyber threats is an increasingly important issue, and these grants will allow our cities and towns to train the next generation of cybersecurity professionals.” “As As a former mayor, I know that cyber attacks are a constant threat to municipalities.

Cybersecurity

Cybersecurity Education Small Business Government

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

Security Boulevard

MARCH 1, 2023

The campaign uses consistent maritime-related social engineering lures in spearphishing emails almost certainly targeting the maritime industry. 1st Delivery Technique – Attached Word Document Exploits CVE-2017-0199 The first technique was first observed on 29 July 2022 and starts with a spearphishing email to the target.

Phishing

Phishing Social Engineering Ransomware Encryption

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

A common thread runs through the cyber attacks that continue to defeat the best layered defenses money can buy. Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core.

Hacking

Hacking Energy and Utilities System Administration Accountability

Interview with Dr. Arun Vishwanath on the Latest Cybersecurity Attacks

CyberSecurity Insiders

JUNE 3, 2021

This creates a cycle of cyber breaches. Some of the data that is stolen feeds social engineering attacks, where hackers use the stolen data to attack people and steal even more. I presented it at Blackhat in 2016 and 2017. It also puts a price on the data—which creates a market for it.

Cybersecurity

Cybersecurity Energy and Utilities Social Engineering Phishing

Top 5 Industries Most Vulnerable to Data Breaches in 2023

Security Boulevard

JUNE 26, 2023

Unfortunately, the increasing reliance on digital systems and capabilities has also attracted an ever-growing number of malicious actors seeking to defraud businesses through phishing , social engineering , or ransomware attacks. The end result of these types of cyber attacks are often highly public and damaging data breaches.

Data breaches

Data breaches Healthcare Telecommunications Financial Services

Cybersecurity is complex – but it doesn’t need to be costly or complicated

IT Security Guru

JUNE 28, 2022

The CEOs of big brands may speak of the ‘sophisticated and complex attacks’ on their systems when trying to justify to customers and suppliers why their data was breached. However, post-attack analysis doesn’t back this up. CSPM also provides educational videos so employees are made aware of how to defend themselves from cyber-attacks.

Cybersecurity

Cybersecurity Digital transformation Phishing Cybercrime

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The WannaCry and NotPetya outbreaks in May and June 2017, respectively, were the most devastating in history. WannaCry and NotPetya cyber-attacks have since been attributed to state-funded threat actors. CrySiS, also known as Dharma, has been around since 2016 and continues to be active at the time of this publication.

Ransomware

Ransomware Hacking Encryption Penetration Testing

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. From mining cryptocurrency to launching DDoS attacks against networks, there are countless ways in which malware can access and utilize victim’s computers and data.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

Shamoon motivated the Saudis to seriously ramp up the work of its National Cyber Security Center. In May 2017, the Saudi Arabian Monetary Authority (SAMA) rolled out its Cyber Security Framework mandating detailed data security rules, including a requirement to encrypt and containerize business data in all computing formats.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

The Last Watchdog

OCTOBER 15, 2019

Compromised logins continue to facilitate cyber attacks at all levels, from phishing ruses to credential stuffing to enabling hackers to probe deep inside of a breached network. It started isolating passwords as a contributing factor in its 2017 report. The first step is a big one: to change engrained employee behaviors.

Passwords

Passwords Authentication Data breaches Internet

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. From mining cryptocurrency to launching DDoS attacks against networks, there are countless ways in which malware can access and utilize victim’s computers and data.

Malware

Malware Computers and Electronics Adware Spyware

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

Group-IB, an international company that specializes in preventing cyber attacks, and a Swiss insurance broker ASPIS SA that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges cybersecurity, allowing the exchanges’ clients to ensure their assets.

Insurance

Insurance Cryptocurrency Cyber threats Marketing

Podcast Episode 125: Long After The Election Kremlin’s Computational Propaganda Campaign Rolls On

The Security Ledger

DECEMBER 18, 2018

. » Related Stories Episode 124: The Twitter Accounts Pushing French Protests and Social Engineering the Software Supply Chain Before Senate Facebook, Twitter Defend Efforts to Stop Fake News Criminals, Not State Actors, Target Russian Oil Company in 3-Year Cyber Attack.

Social Engineering

Social Engineering Government Media Cyber Attacks

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. Today, c yber security incidents lead to significant damage, alarming organizations of all types and sizes in different geographic locations.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1970-1995 — Kevin Mitnick — Beginning in 1970, Kevin Mitnick penetrates some of the most highly-guarded networks in the world, including Nokia and Motorola, using elaborate social engineering schemes, tricking insiders into handing over codes and passwords, and using the codes to access internal computer systems.

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

The History of Computer Viruses & Malware

eSecurity Planet

NOVEMBER 2, 2022

Social engineering attacks soon found use in the digital space. 2017 saw a pirated version of Petya, called “ NotPetya ,” hit multiple European countries in a major cyber attack, most notably Ukraine and Germany. One of the first instances was the Love Letter virus of 2000.

Malware

Malware Ransomware Antivirus Internet

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

Crawley: Pen testing is when you simulate cyber attacks, so you're not actually conducting cyber attacks because you have the consent of the owner of the network or the computer application that you're penetration testing, but within the rules that your client has given you. You are acting as your cyber attacker.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

Crawley: Pen testing is when you simulate cyber attacks, so you're not actually conducting cyber attacks because you have the consent of the owner of the network or the computer application that you're penetration testing, but within the rules that your client has given you. You are acting as your cyber attacker.

Penetration Testing

Penetration Testing InfoSec Cyber Attacks Education

How Does Ransomware Work – All You Need to Know

Spinone

JANUARY 20, 2020

Ransomware is designed primarily for extorting money, but it can also be used for politically motivated attacks. The example – NotPetya cyberattack against Ukraine in 2017. That is why hackers use social engineering tricks to pressure victims into paying a ransom. The ransom demand is insane: from 15 to 50 Bitcoins.

Ransomware

Ransomware Encryption Antivirus Backups

2023 Cyber Threat Predictions

Digital Shadows

NOVEMBER 1, 2022

Attributing cyber-attacks to the responsible threat actors is an incredibly difficult task. While cybercriminals are often upfront with their intentions and in claiming responsibility for an attack, mapping real world identities can often be incredibly challenging.

Cyber threats

Cyber threats Ransomware Media Data breaches

Cyber Security Informer

Ransomware attack on Brazil Nuclear Power Facility via Vulnerability

Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million

Webinars

Trending Sources

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Webinars

Top 5 Cybersecurity and Computer Threats of 2017

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

UNRAVELING EternalBlue: inside the WannaCry’s enabler

Years of Aviation Cyberattacks Connected to Single APT

The Scammers’ Playbook: How Cybercriminals Get Ahold of Your Data

Russia-Ukraine War: 3 Cyber Threat Effects, 1 Year In

North Korea’s Lazarus compromised dozens of organizations in Israel

Wannacry, the hybrid malware that brought the world to its knees

T-Mobile customers were hit with SIM swapping attacks

News alert: Massachusetts pumps $1.1 million into state college cybersecurity training programs

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

Interview with Dr. Arun Vishwanath on the Latest Cybersecurity Attacks

Top 5 Industries Most Vulnerable to Data Breaches in 2023

Cybersecurity is complex – but it doesn’t need to be costly or complicated

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

The Most Common Types of Malware in 2021

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Podcast Episode 125: Long After The Election Kremlin’s Computational Propaganda Campaign Rolls On

Cyber Security Awareness and Risk Management

Cyber CEO: The History Of Cybercrime, From 1834 To Present

The History of Computer Viruses & Malware

The Hacker Mind Podcast: So You Want To Be A Pentester

The Hacker Mind Podcast: So You Want To Be A Pentester

How Does Ransomware Work – All You Need to Know

2023 Cyber Threat Predictions

Stay Connected