Identity IQ

MAY 10, 2024

The scammers can exploit this information, particularly the system and hardware data, to gain the trust of Dell customers and manipulate them into revealing more sensitive information, downloading malware , or even transferring money. Scammers can use names and physical addresses to mail phishing letters with harmful packages.

Data breaches 111

Data breaches Phishing Scams Risk 111

Malwarebytes

JANUARY 6, 2022

As early as 2017, cybercriminals have been incorporating capabilities to defeat 2FA into their kits. Academics from Stony Brook University and Palo Alto Networks—namely Brian Kondracki, Babak Amin Azad, Nick Nikiforakis, and Oleksii Starov—have found at least 1,200 phishing kits online capable of capturing or intercepting 2FA security codes.

Phishing 119

Phishing Authentication Accountability Data breaches 119

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. “It means that they are actively developing new malwares.

Malware 118

Malware Phishing Passwords Media 118

The Hacker News

FEBRUARY 15, 2022

Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems.

Manufacturing 102

Manufacturing Hacking Phishing Malware 102

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. SecurityAffairs – hacking, Ukraine).

Malware 81

Malware Phishing Banking Government 81

Security Affairs

JULY 2, 2019

US Cyber Command posted on Twitter an alert about cyber attacks exploiting the CVE-2017-11774 vulnerability in Outlook. Yesterday I was using Twitter when I noticed the following alert issued by the account managed by the US Cyber Command : USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching.

Energy and Utilities 83

Energy and Utilities Malware Advertising InfoSec 83

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware 120

Malware Scams Social Engineering Phishing 120

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait.

Phishing 90

Phishing Scams Accountability Energy and Utilities 90

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. ” HYDRA. .

Marketing 247

Marketing Energy and Utilities Malware Ransomware 247

Security Affairs

JUNE 28, 2020

In many cases, attackers targeted unpatched versions of Telerik user interface (UI) by exploiting CVE-2019-18935 , CVE-2017-9248 , CVE-2017-11317 , CVE-2017-11357 vulnerabilities. “The ACSC has identified instances where users have executed malware embedded in email attachments. SecurityAffairs – hacking, ACSC).

Malware 116

Malware Advertising Government Cyber Attacks 116

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware 82

Malware Telecommunications DNS Hacking 82

SC Magazine

FEBRUARY 17, 2021

The Department of Justice has unsealed an indictment against three members of Lazarus Group for a wide range of financially-motivated hacks against private businesses that authorities said were designed to steal $1.3 The advisory contains technical analysis as well as indicators of compromise that security teams can use to detect the malware.

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. ” concludes the report.

Encryption 109

Encryption Malware Phishing Hacking 109

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules.

Banking 104

Banking Malware Phishing Advertising 104

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. Fast forward to 2017. Branching attacks.

Hacking 212

Hacking Energy and Utilities System Administration Accountability 212

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. SecurityAffairs – hacking, Ursnif). Upon enabling the macro, the infection process will start.

Malware 84

Malware Banking Social Engineering Retail 84

Security Affairs

JULY 9, 2019

The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. ” reads the report.

Malware 76

Malware InfoSec Advertising Government 76

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. SecurityAffairs – hacking, Wannacry).

Malware 98

Malware Computers and Electronics Encryption Ransomware 98

SecureList

FEBRUARY 9, 2022

The most common malware family found in attachments were Agensla Trojans. Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. Hurry up and lose your account: phishing in the corporate sector. Trends of the year.

Phishing 65

Phishing Scams Accountability Banking 65

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. These included PClock, CryptoLocker 2.0, Crypt0L0cker, and TorrentLocker.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JANUARY 6, 2022

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants.

Phishing 133

Phishing Malware Hacking Accountability 133

Security Affairs

JUNE 12, 2019

The last time security experts documented the FIN8’s activities was in 2016 and 2017. FireEye documented obfuscation techniques used by the group in June 2017 and the involvement of PUNCHTRACK POS-scraping malware. “It is believed that the malware was deployed as a result of several phishing attempts.”

Hacking 78

Hacking Malware Advertising Retail 78

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 86

Phishing Education Accountability Telecommunications 86

Security Affairs

APRIL 19, 2021

Among the most clamorous attacks against industrial organizations, there is the 2015 attack against the electric grid in Ukraine and the 2017 Triton attack against a Saudi petrochemical plant. Mandiant launched a spear-phishing attack to gain a foothold in the target enterprise network. SecurityAffairs – hacking, smart meters).

Hacking 120

Hacking Phishing Accountability Internet 120

Security Affairs

AUGUST 9, 2022

The threat actors launched spear-phishing campaigns against the victims, in some cases, the messages contained information related to the victims which were not publicly available. The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The vulnerability affects the MS Office component EQNEDT32.EXE

Encryption 99

Encryption Antivirus Malware Hacking 99

Security Affairs

APRIL 30, 2021

The state-sponsored hackers sent spear-phishing messages to a general director working at the Rubin Design Bureau , in Saint Petersburg, which is one of three main Russian centers of submarine design. The spear-phishing messages used a malicious Rich Text File (RTF) document that included descriptions of an autonomous underwater vehicle.

Phishing 132

Phishing Malware Antivirus Encryption 132

Security Affairs

MAY 19, 2022

A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. The group has been active since at least 2017, researchers believe it is linked with other China-linked APT groups, including APT41 (Winnti), Mustang Panda , and APT27.

Malware 129

Malware Phishing Government Hacking 129

Security Affairs

DECEMBER 1, 2019

Over 90 percent of the users identified by Google were targeted via “credential phishing emails” that attempt to trick victims into providing their password or other account credentials to hijack their Google account. SecurityAffairs – Google TAG, state-sponsored hacking). Pierluigi Paganini.

Phishing 127

Phishing Accountability Advertising Cyber Attacks 127

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker been active since at least December 2017, researchers observed a spike in its operations in April and most recent attacks were uncovered in June.

Malware 82

Malware Advertising Hacking Government 82

Security Affairs

JULY 6, 2023

A new variant of the Truebot malware was used in attacks against organizations in the United States and Canada. ALERT: Increased #Truebot malware activity targets U.S. & The attackers use the malware to escalate privileges and maintain persistence on the compromised systems. & Canada organizations.

Malware 84

Malware Cyber threats Phishing Hacking 84

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned.

DNS 258

DNS Penetration Testing Malware Hacking 258

Security Affairs

JANUARY 11, 2019

Ave Maria Malware – Phishing attempts spreading in the last days of the past year against an Italian organization operating in the Oil&Gas sector. The Cybaze -Yoroi ZLab researchers analyzed phishing attempts spreading in the last days of the past year against an Italian organization operating in the Oil&Gas sector.

Malware 76

Malware Phishing Advertising InfoSec 76

Security Affairs

AUGUST 12, 2019

Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations. The Cloud Atlas cyberespionage group, aka Inception, continues to carry out attacks against government organizations and was observed using a new piece of polymorphic malware dubbed VBShower.

Malware 81

Malware Government Phishing Advertising 81

Security Affairs

MARCH 25, 2022

“In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.” The group also attempted to hack the systems of a US company operating critical infrastructure in the United States. ” reads a press release published by DoJ.

Government 94

Government Energy and Utilities Malware Hacking 94

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Malware 126

Malware Phishing Antivirus Hacking 126

Security Affairs

APRIL 30, 2023

CERT-UA warns of a spear-phishing campaign conducted by APT28 group targeting Ukrainian government bodies with fake ‘Windows Update’ guides. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks.

System Administration 90

System Administration Government Phishing Malware 90

Security Affairs

JULY 8, 2023

Iran-linked APT group tracked TA453 has been linked to a new malware campaign targeting both Windows and macOS systems. The Iran-linked threat actor TA453 has been linked to a malware campaign that targets both Windows and macOS. GorjolEcho maintains persistence by copying the initial stages malware in a StartUp entry.

Malware 93

Malware VPN Media Encryption 93