Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing 107

Phishing Adware Retail Malware 107

CyberSecurity Insiders

JANUARY 4, 2022

A new malware developed by China is on the prowl on the web and is seen targeting Japanese companies for now. BlackTech Cyber Espionage APT group linked to Chinese intelligence was found distributing Flagpro in two stages via Phishing emails.

Malware 132

Malware Manufacturing Media Phishing 132

Security Affairs

AUGUST 17, 2020

The KONNI RAT was first discovered in May 2017 by researchers from the Cisco Talos team after it was employed in attacks aimed at organizations linked to North Korea. The malware has been active since at least 2014, it was undetected for more than 3 years and was used in highly targeted attacks. ” reads the CISA’s alert.

Phishing 121

Phishing Malware Advertising Architecture 121

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service.

Phishing 232

Phishing Passwords Accountability Authentication 232

CyberSecurity Insiders

FEBRUARY 18, 2022

According to a research conducted by Proofpoint, cybersecurity researchers have been targeting the servers operating in aerospace and defense sector with a Trojan malware and the hacking group behind the incident has been dubbed as TA2541.

Malware 98

Malware Phishing Hacking Cybersecurity 98

Security Affairs

JULY 2, 2019

US Cyber Command posted on Twitter an alert about cyber attacks exploiting the CVE-2017-11774 vulnerability in Outlook. Yesterday I was using Twitter when I noticed the following alert issued by the account managed by the US Cyber Command : USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching.

Energy and Utilities 82

Energy and Utilities Malware Advertising InfoSec 82

Malwarebytes

JANUARY 6, 2022

As early as 2017, cybercriminals have been incorporating capabilities to defeat 2FA into their kits. Academics from Stony Brook University and Palo Alto Networks—namely Brian Kondracki, Babak Amin Azad, Nick Nikiforakis, and Oleksii Starov—have found at least 1,200 phishing kits online capable of capturing or intercepting 2FA security codes.

Phishing 121

Phishing Authentication Accountability Data breaches 121

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. “It means that they are actively developing new malwares.

Malware 117

Malware Phishing Passwords Media 117

SecureList

FEBRUARY 15, 2021

Agentb malware family. The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. The most frequent targets of phishing attacks were online stores (18.12 The contact phone trick was heavily used both in email messages and on phishing pages. Trends of the year. Malicious links.

Phishing 135

Phishing Malware Scams Accountability 135

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 258

Hacking Social Engineering Phishing Scams 258

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait.

Phishing 90

Phishing Scams Accountability Energy and Utilities 90

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. Patch 1 and 8.8.x x before 8.8.7

Malware 81

Malware Phishing Banking Government 81

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware 121

Malware Scams Social Engineering Phishing 121

The Hacker News

FEBRUARY 4, 2021

Phishing and Malware Among the major cyber threats, the malware remains a significant danger. The 2017 WannaCry outbreak that cost businesses worldwide up to $4 billion is still in recent memory, and other new strains of malware are discovered on a daily basis.

Scams 133

Scams Cyber threats Phishing Malware 133

Krebs on Security

AUGUST 14, 2020

Sources close to the investigation tell KrebsOnSecurity the malware is known as Defray. Defray was first spotted in 2017, and its purveyors have a history of specifically targeting companies in the healthcare space. “The phishing emails the authors use are well-crafted,” Trend Micro wrote.

Ransomware 359

Ransomware Healthcare Insurance Phishing 359

Elie

NOVEMBER 9, 2017

Over the course of March, 2016–March, 2017, we identify 788,000 potential victims of off-theshelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 We observe a remarkable lack of external pressure on bad actors, with phishing kit playbooks and keylogger capabilities remaining largely unchanged since the mid-2000s.

Data breaches 112

Data breaches Phishing Risk Malware 112

Krebs on Security

APRIL 9, 2024

“This is the largest release from Microsoft this year and the largest since at least 2017,” said Dustin Childs , from Trend Micro’s Zero Day Initiative (ZDI). “BlackLotus can bypass functionality called secure boot, which is designed to block malware from being able to load when booting up. .

DNS 232

DNS Social Engineering Malware Media 232

Security Affairs

JUNE 28, 2020

In many cases, attackers targeted unpatched versions of Telerik user interface (UI) by exploiting CVE-2019-18935 , CVE-2017-9248 , CVE-2017-11317 , CVE-2017-11357 vulnerabilities. “The ACSC has identified instances where users have executed malware embedded in email attachments. Pierluigi Paganini.

Malware 114

Malware Advertising Government Cyber Attacks 114

SecureList

FEBRUARY 9, 2022

The most common malware family found in attachments were Agensla Trojans. Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. Hurry up and lose your account: phishing in the corporate sector. Trends of the year.

Phishing 65

Phishing Scams Accountability Banking 65

Malwarebytes

FEBRUARY 16, 2021

Today, we are showing readers just what that evolution looked like, in our State of Malware 2021 report. This report provides our most comprehensive analysis of last year’s malware trends, with breakdowns by malware category, malware type, operating system, region, industry, and more.

Malware 123

Malware Scams Spyware Healthcare 123

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. Experts noticed that the malware uses the BITSAdmin tool to download the additional modules.

Banking 103

Banking Malware Phishing Advertising 103

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware 82

Malware Telecommunications DNS Hacking 82

The Hacker News

FEBRUARY 15, 2022

Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems.

Manufacturing 100

Manufacturing Hacking Phishing Malware 100

Security Affairs

JULY 9, 2019

The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. ” reads the report.

Malware 74

Malware InfoSec Advertising Government 74

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain. What should we learn from this?

Malware 97

Malware Computers and Electronics Encryption Ransomware 97

Security Affairs

OCTOBER 3, 2021

TA544 is a financially motivated threat actor that is active at least since 2017, it focuses on attacks on banking users, it leverages banking malware and other payloads to target organizations worldwide, mainly in Italy and Japan. Upon enabling the macro, the infection process will start. Pierluigi Paganini.

Malware 83

Malware Banking Social Engineering Retail 83

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. Interestingly enough, the share of adware attacks increased in relation to mobile malware in general. They typically work with malware developers to achieve this.

Mobile 132

Mobile Malware Adware Banking 132

Krebs on Security

APRIL 7, 2022

The DOJ said it did not seek to disinfect compromised devices; instead, it obtained court orders to remove the Cyclops Blink malware from its “command and control” servers — the hidden machines that allowed the attackers to orchestrate the activities of the botnet. energy facilities. ” HYDRA. . ” HYDRA. .

Marketing 237

Marketing Energy and Utilities Malware Ransomware 237

Malwarebytes

MARCH 29, 2022

These methods include using documents that exploit CVE-2017-0199 and CVE-2021-40444, macro-embedded documents, and executables. The spear phishing emails are warning people that use websites, social networks, instant messengers and VPN services that have been banned by the Russian Government and that criminal charges will be laid.

Phishing 73

Phishing Education Telecommunications Technology 73

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. ” concludes the report.

Encryption 107

Encryption Malware Phishing Hacking 107

Digital Shadows

AUGUST 17, 2021

What is Phish(ing)? But, never mind the dozens of other reports and white papers about phishing that come out every year from security industry leaders, let’s take a look at the 2021 Verizon DBIR. Going back a bit, it was also the top attack vector in 2020, 2019, 2018, 2017, 2016, and well, hopefully, you get the picture.

Phishing 52

Phishing Accountability Social Engineering Mobile 52

Tech Republic Security

APRIL 27, 2017

According to Verizon's 2017 Data Breach Investigations Report, espionage-related attacks are growing in popularity, with malware and phishing still go-to tools for hackers as well.

Cybercrime 137

Cybercrime Data breaches Phishing Malware 137

Heimadal Security

APRIL 12, 2021

Cyber attackers responsible for the operation are using contact forms published on legitimate websites to deliver IcedID malware to organizations via emails with fake legal threats. First discovered in 2017, […].

Malware 59

Malware Cyber Attacks Phishing Cybersecurity 59

Security Affairs

JANUARY 6, 2022

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants.

Phishing 133

Phishing Malware Hacking Accountability 133

Hot for Security

JUNE 18, 2021

A recent phishing campaign targeting Windows machines is attempting to infect users with one of the most recent versions of the Agent Tesla remote access Trojan (RAT). Active for over seven years, Agent Tesla has been used frequently in phishing campaigns seeking to steal user credentials, passwords and sensitive information.

Phishing 105

Phishing Malware Spyware Software 105

Security Affairs

JANUARY 11, 2019

Ave Maria Malware – Phishing attempts spreading in the last days of the past year against an Italian organization operating in the Oil&Gas sector. The Cybaze -Yoroi ZLab researchers analyzed phishing attempts spreading in the last days of the past year against an Italian organization operating in the Oil&Gas sector.

Malware 75

Malware Phishing Advertising InfoSec 75

Security Affairs

APRIL 30, 2021

The state-sponsored hackers sent spear-phishing messages to a general director working at the Rubin Design Bureau , in Saint Petersburg, which is one of three main Russian centers of submarine design. The spear-phishing messages used a malicious Rich Text File (RTF) document that included descriptions of an autonomous underwater vehicle.

Phishing 130

Phishing Malware Antivirus Encryption 130