SecureList

FEBRUARY 15, 2021

The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. The most frequent targets of phishing attacks were online stores (18.12 The contact phone trick was heavily used both in email messages and on phishing pages. Agentb malware family. Trends of the year. Malicious links.

Phishing 139

Phishing Malware Scams Accountability 139

SecureList

MAY 3, 2021

Banking phishing: new version of an old scheme. Clients of several Dutch banks faced a phishing attack using QR codes. The links in their messages took the victim to a well-designed phishing pages with official emblems, business language and references to relevant laws. Quarterly highlights. Vaccine with cyberthreat.

Phishing 109

Phishing Banking Accountability Computers and Electronics 109

SecureList

AUGUST 5, 2021

A fake notification about a Microsoft Teams meeting or a request to view an important document traditionally takes the victim to a phishing login page asking for corporate account credentials. Exploits for CVE-2017-11882 (4.07%), an Equation Editor vulnerability popular with cybercriminals, gave ground and dropped to fourth place.

Phishing 119

Phishing Banking Scams Computers and Electronics 119

SecureList

NOVEMBER 1, 2021

million redirects to phishing pages. Third place was taken by the Noon spyware (5.19%), whose 32-bit relatives (1.71%) moved down to ninth. Statistics: phishing. In Q3, the Anti-Phishing system blocked 46,340,156 attempts to open phishing links. Geography of phishing attacks. Top-level domains.

Phishing 93

Phishing Scams Accountability Computers and Electronics 93

CyberSecurity Insiders

JANUARY 13, 2022

Supporting the above stated discovery is the latest press statement released by security firm Mandiant that suggests that it has been tracking Seedworm aka MuddyWater since May 2017 and it is into activities such as digital espionage, cyber attacks, Ddos and ransomware spread.

Hacking 110

Hacking Spyware DNS Surveillance 110

SecureList

FEBRUARY 9, 2022

Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. Hurry up and lose your account: phishing in the corporate sector. Another noticeable phishing trend targeting the corporate sector was to exploit popular cloud services as bait.

Phishing 68

Phishing Scams Accountability Banking 68

Hot for Security

JUNE 18, 2021

A recent phishing campaign targeting Windows machines is attempting to infect users with one of the most recent versions of the Agent Tesla remote access Trojan (RAT). Active for over seven years, Agent Tesla has been used frequently in phishing campaigns seeking to steal user credentials, passwords and sensitive information.

Phishing 105

Phishing Malware Spyware Software 105

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. NotPetya shook the entire world in June 2017.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

eSecurity Planet

FEBRUARY 16, 2021

In 2017, more than 300,000 WordPress websites were affected by a malicious plugin that allowed an attacker to place embedded hidden links on victim websites. Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. Phishing and Social Engineering. RAM scraper.

Malware 104

Malware Adware Spyware Antivirus 104

CyberSecurity Insiders

JANUARY 31, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. NotPetya shook the entire world in June 2017.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Malwarebytes

FEBRUARY 16, 2021

of all Mac detections in 2020—the rest can be attributed to Potentially Unwanted Programs (PUPs) and Adware ThiefQuest tricked many researchers into believing it was the first example of ransomware on macOS since 2017, but the malware was hiding its real activity of massive data exfiltration. New adversaries crawled out of the woodwork, too.

Malware 122

Malware Scams Spyware Healthcare 122

Security Affairs

MARCH 8, 2020

The emails provide updates on the Coronavirus outbreak, it includes stats on the epidemic and contains an email of corona-virus@caramail.com that is likely used for phishing purposes. The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017.

Malware 120

Malware Scams Social Engineering Phishing 120

Hot for Security

JUNE 18, 2021

A recent phishing campaign targeting Windows machines is attempting to infect users with one of the most recent versions of the Agent Tesla remote access Trojan (RAT). Active for over seven years, Agent Tesla has been used frequently in phishing campaigns seeking to steal user credentials, passwords and sensitive information.

Phishing 52

Phishing Malware Spyware Software 52

Security Affairs

NOVEMBER 25, 2020

Since at least 2017, the prolific gang compromised at least 500,000 government and private sector companies in more than 150 countries. Business Email Compromise (BEC) is a type of email phishing attack that relies on social engineering. 2 Sample of the TMT’s phishing email. 3 Gammadyne Mailer used by cybercriminals.

Cybercrime 125

Cybercrime Phishing Social Engineering Spyware 125

Security Affairs

MAY 23, 2023

In the latest campaign uncovered by Kaspersky, the APT group, used a modular framework dubbed CloudWizard that supports spyware capabilities, including taking screenshots, microphone recording, harvesting Gmail inboxes, and keylogging. Since 2017, there have been no traces of Groundbait and BugDrop operations.

Malware 77

Malware Spyware Encryption Phishing 77

eSecurity Planet

SEPTEMBER 11, 2023

Sending phishing emails to engineers can be used as an exploitation technique to get them to import malicious configuration files ( CVE-2023-31171 ), which results in arbitrary code execution. Business email compromise (BEC) assaults were the main aim of this large phishing effort, which resulted in significant financial losses.

VPN 111

VPN Firmware Authentication Phishing 111

SiteLock

AUGUST 27, 2021

You may be most familiar with computer malware such as Trojan viruses and spyware, which can be used to retrieve sensitive data from a computer or even take control of the system. You’ve likely read about high-profile cyberattacks in the headlines after a major data breach, such as the Equifax breach in 2017. Ransomware. Malvertising.

Small Business 98

Small Business DDOS Malware Phishing 98

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime 187

Cybercrime Phishing Banking Malware 187

The Last Watchdog

JANUARY 28, 2019

Why we’re in the ‘Golden Age’ of cyber espionageThe fact is cyber criminals are expert at refining and carrying out phishing, malvertising and other tried-and-true ruses that gain them access to a targeted victim’s Internet-connected computing device. Apps from other sources can carry malware or spyware.

Passwords 196

Passwords Password Management Antivirus Internet 196

Security Affairs

JULY 28, 2019

Hackers published a list of allegedly phished Discord login credentials. WSJ says Equifax to Pay $700 million settlement for 2017 breach. Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks. BlackBerry Cylance addresses AI-based antivirus engine bypass.

Antivirus 57

Antivirus Spyware Advertising Hacking 57

Security Affairs

APRIL 8, 2019

This data comes not only from the analysis of underground forums and phishing websites, but also from the analysis of cybercriminals’ infrastructure (including but not limited to C&Cs) and malware disassembling. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 62

Artificial Intelligence Government Banking Advertising 62

The Last Watchdog

MAY 2, 2019

In 2017, for instance, SMBs were under tremendous pressure to defend their networks against rapidly morphing ransomware attacks. In 2018, attackers shifted their focus to refining and deploying banking trojans, which essentially act as spyware. So far in 2019, we’re seeing another shift back to ransomware, Gill told me.

Risk 182

Risk Cyber Risk Cyber threats Banking 182

SecureList

NOVEMBER 1, 2022

The victims are targeted with spear-phishing emails that trick them into mounting a malicious ISO file and double-clicking an LNK, which starts the infection chain. In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. Where CVE-2017-0261 was used before, CVE-2017-11228 replaces it.

Malware 142

Malware Ransomware Spyware Encryption 142

SecureList

AUGUST 30, 2023

Tomiris employs a wide variety of attack vectors: spear-phishing, DNS hijacking, exploitation of vulnerabilities (specifically ProxyLogon ), suspected drive-by downloads, and other “creative” methods. Using a number of vulnerabilities in iOS, the attachment is executed and installs spyware.

Malware 78

Malware Spyware Cryptocurrency Government 78

SecureList

MARCH 25, 2021

Percentage of ICS computers on which malicious objects were blocked, by half-year, 2017 – 2020 ( download ). There was a rise in the percentage of ICS computers on which threats distributed over the internet and email, and spyware and miners were blocked. Spyware (+1.4 percentage points (p.p.)

Ransomware 91

Ransomware Spyware Internet Internet 91

Herjavec Group

AUGUST 26, 2021

Justice Department announces more than 70 indictments and 125 convictions or arrests for phishing, hacking, spamming and other Internet fraud as part of Operation CyberSweep. . 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

SecureList

DECEMBER 1, 2023

However, they included an additional module that constantly monitored the messenger and sent data to the spyware creator’s C2 server. We recently detected a phishing campaign targeting cargo shipping companies that drops LokiBot. Instead, it tried to exploit the CVE-2017-0199 vulnerability.

Malware 98

Malware Ransomware Encryption Energy and Utilities 98

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware 88

Malware Government Phishing Social Engineering 88

SecureList

NOVEMBER 18, 2022

In another, they were able to compromise a WebLogic server through an exploit for the CVE-2017-10271 vulnerability, which ultimately allowed them to run a script. First, the threat actor sends a spear-phishing email to the potential victim with a lure to download additional documents. The attacks occur in several stages.

Malware 105

Malware Computers and Electronics Adware Cryptocurrency 105

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. For example, an attacker could log in to a victim’s Facebook account and post a phishing link or spread spam. This malware was first spotted in 2017.

Mobile 138

Mobile Malware Adware Banking 138

Security Affairs

JANUARY 10, 2021

Despite this, two of their former employees implanted malicious code into their systems that had the ability to capture every keystroke typed on their systems for two years, between 2015 until 2017, but was only reported upon and made public in December 2020.

Cyber Attacks 87

Cyber Attacks Government Surveillance Software 87