Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 98

Malware Phishing DNS Cybercrime 98

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. 2018 was characterized by significant changes in the cyber threat landscape especially for TTPs associated with threat agent groups.

Cyber threats 82

Cyber threats IoT Social Engineering Advertising 82

Security Affairs

AUGUST 16, 2021

The US FINRA warns US brokerage firms and brokers of an ongoing phishing campaign impersonating its representatives to steal sensitive info. The US Financial Industry Regulatory Authority (FINRA) is warning US brokerage firms and brokers of an ongoing phishing campaign. finrar-reporting[.]org, org, finpro-finrar[.]org,

Phishing 111

Phishing Internet Internet Hacking 111

CyberSecurity Insiders

OCTOBER 6, 2021

Twitch, the American online streaming platform, was reportedly hacked by an anonymous hacker last month who now claims to leak over 100GB data online to disrupt the future business plans of the victimized company further. The post Twitch hacked, and 100GB data stolen appeared first on Cybersecurity Insiders.

Hacking 112

Hacking Identity Theft Cyber Attacks Passwords 112

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, malware)

Malware 97

Malware Phishing Spyware Cyber threats 97

Security Affairs

APRIL 15, 2020

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. The growing demand for phishing kits is also reflected in its price that skyrocketed last year by 149 percent and exceeded $300 per item.

Phishing 100

Phishing Marketing Advertising Cyber threats 100

The Last Watchdog

JUNE 21, 2020

RaaS rollout 2015 – 2018. The GandCrab RaaS that appeared in early 2018 was one of the last high-profile threats targeting individuals on a large scale. It vanished from the radar in June 2018, when the ransomware plague took another sharp turn. Targeting enterprises Late 2018 – present day.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Dark Reading

NOVEMBER 30, 2018

Tis the season for holiday crafted phishes, scams, and a range of cyberattacks. Experts list the hottest holiday hacks for 2018.

Hacking 108

Hacking Scams Phishing 108

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait.

Phishing 89

Phishing Scams Accountability Energy and Utilities 89

Security Affairs

JULY 20, 2018

Microsoft helped the US Government is protecting at least three 2018 midterm election candidates from attacks of Russian cyberspies. Microsoft revealed that Russian cyberspies attempted to hack at least three 2018 midterm election candidates and it has helped the US government to repeal their attacks. ” Burt added.

Phishing 43

Phishing Advertising Government Hacking 43

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

SC Magazine

FEBRUARY 17, 2021

Charges against one of the three were first brought in 2018. The Department of Justice has unsealed an indictment against three members of Lazarus Group for a wide range of financially-motivated hacks against private businesses that authorities said were designed to steal $1.3 Mario Tama/Getty Images).

Hacking 103

Hacking Cryptocurrency Banking Malware 103

Hacker Combat

SEPTEMBER 6, 2021

A statement from the SEC read as follows: “According to SEC, it has penalized eight companies in three actions for negligence of their cyber protection guidelines and procedures that stimulated email account hacks exposing personal data of numerous clients and customers in each firm.” . Often, hackers use phishing emails to target employees.

Accountability 100

Accountability Hacking Financial Services Data breaches 100

Security Affairs

JULY 21, 2020

Cybercriminals are increasingly leveraging public cloud services such as Google Cloud Services in phishing campaigns against Office 365 users. Cybercriminals are increasingly abusing cloud services, such as Google Cloud Services, to arrange phishing campaign aimed at stealing Office 365 logins. com” to host the phishing page.

Phishing 86

Phishing Advertising Hacking 86

Heimadal Security

NOVEMBER 22, 2021

It seems that the hacking group started its operations back in 2018, targeting organizations from various industries […]. The post RedCurl Makes a Comeback: They Also Have Updated Hacking Tools appeared first on Heimdal Security Blog.

Hacking 98

Hacking Phishing Cybersecurity 98

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing 97

Phishing Banking Advertising Accountability 97

Security Affairs

MAY 3, 2024

The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. ” Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, APT28) ” reported Trend Micro. ” concludes the report.

Phishing 96

Phishing Cryptocurrency Internet Internet 96

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 357

Phishing VPN Social Engineering Media 357

SiteLock

AUGUST 27, 2021

In fact, website attacks increased 14 percent in Q1 2018 compared to Q4 2017 as cybercriminals set their sights on independent websites and small businesses. The SiteLock Website Security Insider Q1 2018 analyzes data from over 10 million websites to pinpoint the threats website owners need to be aware of.

Small Business 52

Small Business Media Risk Data breaches 52

Adam Levin

JULY 8, 2020

Hackers were also quick to pounce on the disruption caused by the 2018 shutdown of the U.S. ” Hacking campaigns exploiting poor domain name security can be more subtle. A recent domain hijack of Japanese cryptocurrency exchange Coincheck.com was used to spoof the company in a spear-phishing campaign. What Can Be Done?

Hacking 130

Hacking Retail Cyber Insurance Authentication 130

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams 138

Scams Hacking Malware Mobile 138

SecureList

FEBRUARY 9, 2022

Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. Hurry up and lose your account: phishing in the corporate sector. Another noticeable phishing trend targeting the corporate sector was to exploit popular cloud services as bait.

Phishing 64

Phishing Scams Accountability Banking 64

Security Affairs

MARCH 14, 2024

“The phishing campaign employed open redirect URLs from Google Ad technologies to distribute fake Microsoft software installers (.MSI) The attack chain analyzed by the ZDI starts with a phishing message using PDF attachment with a specially crafted link. MSI) installers. ” reads the analysis published by Trend Micro.

Phishing 104

Phishing Malware Software Internet 104

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. This quickly gets intricately technical.

Hacking 212

Hacking Energy and Utilities System Administration Accountability 212

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 64

Artificial Intelligence Government Banking Advertising 64

SecureWorld News

JANUARY 20, 2023

While the financial data of the customers is reportedly safe, the compromised billing details can be aptly exploited by cybercriminals for sophisticated spear phishing attacks aimed, amongst other things, to steal 2FA tokens from other systems. The latest breach is the eighth to hit the company since 2018.

Mobile 83

Mobile Hacking Data breaches Authentication 83

Security Affairs

MARCH 7, 2024

According to the report, in 2023 tech support scams and extortion crimes increased, while phishing, non-payment/non-delivery scams, and personal data breach slightly decreased. Established in 2018, RAT streamlines communications with financial institutions and FBI field offices to facilitate the freezing of funds for victims.”

Cybercrime 108

Cybercrime Internet Internet Scams 108

Security Affairs

APRIL 15, 2022

Threat actors are targeting Ukrainian government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite (CVE-2018-6882). Ukraine’s CERT (CERT-UA) warns of threat actors that are targeting government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite ( CVE-2018-6882 ).

Phishing 82

Phishing Government Accountability Hacking 82

Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020. The affected JD Sports group brands are JD, Size?,

Data breaches 90

Data breaches Retail Passwords Scams 90

Security Affairs

SEPTEMBER 9, 2018

Researchers from Kaspersky have published a new report on the attacks on ICS systems observed by its products in the first half of 2018. Kaspersky Lab experts have published a new report titled “Threat Landscape for Industrial Automation Systems” report for H1 2018, that includes interesting data related to attacks against the ICS systems.

Internet 52

Internet Internet Advertising Malware 52

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

Krebs on Security

AUGUST 30, 2019

But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals. Stamford, Ct. Stamford, Ct.-based

Phishing 214

Phishing Marketing Accountability DNS 214

Security Affairs

OCTOBER 11, 2023

.” Air Europa’s customers are recommended to remain vigilant, threat actors can use the compromised information in spear-phishing attacks and other fraud schemes. In 2021 Air Europa had been fined €600,000 for a data breach that took place in 2018 and that affected 489,000 customers.

Data breaches 106

Data breaches Banking Phishing Hacking 106

Security Affairs

NOVEMBER 17, 2018

A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. “We hacked Protonmail and have a significant amount of their data from the past few months. ProtonMail denied having been hacked that added that this is just a hoax.

Scams 98

Scams Hacking Data collection Advertising 98

Security Affairs

APRIL 30, 2021

The state-sponsored hackers sent spear-phishing messages to a general director working at the Rubin Design Bureau , in Saint Petersburg, which is one of three main Russian centers of submarine design. The spear-phishing messages used a malicious Rich Text File (RTF) document that included descriptions of an autonomous underwater vehicle.

Phishing 131

Phishing Malware Antivirus Encryption 131

CyberSecurity Insiders

AUGUST 31, 2022

It was a well-planned attack conducted by a hacking group named Red Ladon, say experts from the security firm. NOTE 1- In the year 2018, Red Ladon was also seen infecting the election website of Cambodia and tried to target the websites with defacing tactics.

Phishing 133

Phishing Cybersecurity Software Hacking 133

Security Affairs

FEBRUARY 8, 2022

The Roaming Mantis SMS phishing campaign is now targeting Android and iPhone users in Europe with malicious apps and phishing pages. Roaming Mantis surfaced in March 2018 when hacked routers in Japan redirecting users to compromised websites. SecurityAffairs – hacking, Roaming Mantis). ” concludes Kaspersky.

Phishing 86

Phishing DNS Malware Hacking 86