Security Affairs

NOVEMBER 25, 2020

Business Email Compromise (BEC) is a type of email phishing attack that relies on social engineering. As part of BEC, phishing emails can target particular people within an organization or sent out en masse. 2 Sample of the TMT’s phishing email. The attackers use Gammadyne Mailer and Turbo-Mailer to send out phishing emails.

Cybercrime 126

Cybercrime Phishing Social Engineering Spyware 126

Security Affairs

APRIL 21, 2020

Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. To do this, the spyware creates different threads and timer functions in the main function. The attacks aim at infecting victims with the infamous Agent Tesla info-stealer malware.

Spyware 102

Spyware Manufacturing Malware Engineering 102

Hot for Security

JUNE 18, 2021

A recent phishing campaign targeting Windows machines is attempting to infect users with one of the most recent versions of the Agent Tesla remote access Trojan (RAT). Active for over seven years, Agent Tesla has been used frequently in phishing campaigns seeking to steal user credentials, passwords and sensitive information.

Phishing 52

Phishing Malware Spyware Software 52

SecureList

MARCH 25, 2021

Starting with the second half (H2) of 2019, we observed a decline in the percentages of ICS computers on which malicious objects were blocked. In comparison, this trend was observed in 7% of countries in 2019, and the same was seen in H1 2020 compared to H2 2019. in H2 compared to H1, 2019 vs 2020 (download 1 , 2 ).

Ransomware 91

Ransomware Spyware Internet Internet 91

Security Affairs

APRIL 21, 2019

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise. CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor. Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading. Google is going to block logins from embedded browsers against MitM phishing attacks. Code execution – Evernote.

Computers and Electronics 61

Computers and Electronics Spyware Data breaches Advertising 61

Security Boulevard

MAY 3, 2021

The personal information of 11 million UK Facebook profiles were been found on a hackers website , with the social media giant seemingly dismissing the significance of the data within a statement, " This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019".

Ransomware 124

Ransomware Passwords Scams Government 124

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. If you look at the dynamics of attacks on mobile users in 2020, you will see that the average monthly number of attacks decreased by 865,000 compared to 2019. Country*. %**.

Mobile 138

Mobile Malware Adware Banking 138

The Last Watchdog

MAY 2, 2019

I had the chance at RSA 2019 to discuss the SMB security landscape at length with Gill. In 2018, attackers shifted their focus to refining and deploying banking trojans, which essentially act as spyware. So far in 2019, we’re seeing another shift back to ransomware, Gill told me.

Risk 182

Risk Cyber Risk Cyber threats Banking 182

Security Affairs

OCTOBER 27, 2019

Swedish Government grants police the use of spyware against violent crime suspects. Spear-phishing attacks target United Nations and NGOs. CVE-2019-11043 exposes Web servers using nginx and PHP-FPM to hack. Exploring the CPDoS attack on CDNs: Cache Poisoned Denial of Service. Robots at HIS Group are vulnerable to hack.

Spyware 41

Spyware Advertising Hacking DDOS 41

SecureList

NOVEMBER 1, 2022

The victims are targeted with spear-phishing emails that trick them into mounting a malicious ISO file and double-clicking an LNK, which starts the infection chain. In 2019, SoleDragon was also deployed through Skype. In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals.

Malware 142

Malware Ransomware Spyware Encryption 142

SecureList

AUGUST 30, 2023

Tomiris employs a wide variety of attack vectors: spear-phishing, DNS hijacking, exploitation of vulnerabilities (specifically ProxyLogon ), suspected drive-by downloads, and other “creative” methods. Using a number of vulnerabilities in iOS, the attachment is executed and installs spyware. Meet the GoldenJackal APT group.

Malware 78

Malware Spyware Cryptocurrency Government 78

Identity IQ

MAY 7, 2021

It’s one of the fastest-growing cybersecurity threats today, growing a staggering 300% since 2019 and leading to consumer losses of $3.5 Research by Verizon has shown that a third of all breaches in the past year involved phishing scams. Spyware can be loaded onto your machine to log all your keystrokes.

Accountability 105

Accountability Data breaches Passwords Social Engineering 105

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware: the most likely COVID-19 payload.

Phishing 104

Phishing Malware Spyware DDOS 104

Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool.

Phishing 56

Phishing Spyware Banking Malware 56

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM). Pierluigi Paganini.

Spyware 102

Spyware Malware Cybercrime Hacking 102

eSecurity Planet

FEBRUARY 16, 2021

Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. Additional features of botnets include spam, ad and click fraud, and spyware. During the 2019 holiday season, the Barracuda research team analyzed 4,200 Android apps related to shopping, Santa, and games.

Malware 104

Malware Adware Spyware Antivirus 104

BH Consulting

NOVEMBER 15, 2022

He argued that security works when it costs €100,000 for spyware to hack into a politician’s iPhone. Even small details like using financial hooks as part of a phishing awareness campaign can come across as poor taste at a time of rising consumer prices, she said. “Creating exploits for modern operating systems today is hard.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

SecureList

MAY 27, 2022

Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. Other malware.

Phishing 110

Phishing Spyware Firmware Malware 110

Malwarebytes

MAY 10, 2023

Just check out the following stats from last year: 18 percent of clicked phishing emails in 2022 came from a mobile device. Or even scarier—a backdoor could be placed or a nefarious piece of spyware. ” The number of phishing sites targeting mobile has shot up by 50 percent from 2019 to 2021. . And the kicker?

Mobile 62

Mobile Malware Phishing Spyware 62

Digital Shadows

NOVEMBER 10, 2022

The level of sophistication used by attackers to mimic the original domains varied greatly, ranging from low quality, obvious phishing pages to more refined efforts mimicking animations and logos. pro is flagged as a phishing domain by multiple security providers. Among these pages, a notable example was the qatar2022[.]pro

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Don’t worry though. Common types. Ransomware.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Security Affairs

MARCH 12, 2019

At the beginning of 2019, Electronic Arts released a game for PC, XBox One and Playstation 4 named Apex Legends. Malware authors created well-designed fake web pages, replicating all the graphics of the game misleading the user to download the app, as shown in the following image: Figure 1:fake/phishing Apex Legends web page.

Spyware 81

Spyware Mobile Malware Phishing 81

CyberSecurity Insiders

JANUARY 31, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms. Don’t worry though. Common Types of Malware. Ransomware.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Threatpost

FEBRUARY 5, 2020

A high-severity vulnerability could allow cybercriminals to push malware or remotely execute code, using seemingly innocuous messages.

Malware 82

Malware Cyber Attacks Spyware Phishing 82

Security Affairs

MAY 19, 2020

Spear-phishing is a rapidly emerging threat. It’s more specific than generic phishing attempts and often targets a single person or company. Data from Barracuda cybersecurity researchers identified a 667% increase in spear-phishing attacks between the end of February and the following month.

Energy and Utilities 98

Energy and Utilities Phishing Advertising Spyware 98

Security Affairs

DECEMBER 5, 2021

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency warns of ransomware attacks over Christmas holidays Cuba ransomware gang hacked 49 US critical infrastructure organizations CISA warns of vulnerabilities in Hitachi Energy products NSO Group spyware used to compromise iPhones of 9 US State Dept officials (..)

Spyware 84

Spyware Ransomware Hacking VPN 84

SecureList

NOVEMBER 10, 2021

With millions of new users on streaming platforms, cyberattackers have recognized this heightened demand and seek to take advantage of it by distributing streaming phishing scams and spreading malware under the guise of users’ favorite shows. An example of a phishing page offering to stream Money Heist. Methodology.

Phishing 100

Phishing Accountability Malware Adware 100

Security Affairs

AUGUST 16, 2020

gun exchange site on hacking forum Threat Report Portugal: Q2 2020 Emotet malware employed in fresh COVID19-themed spam campaign PoC exploit code for two Apache Struts 2 flaws available online XCSSET Mac spyware spreads via Xcode Projects. Every week the best security articles from Security Affairs free for you in your email box.

Spyware 58

Spyware Hacking Advertising Passwords 58

Google Security

JULY 27, 2023

Maddie Stone, Security Researcher, Threat Analysis Group (TAG) This is Google’s fourth annual year-in-review of 0-days exploited in-the-wild [ 2021 , 2020 , 2019 ] and builds off of the mid-year 2022 review. In the past we have sometimes counted them as 0-days: CVE-2019-2215 and CVE-2021-1048.

Spyware 91

Spyware Manufacturing Internet Internet 91

SecureList

NOVEMBER 18, 2022

First, the threat actor sends a spear-phishing email to the potential victim with a lure to download additional documents. The attackers gained access to the enterprise network using carefully crafted phishing emails. The attacks occur in several stages. million in a similar attack by the Prilex malware.

Malware 105

Malware Computers and Electronics Adware Cryptocurrency 105

Security Affairs

JANUARY 10, 2021

It is a great question, particularly when you consider that $167 Billion was spent on Cybersecurity in 2019 and this is predicted to increase to $248 Billion by 2023 [Source: Forbes ]. The company lies just outside the leading DAX share index with turnover of over €3.4Billion in 2019.

Cyber Attacks 88

Cyber Attacks Government Surveillance Software 88

SC Magazine

APRIL 6, 2021

Among phishing schemes to emerge recently is one targeting university students with promises of tax refunds. While this observed behavior is similar to a 2019 campaign targeting employees of U.S. Scammers target.edu addresses with IRS-themed phish. Photo by Chip Somodevilla/Getty Images). And last week, the U.S.

Phishing 77

Phishing Social Engineering Identity Theft Media 77

Herjavec Group

AUGUST 26, 2021

Justice Department announces more than 70 indictments and 125 convictions or arrests for phishing, hacking, spamming and other Internet fraud as part of Operation CyberSweep. . 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

SecureList

SEPTEMBER 26, 2022

NullMixer is a dropper that includes more than just specific malware families; it drops a wide variety of malicious binaries to infect the machine with, such as backdoors, bankers, downloaders, spyware and many others. The malware is known to be sold on online forums, and distributed via phishing emails. NullMixer execution chain.

Malware 114

Malware Cryptocurrency Passwords Software 114