Security Affairs

JANUARY 2, 2021

Below the list of the top stories of 2020. December 21 – SUPERNOVA, a backdoor found while investigating SolarWinds hack. While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. SecurityAffairs – hacking, Top stories 2020).

Firewall 104

Firewall VPN Hacking Accountability 104

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Hacking 116

Hacking Ransomware Manufacturing Healthcare 116

Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. 45% of breaches involved Hacking. 22% involved phishing. Phishing is usually going after credentials, but stealing money is continues to rise in popularity. Hacking, social, and malware have fallen the most.

Data breaches 130

Data breaches Phishing Malware Hacking 130

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Threat Report Portugal: Q3 2020 compiles data collected on the malicious campaigns that occurred from July to August, Q3, of 2020. Phishing and Malware Q3 2020.

Threat Reports 81

Threat Reports Phishing Malware Banking 81

Security Affairs

DECEMBER 20, 2020

This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. Russia-link cyberespionage APT28 leverages COVID19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. SecurityAffairs – hacking, Coronavirus). Pierluigi Paganini.

Malware 106

Malware Phishing Hacking Information Security 106

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts. Energy China [link] TL;DR That's huuuge!

Ransomware 112

Ransomware Hacking Engineering Manufacturing 112

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking 82

Hacking Government Phishing Malware 82

Security Affairs

OCTOBER 22, 2020

According to the ENISA Threat Landscape Report 2020, cyberattacks are becoming more sophisticated, targeted, and in many cases undetected. I’m proud to present the ENISA Threat Landscape Report 2020 , the annual report published by the ENISA that provides insights on the evolution of cyber threats for the period January 2019-April 2020.

Cyber threats 100

Cyber threats Digital transformation Advertising IoT 100

Security Affairs

OCTOBER 24, 2021

Microsoft uncovered an extensive series of credential phishing campaigns that employed a custom phishing kit tracked as TodayZoo. Microsoft researchers uncovered a custom phishing kit, dubbed TodayZoo, that was used in an extensive series of credential phishing campaigns. com domain to send the phishing messages.

Phishing 109

Phishing Passwords Hacking Accountability 109

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. Data that emerged from the report are worrisome, in 2020 the reported losses exceeded $4.2 ” reads 2020 Internet Crime Report. billion in losses.

Internet 102

Internet Internet Scams Identity Theft 102

Security Affairs

NOVEMBER 25, 2020

Group-IB , a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. In June 2020, REvil started auctioning stolen data.

Banking 125

Banking Ransomware Phishing Marketing 125

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware 105

Ransomware Hacking Manufacturing Healthcare 105

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Phishing 103

Phishing Social Engineering Government Accountability 103

Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. SecurityAffairs – hacking, SideWinder).

Encryption 94

Encryption Malware Phishing Hacking 94

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 127

Engineering VPN Accountability Software 127

Security Affairs

AUGUST 12, 2021

Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft revealed that a year-long spear-phishing campaign has targeted Office 365 customers in multiple attacks starting with July 2020. SecurityAffairs – hacking, cybercrime).

Phishing 113

Phishing Passwords Encryption Cybercrime 113

Security Affairs

JANUARY 21, 2021

Bad ops of operators of a phishing campaign exposed credentials stolen in attacks and made them publicly available through Google queries. . Check Point Research along with experts from cybersecurity firm Otorio shared details on their investigation into a large-scale phishing campaign that targeted thousands of global organizations.

Phishing 116

Phishing Passwords Manufacturing Healthcare 116

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. MalwareHunterTeam experts have identified a new Coronavirus phishing campaign that aims at delivering the Netwalker Ransomware. Coronavirus-themed attacks March 15 – March 21, 2020. Pierluigi Paganini.

Scams 102

Scams Mobile Advertising Malware 102

Security Affairs

OCTOBER 2, 2022

German police arrested one individual suspected of having stolen €4 million from users via large-scale phishing campaigns. Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected. Pierluigi Paganini.

Phishing 86

Phishing Banking DDOS Accountability 86

Security Affairs

SEPTEMBER 20, 2021

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . SecurityAffairs – hacking, phishing).

Phishing 85

Phishing Government Cybercrime Hacking 85

Security Affairs

JUNE 14, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Below a list of attacks detected between May 31 and June 13, 2020. June 4, 2020 – North Atlantic Council is warning of malicious cyber activities during COVID-19 pandemic. SecurityAffairs – Coronavirus, hacking).

Advertising 79

Advertising Phishing Government Hacking 79

Security Affairs

APRIL 19, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 12 to April 18, 2020. PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Coronavirus-themed attacks April 05 – April 11, 2020. adrotate banner=”9″].

Scams 101

Scams Malware Phishing Surveillance 101

Security Affairs

SEPTEMBER 23, 2021

Microsoft uncovered a large-scale phishing-as-a-service operation, dubbed BulletProofLink, that enabled threat actors to easily carry out malicious campaigns. BulletProofLink service was very cheap and allowed threat actors to arrange phishing campaigns without specific technical capabilities. ” concludes Microsoft.

Phishing 82

Phishing Cybercrime Advertising Hacking 82

Security Affairs

JANUARY 5, 2024

The group uses multiple attack vectors to gain access to victim networks, including RDP exploitation, SonicWall firewall vulnerabilities exploitation, and phishing attacks. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware 98

Ransomware Hacking Encryption Malware 98

Security Affairs

MAY 17, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 10 to May 16, 2020. Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Coronavirus-themed attacks April 26 – May 02, 2020. Pierluigi Paganini.

Advertising 68

Advertising Healthcare Phishing Scams 68

Security Affairs

APRIL 5, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 29 to April 04, 2020. March 30, 2020 – Your colleague was infected with COVID19, this is the latest phishing lure. Coronavirus-themed attacks March 15 – March 21, 2020. Below a list of attacks detected this week.

Advertising 91

Advertising Phishing Malware Cybercrime 91

Security Affairs

JUNE 19, 2021

Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ? At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information of their TTPs and infrastructure. SecurityAffairs – hacking, North Korea).

Hacking 139

Hacking VPN Internet Internet 139

Security Affairs

MARCH 22, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 15 to March 21, 2020. March 21, 2020 – New Coronavirus-themed attack uses fake WHO chief emails. Day after day the number of COVID19-themed attacks increases, fraudsters have launched a phishing campaign to deliver on users’ PC.

Advertising 96

Advertising Cybercrime Scams Phishing 96

Security Affairs

NOVEMBER 18, 2020

The Chaes malware was first spotted in the middle to late 2020 by Cybereason researchers, it is a multistage information stealer that focuses on Brazilian customers of MercadoLivre, the largest e-commerce company in Latin America. SecurityAffairs – hacking, malware). SecurityAffairs – hacking, malware).

Phishing 109

Phishing Malware Cryptocurrency Information Security 109

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 96

Phishing Advertising Cryptocurrency Encryption 96

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. Coronavirus-themed attacks March 22 – March 28, 2020. SecurityAffairs – phishing, coronavirus). xlsm ” file and bring it with them to the nearest testing center.

Phishing 134

Phishing Advertising Cryptocurrency Malware 134

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware 133

Ransomware Hacking Malware Encryption 133

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. In early 2020, several cybercriminals groups followed suit.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 13, 2021

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Phishing 81

Phishing Malware Accountability Risk 81

Security Affairs

SEPTEMBER 11, 2020

National Counterintelligence and Security Center (NCSC) William Evanina shared information on ongoing operations aimed at influencing the 2020 US election. In recent months, the group carried out brute force attacks and password spray, instead of spear-phishing, likely to automate their operations. Pierluigi Paganini.

Accountability 74

Accountability Advertising Government Hacking 74

Security Affairs

MAY 17, 2024

The experts speculate the Lunar toolset has been employed since at least 2020. However, evidence suggests possible spear-phishing and exploitation of misconfigured Zabbix network and application monitoring software. The experts also spotted spear-phishing messages, including a weaponized Word document installing a LunarMail backdoor.

Phishing 120

Phishing Software Government Malware 120

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. McAfee researchers believe that the NetWalker ransomware operators continue to be very active, the gang is believed to have earned more than $25 million since March 2020. reads the alert.

Ransomware 74

Ransomware VPN Cybercrime Advertising 74