Security Affairs

NOVEMBER 25, 2021

The campaign was first spotted in mid-September 2021 by ShadowChasing. aspx pic.twitter.com/fHsgAshCNc — Shadow Chaser Group (@ShadowChasing1) September 15, 2021. The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. docx URL: hxxp://hr.dedyn.io/word.html

Surveillance 90

Surveillance Social Engineering Cybercrime Phishing 90

SecureList

NOVEMBER 17, 2021

Let’s start by looking at the predictions we made for 2021. Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. A very interesting campaign orchestrated by APT31 surfaced in 2021. One of the most iconic cyber-events of 2021 was the ransomware attack on Colonial Pipeline.

Mobile 139

Mobile Surveillance Ransomware Government 139

Krebs on Security

MARCH 29, 2022

In a blog post about their recent hack, Microsoft said LAPSUS$ succeeded against its targets through a combination of low-tech attacks, mostly involving old-fashioned social engineering — such as bribing employees at or contractors for the target organization. In July 2021, a bipartisan group of U.S.

Accountability 275

Accountability Government Hacking Social Engineering 275

SecureList

APRIL 27, 2021

This is our latest installment, focusing on activities that we observed during Q1 2021. In parallel, Volexity also reported the same Exchange zero-days being in use in early 2021. The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East.

Malware 143

Malware Spyware Government Social Engineering 143

SecureList

APRIL 27, 2022

We also identified two samples developed in December 2021 containing test strings and preceding revisions of the ransom note observed in Microsoft’s shared samples. One of the identified samples was compiled on December 28, 2021, suggesting that this destructive campaign had been planned for months. … ?????? ??????!!!

Malware 137

Malware Firmware Government Phishing 137

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. AI-Powered Cybercrime Despite the advancements in using AI to improve security, cybercriminals also have access to AI and LLMs.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

SecureList

OCTOBER 26, 2021

This is our latest installment, focusing on activities that we observed during Q3 2021. This activity seems to have continued and stretched into 2021, when we spotted a set of recent attacks using the same techniques and malware to gain a foothold in diplomatic organizations based in Central Asia. The most remarkable findings.

Malware 144

Malware Government Surveillance Spyware 144