Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 90

Data breaches Malware Mobile Spyware 90

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Analysis of forecasts for 2022. Also of note in 2022 are campaigns impersonating well-known software brands like Notepad++.

Cryptocurrency 92

Cryptocurrency Mobile Ransomware Banking 92

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Spyware 78

Spyware Data breaches Retail Ransomware 78

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 89

Ransomware Hacking Spyware Cybercrime 89

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps.

Spyware 69

Spyware Surveillance Ransomware Hacking 69

SecureList

MARCH 7, 2024

To get access to the content (or contest), phishing sites prompted the victim to sign in to one of their gaming accounts. If the victim entered their credentials on the phishing form, the account was hijacked. The information could later be used to steal both funds from victims’ accounts and their identities.

Phishing 102

Phishing Scams Cryptocurrency Accountability 102

eSecurity Planet

JUNE 16, 2022

Also read: Best Antivirus Software of 2022. The 2022 SonicWall Cyber Threat Report found that all types of cyberattacks increased in 2021. million per incident, according to the World Economic Forum (WEF) Global Cybersecurity Outlook 2022 report, while IBM reports that the number is now $4.24 Cyberattack Statistics.

Backups 145

Backups Ransomware Firewall Malware 145

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform. from the Lympo NTF platform.

VPN 74

VPN Ransomware Spyware DDOS 74

eSecurity Planet

OCTOBER 21, 2022

From ransomware attacks locking businesses out of their data until they pay potentially millions of dollars to spyware tracking users’ every move through their infected device, the effects of malware can be devastating. An August 2022 Statista report counted 2.8 billion malware attacks worldwide in the first half of 2022 alone.

Malware 75

Malware Adware Spyware Antivirus 75

SecureList

SEPTEMBER 26, 2022

NullMixer is a dropper that includes more than just specific malware families; it drops a wide variety of malicious binaries to infect the machine with, such as backdoors, bankers, downloaders, spyware and many others. ColdStealer is a relatively new malicious program that was discovered in 2022. NullMixer execution chain. ColdStealer.

Malware 114

Malware Cryptocurrency Passwords Software 114

SecureList

AUGUST 30, 2023

While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus. The threat actor specifically targeted cryptocurrency companies. We observed that they have a specific interest in cryptocurrency companies.

Malware 78

Malware Spyware Cryptocurrency Government 78

SecureList

NOVEMBER 14, 2023

In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. To sum up, although we did not see the same volume as we had in 2022, clearly there were some significant attacks. Verdict: prediction fulfilled ✅ 8.

Hacking 109

Hacking Energy and Utilities Media Malware 109

Security Affairs

MARCH 27, 2023

The threat actor abused Bitly shortener and an ad hoc BlogSpot account to protect the malicious code, lastly stored in an encrypted zip archive hosted on Mega.nz. The final download link is presented on BlogSpot This particular modus operandi matches a particular threat Kaspersky researchers spotted in September 2022 ( link ): NullMixer.

Malware 78

Malware Social Engineering Encryption Marketing 78

SecureList

DECEMBER 1, 2023

Common TTPs in attacks on industrial organizations In 2022, we investigated a series of attacks against industrial organizations in Eastern Europe. However, they included an additional module that constantly monitored the messenger and sent data to the spyware creator’s C2 server. Inject.aokvy.

Malware 98

Malware Ransomware Encryption Energy and Utilities 98