Security Affairs

MAY 4, 2023

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook.

Malware 89

Malware Accountability Advertising Education 89

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Accountability 98

Accountability Government Phishing Authentication 98

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 90

Identity Theft Accountability DDOS Cybercrime 90

Security Affairs

FEBRUARY 17, 2022

Attackers compromise Microsoft Teams accounts to attach malicious executables to chat and spread them to participants in the conversation. Starting in January 2022, security researchers from Avanan observed attackers compromising Microsoft Teams accounts attach malicious executables to chat and infect participants in the conversation.

Malware 139

Malware Phishing Accountability Data breaches 139

Security Affairs

MAY 21, 2024

pic.twitter.com/5OUODUt3fu — Dominic Alvieri (@AlvieriD) May 20, 2024 The gang claims to have stolen 730GB of data from ATLAS, including Corporate data: Accounts, HR, Finance, Executive, department data, and users and employees’ data. Sunoco is the largest at 8 billion gallons.

Hacking 122

Hacking Ransomware Phishing Malware 122

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported.

Accountability 85

Accountability Phishing Financial Services Surveillance 85

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware 105

Malware Banking Phishing Engineering 105

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 96

Malware Encryption Telecommunications Authentication 96

Security Affairs

MARCH 11, 2023

A new version of the Prometei botnet has infected more than 10,000 systems worldwide since November 2022, experts warn. Cisco Talos researchers reported that the Prometei botnet has infected more than 10,000 systems worldwide since November 2022. Russia only accounted for 0.31 ” reads the post published by Cisco Talos.

Firewall 96

Firewall Malware Hacking Accountability 96

Security Affairs

FEBRUARY 10, 2023

A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. The experts first spotted the attacks attributed to this threat actor in October 2022, they believe that the group is financially motivated.

Malware 78

Malware Phishing Spyware Cybercrime 78

Security Affairs

JULY 29, 2022

Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft researchers discovered that the FakeUpdates malware was being distributed via Raspberry Robin malware. The malware uses TOR exit nodes as a backup C2 infrastructure.

Malware 103

Malware Backups Manufacturing Accountability 103

Approachable Cyber Threats

DECEMBER 13, 2022

The 2022 update to our research on the perception of data breach causes that’s helped organizations re-evaluate how they are at risk for a data breach instead of what feels right. In their 2021 report, Social Engineering and Basic Web Application Attacks accounted for over 50% of all breach events. Keep reading to find out more!

Data breaches 106

Data breaches Social Engineering Engineering Phishing 106

Security Affairs

SEPTEMBER 23, 2022

Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers are warning of a hacking campaign targeting the CVE-2022-24086 Magento 2 vulnerability. The CVE-2022-24086 has received a CVSS score of 9.8 reads the advisory published by Adobe.

Media 72

Media Hacking Malware Accountability 72

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. ” reads the report published by Elastic Security Labs.

Malware 83

Malware Cybercrime Banking Software 83

Security Affairs

APRIL 26, 2023

PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. This circumstance suggests that the threat actor is reusing existing source code to create new malware. org over port 8443 for C2.

Malware 91

Malware Telecommunications Government VPN 91

Security Affairs

JANUARY 22, 2023

Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors using an updated variant of their mobile malware Wroba to compromise Wi-Fi routers and hijack DNS settings. Agent.eq (a.k.a

DNS 87

DNS Mobile Malware Hacking 87

Security Affairs

FEBRUARY 17, 2024

Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to his key roles in the Zeus and IcedID malware operations. Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software.

Malware 86

Malware Cybercrime Banking Hacking 86

Security Affairs

APRIL 6, 2022

Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts.

Accountability 95

Accountability Phishing Passwords Hacking 95

Security Affairs

APRIL 23, 2024

The state-sponsored hackers hacked into the subcontractors of defense companies by exploiting vulnerabilities in the targeted systems and deployed malware. “North Korean hacking organizations sometimes infiltrated defense companies directly, and their security is relatively low.

Hacking 77

Hacking Malware Accountability Technology 77

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The trojan can run on both ARM and x86 architectures.

Malware 78

Malware Social Engineering Architecture Education 78

Security Affairs

MAY 30, 2024

Since 2011, Wang and his co-conspirators had been distributing malware through malicious VPN applications, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. The FBI has published information at fbi.gov/911S5 to help identify and remove 911 S5’s VPN applications from your devices or machines.

VPN 83

VPN Cryptocurrency Malware Software 83

Security Affairs

APRIL 20, 2023

North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation DreamJob (aka DeathNote or NukeSped ) that employed Linux malware. ” concludes the report.

Malware 92

Malware Social Engineering Education Media 92

eSecurity Planet

JUNE 7, 2022

They earned the highest score among providers named "Customer's Choice" in Gartner's 2022 "Voice of the Customer” Security Awareness Computer-Based Training report. Application security, information security, network security, disaster recovery, operational security, etc.

Cybersecurity 124

Cybersecurity Identity Theft Encryption Antivirus 124

Security Affairs

NOVEMBER 23, 2021

Malware authors are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on Sunday. Now Cisco Talos experts announced to have already detected malware samples in the wild that are attempting to exploit this vulnerability. Pierluigi Paganini.

Malware 98

Malware Accountability Hacking Information Security 98

Security Affairs

APRIL 28, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Companies and Government Agencies ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices Israel Tried to Keep Sensitive Spy Tech Under Wraps.

Cybercrime 90

Cybercrime Spyware Data breaches Antivirus 90

Security Affairs

AUGUST 15, 2022

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The malware has been active since 2021 and evolves over time. In March 2022, SOVA authors released version 3.0 The latest version of the SOVA Trojan, 5.0, The latest version of the SOVA Trojan, 5.0,

Encryption 97

Encryption Malware Banking Ransomware 97

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance 85

Surveillance Malware Authentication DNS 85

Security Affairs

NOVEMBER 2, 2022

In Q3 2022, Kaspersky researchers uncovered a previously undocumented Android spyware, dubbed SandStrike, employed in an espionage campaign targeting the Persian-speaking religion minority, Bahá?í. The social media accounts were used to spread a link to a Telegram channel created to distribute the seemingly harmless VPN application.

Spyware 97

Spyware Malware VPN Accountability 97

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. banking Trojan and was used to spread Zeus-like banking trojan (i.e. Zeus OpenSSL).

Malware 128

Malware Banking Software Cybercrime 128

Security Affairs

MAY 1, 2023

Infoblox researchers discovered a new sophisticated malware toolkit, dubbed Decoy Dog, targeting enterprise networks. While analyzing billions of DNS records, Infoblox researchers discovered a sophisticated malware toolkit, dubbed Decoy Dog, that was employed in attacks aimed at enterprise networks.

Malware 70

Malware DNS Education Media 70

Security Affairs

DECEMBER 24, 2022

The campaign has been active since at least September 2022, most of the infections have been observed in Argentina (34,8%), followed by Australia (23,2%). “We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.” exe, and rundll32.exe.

Government 87

Government Malware Telecommunications Cybercrime 87

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity. continues the report.

Surveillance 73

Surveillance Malware Spyware Education 73

Cisco Security

DECEMBER 22, 2022

In part two, we are going deep with security: Integrating Security. Automated Account Provisioning, by Adi Sankar. Integrating Meraki Scanning Data with Umbrella Security Events, by Christian Clasen. Integrating Security. Cisco Umbrella : DNS visibility and security.

DNS 71

DNS Malware Accountability Wireless 71

Security Affairs

JUNE 20, 2022

The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented more features to make their attacks stealthy. “TAs are modifying their code in order to tailor their malware on specific banking institutions.

Malware 91

Malware Banking Antivirus Phishing 91

Security Affairs

APRIL 13, 2023

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware.

Malware 91

Malware Mobile Education Media 91

Cisco Security

MAY 27, 2022

In part one of our Black Hat Asia 2022 NOC blog , we discussed building the network with Meraki: . Malware Threat Intelligence made easy and available, with Cisco Secure Malware Analytics and SecureX by Ben Greenbaum . Secure Endpoint for iOS/Security Connector . In this part two, we will discuss: .

Malware 72

Malware Accountability DNS Technology 72

Security Affairs

APRIL 5, 2023

The eFile.com online service, which is authorized by the US Internal Revenue Service (IRS), was spotted serving malicious malware to visitors. eFile.com , the personal online tax preparation and e-file service authorized by the US Internal Revenue Service (IRS), was spotted serving malware to visitors.

Malware 75

Malware Education Media Internet 75