Security Affairs

JUNE 30, 2022

Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. — Harmony (@harmonyprotocol) June 26, 2022. On June 23, 2022 at 11:06:46 AM +UTC, the bridge between Harmony chain and Ethereum experienced multiple exploits. .

Hacking 82

Hacking Social Engineering Cryptocurrency Engineering 82

eSecurity Planet

MARCH 24, 2022

In a blog post detailing its efforts to track and contain the breach, Microsoft described LAPSUS$ as a “large scale social engineering and extortion campaign.” LAPSUS$ has racked up a substantial number of victims — all large organizations with source code and proprietary information to protect. Trade Cyberthreats.

Social Engineering 107

Social Engineering Engineering Data breaches Hacking 107

Security Affairs

MAY 21, 2023

The threat actors publish malicious packages to the PyPI repository and attempt to trick developers into using them using social engineering tricks, such as intentional typos in their names and high version numbers. The repository is a privileged target for threat actors that aim to carry out supply chain attacks aimed at developers.

Social Engineering 84

Social Engineering Malware Cryptocurrency Engineering 84

Security Affairs

JANUARY 24, 2023

Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge. and our private sector partners. ” reads the report published by the FBI.

Social Engineering 71

Social Engineering Engineering Hacking Cryptocurrency 71

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 72

Malware Cybercrime Cryptocurrency Social Engineering 72

Security Affairs

AUGUST 6, 2023

Since Insikt Group’s initial tracking of the group in September 2022, we have observed BlueCharlie engage in several TTP shifts.” ” Since at least December 17, 2022, the group has used a new naming pattern for its domains containing keywords related to information technology and cryptocurrency. .

Phishing 73

Phishing Social Engineering Authentication Cryptocurrency 73

Security Affairs

FEBRUARY 6, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Social Engineering 74

Social Engineering Cryptocurrency Small Business Ransomware 74

CyberSecurity Insiders

MAY 3, 2023

By: Daron Hartvigsen , Managing Director, StoneTurn and Luke Tenery , Partner, StoneTurn When insider threat or insider risk is discussed in a corporate context, often the relevant topics include misconduct , fraud, misuse, or even the idea that insiders can be unwitting accomplices to social engineering exploitation.

Risk 120

Risk Cyber threats Marketing Engineering 120

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 82

Spyware Hacking Malware Social Engineering 82

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 77

Data breaches Cybercrime Firewall Artificial Intelligence 77

Security Affairs

AUGUST 16, 2023

” In January 2022, the Federal Bureau of Investigation (FBI) published a public service announcement (PSA) to warn that cybercriminals are using QR codes to steal their credentials and financial info. Especially if it’s embedded into a PNG or PDF file.

Phishing 81

Phishing Energy and Utilities Insurance Manufacturing 81

Security Affairs

MARCH 27, 2023

Introduction During March 2023, we obtained information and data regarding an ongoing malware operation hitting more than 8.000 targets within a few weeks, with a particular emphasis on North American, Italian, and French targets. The CrashedTech Loader The “KiffAppE2.exe” exe” file is worth mentioning because it works as a secondary loader.

Malware 78

Malware Social Engineering Encryption Marketing 78

Malwarebytes

MAY 21, 2023

Upon its launch in November 2022, tech enthusiasts quickly jumped at the shiny new disruptor, and for good reason: ChatGPT has the potential to democratize AI, personalize and simplify digital research, and assist in both creative problem-solving and tackling “busywork.” Enter: ChatGPT.

Cybersecurity 77

Cybersecurity Artificial Intelligence Social Engineering Engineering 77

SecureWorld News

DECEMBER 29, 2021

However, this is not just another nameless, faceless piece of litigation; this one specifically names the company's Chief Information Security Officer. A group of investors filed the suit which specifically calls out SolarWinds, its former CEO, and also Tim Brown, who is VP of Security and CISO. billion in cryptocurrency.

Cybersecurity 79

Cybersecurity Ransomware Hacking CISO 79