Digital Shadows

FEBRUARY 22, 2023

Let’s focus attention on three key areas that have seen significant changes: state-sponsored activity, cybercrime, and hacktivism. Russian-government–backed APT groups have waged a range of cyber attacks against Ukrainian targets since the beginning of 2022. The war continues, and so do its effects on cybersecurity.

Cyber threats 96

Cyber threats Cybercrime Cyber Attacks DDOS 96

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. The attackers study their victims carefully and use the information they find to frame social engineering attacks. Subsequently, DDoS attacks hit some government websites. Non-mobile statistics. Mobile statistics.

Phishing 110

Phishing Spyware Firmware Malware 110

eSecurity Planet

APRIL 22, 2022

Other cyber incidents are common, including phishing attacks , business email compromise, exploitation of cloud and software vulnerabilities , social engineering , third-party exposures, and more. It hosts Cybercrime Spotlight webinars on emerging cyber threats and the most effective controls to prevent them.

Cyber Insurance 117

Cyber Insurance Insurance Marketing Small Business 117

SecureList

APRIL 27, 2022

This is our latest installment, focusing on activities that we observed during Q1 2022. Subsequently, DDoS attacks hit several government websites. In late February 2022, we identified two archives submitted from network addresses in Ukraine to an online multi-scanner service. We named this malware Elections GoRansom.

Malware 135

Malware Firmware Government Phishing 135

Krebs on Security

MARCH 23, 2022

Microsoft and identity management platform Okta both this week disclosed breaches involving LAPSUS$ , a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish it unless a ransom demand is paid. “The world is full of targets that are not used to being targeted this way.”

Social Engineering 295

Social Engineering Accountability Mobile Passwords 295

Security Affairs

APRIL 28, 2022

Cybercrime gang FIN7’s badUSB attacks serve as a reminder of two key vulnerabilities present among all organizations. Social engineering is a prerequisite to almost all cyberattacks. As FIN7 demonstrated, it was because of social engineering that the attacks were successful.

Social Engineering 86

Social Engineering Engineering Insurance DDOS 86

SecureList

APRIL 13, 2023

RapperBot: “intelligent brute forcing” RapperBot, based on Mirai (but with a different C2 command protocol), is a worm infecting IoT devices with the ultimate goal to launch DDoS attacks against non-HTTP targets. We observed the first sample in June 2022, when it was targeting SSH and not Telnet services. Evades EDR/AV.

Malware 104

Malware Engineering Advertising Phishing 104

SecureList

SEPTEMBER 11, 2023

Introduction Knowledge is our best weapon in the fight against cybercrime. The gang infamously uses complex tactics and techniques to penetrate victim networks, such as exploitation of software vulnerabilities and social engineering. The model became widespread after the LockBit gang got DDoS’ed , possibly by a victim.

Ransomware 135

Ransomware Encryption Malware DDOS 135

eSecurity Planet

NOVEMBER 2, 2022

billion malware attacks worldwide in just the first half of 2022. Read Top Endpoint Detection & Response (EDR) Solutions in 2022. Social engineering attacks soon found use in the digital space. Read More: Top Secure Email Gateway Solutions for 2022. The Rise of Ransomware: 2011-2022.

Malware 140

Malware Ransomware Antivirus Internet 140

eSecurity Planet

OCTOBER 21, 2022

Since 2008, antivirus and cybersecurity software testers AV-TEST have kept track of the number of newly-developed malware worldwide, totaling at nearly 1 billion as of September 2022. An August 2022 Statista report counted 2.8 billion malware attacks worldwide in the first half of 2022 alone.

Malware 75

Malware Adware Spyware Antivirus 75

Malwarebytes

MAY 21, 2023

Upon its launch in November 2022, tech enthusiasts quickly jumped at the shiny new disruptor, and for good reason: ChatGPT has the potential to democratize AI, personalize and simplify digital research, and assist in both creative problem-solving and tackling “busywork.” Enter: ChatGPT.

Cybersecurity 77

Cybersecurity Artificial Intelligence Social Engineering Engineering 77

SecureList

JULY 27, 2023

Killnet, led by a person nicknamed “KillMilk”, is one of the leaders of the hacktivist movement that uses DDoS as a means of disruption. The operations date back to at least May 2022, and malicious infrastructure analysis indicates possible operations starting in 2021. This campaign remained active until March 2023.

Malware 88

Malware Government Phishing Social Engineering 88

SecureList

NOVEMBER 14, 2023

In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. To sum up, although we did not see the same volume as we had in 2022, clearly there were some significant attacks. Verdict: prediction fulfilled ✅ 8.

Hacking 109

Hacking Energy and Utilities Media Malware 109