Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 116

Phishing Accountability Hacking Scams 116

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:?

Phishing 81

Phishing Cybercrime Ransomware Encryption 81

Security Affairs

OCTOBER 11, 2022

Researchers warn of a new phishing-as-a-service (PhaaS) toolkit, called Caffeine, which is being used by cybercriminals. In March 2022, Mandiant researchers discovered threat actors using a shared Phishing-as-a-Service (PhaaS) platform called Caffeine. ” reads the report published by Mandiant.

Phishing 84

Phishing Cybercrime Accountability Advertising 84

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia.

Ransomware 106

Ransomware Hacking Healthcare Retail 106

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. Activision was breached December 4th, 2022.

Hacking 80

Hacking Cybercrime Social Engineering Data breaches 80

Security Affairs

JULY 8, 2022

The operators behind the TrickBot malware are systematically targeting Ukraine since the beginning of the war in February 2022. Between mid-April and mid-June of 2022, the Trickbot group has conducted at least six campaigns against entities in Ukraine. ” concludes IBM. Follow me on Twitter: @securityaffairs and Facebook.

Cybercrime 86

Cybercrime Malware DDOS Ransomware 86

Security Affairs

NOVEMBER 7, 2022

The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. The Robin Banks was first analyzed July 2022, it relies heavily on open-source code and off-the-shelf tooling. ” reads a report published by security firm IronNet.

Banking 86

Banking Phishing DDOS Authentication 86

Security Affairs

NOVEMBER 3, 2022

Further evidence linking the two includes IP addresses and specific TTPs (tactics, techniques, and procedures) used by FIN7 in early 2022 and seen months later in actual Black Basta attacks. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Cybercrime 90

Cybercrime Ransomware Antivirus Malware 90

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. Trezor WARNING: Elaborate Phishing attack. pic.twitter.com/BQSB2uV1JW — Life in DeFi (@lifeindefi) April 3, 2022. We have managed to take the phishing domain offline.

Phishing 108

Phishing Data breaches Cryptocurrency Social Engineering 108

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing 81

Phishing Energy and Utilities Insurance Manufacturing 81

SecureList

NOVEMBER 23, 2021

For example, a popular tactic in spyware attacks is now to send phishing e-mails from compromised corporate mail accounts of a partner organization of the intended victim. The debate about which threats pose the most danger to industrial enterprises often revolves around comparisons between APTs and cybercrime. Current attack vectors.

Spyware 109

Spyware Phishing Cybercrime Energy and Utilities 109

SecureList

NOVEMBER 23, 2021

Unfortunately, despite the best efforts by medical institutions and information security companies, the healthcare industry remains one insufficiently protected and vulnerable to attacks of this kind. Predictions for the year 2022. The medical theme will forever be a popular one for use as bait in cybercrime schemes.

Healthcare 122

Healthcare Ransomware Cybercrime Scams 122

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams 98

Scams Phishing Government Passwords 98

Security Affairs

AUGUST 28, 2022

The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The Python Package Index, PyPI, this week warned of an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to the packages in the repository.

Phishing 79

Phishing Hacking Accountability Cybercrime 79

Security Affairs

MARCH 22, 2023

The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October 2022. During the reporting period, ransomware was the most prominent threat against the sector in 2022. The researchers pointed out that the ransomware attacks doubled compared to the previous year.

Ransomware 79

Ransomware DDOS Cyber threats Phishing 79

Security Affairs

SEPTEMBER 15, 2022

Threat actors are exploiting the death of Queen Elizabeth II as bait in phishing attacks to steal Microsoft account credentials from victims. Researchers from Proofpoint are warning of threat actors that are using the death of Queen Elizabeth II as bait in phishing attacks. The phishing page (hxxps://auth[.]royalqueenelizabeth[.]com/?)

Phishing 81

Phishing Accountability Authentication Technology 81

Security Affairs

NOVEMBER 4, 2022

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 10 th edition of the annual report and analyzes events that took place between July 2021 and July 2022. Cybercrime actors. Hacktivists.

Cyber threats 113

Cyber threats Phishing Social Engineering Ransomware 113

SecureWorld News

JULY 3, 2023

This means that most cyberattacks could be prevented by following simple cybersecurity best practices, such as using strong passwords, updating software, and avoiding phishing emails. Phishing emails are more common than you know. According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it.

Cybercrime 83

Cybercrime Social Engineering Data breaches Education 83

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. ” reads the report. Pierluigi Paganini.

Ransomware 79

Ransomware Financial Services Manufacturing Healthcare 79

Security Affairs

MAY 21, 2024

Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. In November 2022, Sentinel Labs researchers reported having found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7.

Hacking 122

Hacking Ransomware Phishing Malware 122

Security Affairs

MARCH 4, 2023

The dump was released on February 28, it was published through the Russian-speaking cybercrime forum XSS. The decision to release free samples aims at attracting new customers and gain notoriety in the cybercrime ecosystem. BidenCash’ was launched in April 2022 and was considered a low-profile credit card shop.

Cybercrime 76

Cybercrime Identity Theft Scams Banking 76

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” ” reads the report published by Fortinet.

Cybercrime 83

Cybercrime Malware Education Phishing 83

BH Consulting

NOVEMBER 15, 2022

Cybersecurity conferences aren’t usually places where you expect to feel better about the world, but IRISSCON 2022 struck a surprisingly hopeful tone. Mikko Hyppönen, WithSecure chief research officer, looked back at security’s evolution over decades and reached an unexpected conclusion. “I Making security easy: the UX challenge.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

Security Affairs

MAY 30, 2023

A database belonging to the now-defunct RaidForums cybercrime platform has been leaked on a new hacking forum called Exposed. law enforcement arrested the notorious owner of the BreachForums cybercrime forum known as Pompompurin and seized the Breached platform. The database contains data belonging to 478,000 RaidForums members.

Cybercrime 78

Cybercrime Hacking Phishing Passwords 78

Security Affairs

NOVEMBER 28, 2023

In October 2022, CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. In October 2022, CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S.

Hacking 113

Hacking VPN Ransomware Cybercrime 113

Security Affairs

SEPTEMBER 8, 2022

Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022. TAG assesses UAC-0098 acted as an initial access broker for various ransomware groups including Quantum and Conti, a Russian cybercrime gang known as FIN12 / WIZARD SPIDER.” ” concludes TAG.

Ransomware 120

Ransomware Cybercrime Government Media 120

Security Affairs

JUNE 6, 2022

Microsoft’s Digital Crimes Unit (DCU) announced the seizure of domains used by Iran-linked APT Bohrium in spear-phishing campaigns. Microsoft’s Digital Crimes Unit (DCU) announced to have taken legal action to disrupt a spear-phishing operation linked to Iran-linked APT Bohrium. Middle East, and India.

Phishing 103

Phishing Manufacturing Education Cybercrime 103

SecureWorld News

FEBRUARY 23, 2023

Also worth noting that the Threat Actor(s) did attempt to phish other employees. Other employees did not fall for the phish. It reported that hackers gained access to Activision's network by successfully phishing a privileged user on the network on December 4, 2022.

Hacking 77

Hacking Phishing Data breaches Information Security 77

Security Affairs

APRIL 9, 2024

Fortinet researchers observed a threat actor sending out a phishing email containing malicious Scalable Vector Graphics (SVG) files. BatCloak is a fully undetectable (FUD) malware obfuscation engine used by threat actors to stealthily deliver their malware since September 2022.

Engineering 88

Engineering Phishing Malware Hacking 88

Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 72

Malware Cybercrime Cryptocurrency Social Engineering 72

Security Affairs

MAY 25, 2022

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.”

Cybercrime 114

Cybercrime Healthcare Cybersecurity Phishing 114

Security Affairs

MAY 27, 2022

The malware is available for rent on underground forums for $5000 per month since March 2022. Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 ESETresearch @LukasStefanko 1/3 pic.twitter.com/hGeD4ZSwve — ESET research (@ESETresearch) May 18, 2022. A new #Android banker ERMAC 2.0

Banking 140

Banking Malware Cybercrime Phishing 140

Security Affairs

SEPTEMBER 9, 2023

The cybercrime group claims to have stolen 1 TB of data from the hospital and threatens to leak it. Instead of the dialogue, they decided to play tricks with us, they even tried to catch us with phishing. We tried to draw their attention to the network issues and called them for discussion. Come on guys, seriously?

Ransomware 109

Ransomware Financial Services Cybercrime Encryption 109

Security Affairs

JULY 19, 2022

.” The recent campaigns observed by the experts targeted multiple Western diplomatic missions between May and June 2022. The phishing messages included a link to a malicious HTML file ( EnvyScout ) that acted as a dropper for additional malicious payloads, including a Cobalt Strike beacon. ” continues the report.

Phishing 85

Phishing Cybercrime Malware Hacking 85

Security Affairs

JULY 10, 2022

Unfaithful HackerOne employee steals bug reports to claim additional bounties Threat Report Portugal: Q2 2022 CISA orders federal agencies to patch CVE-2022-26925 by July 22 Tens of Jenkins plugins are affected by zero-day vulnerabilities Microsoft: Raspberry Robin worm already infected hundreds of networks. Upgrade it now!

Cybercrime 80

Cybercrime Data breaches Ransomware Healthcare 80

Security Affairs

FEBRUARY 10, 2023

The experts first spotted the attacks attributed to this threat actor in October 2022, they believe that the group is financially motivated. The attack chain starts with an phishing emails containing a malicious URL or malicious attachment that lead to deployment of WasabiSeed and Screenshotter malware.

Malware 78

Malware Phishing Spyware Cybercrime 78

Security Affairs

APRIL 7, 2024

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894 Cisco warns of XSS flaw in end-of-life small business routers Magento flaw exploited to deploy persistent backdoor hidden in XML Cyberattack disrupted services at Omni Hotels & Resorts HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks US cancer center (..)

Data breaches 94

Data breaches Small Business Hacking Malware 94