Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US This is noteworthy because.US is overseen by the U.S.

Phishing 314

Phishing Telecommunications Government DNS 314

Security Boulevard

MAY 11, 2022

Bitcoin’s enduring popularity and peak valuation in 2021 has only encouraged heists on crypto exchanges, the use of cryptomining malware, cryptocurrency-related scams , and malware targeting cryptocurrency wallets. The post Which phishing scams are trending in 2022? appeared first on Security Boulevard.

Scams 145

Scams Phishing Cryptocurrency Marketing 145

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 243

Phishing Passwords Hacking Internet 243

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 333

Hacking Social Engineering Phishing Scams 333

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. The automation of malware development is another worrying trend, as it lowers the barrier to entry for cybercrime.

Artificial Intelligence 140

Artificial Intelligence Phishing Media Cyber threats 140

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. law firms using phishing and social engineering. FBI warns Silent Ransom Group has targeted U.S. ” concludes the report.

Social Engineering 125

Social Engineering Antivirus Phishing Engineering 125

Tech Republic Security

APRIL 27, 2022

The malicious software had been slowly returning since November 2021, and saw a large number of phishing emails sent out with Emotet attached in April 2022. The post Emotet malware launches new email campaign appeared first on TechRepublic.

Malware 171

Malware Phishing Software 171

Security Affairs

DECEMBER 18, 2024

In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware.

Phishing 119

Phishing Government VPN Firewall 119

SecureList

MAY 15, 2025

It reached its lowest level since the beginning of 2022. Percentage of ICS computers on which denylisted internet resources were blocked, Jan 2022Mar 2025 Changes in the percentage of ICS computers on which initial-infection malware was blocked lead to changes in the percentage of next-stage malware. times more) were blocked.

Spyware 91

Spyware Phishing Internet Internet 91

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. “The Nebulous Mantis team, which changes the domains they use every month, obtains these spear-phishing and C2 servers from LuxHost and AEZA bulletproof hosting (BPH) services.” ” continues the report.

Encryption 113

Encryption Ransomware Malware Phishing 113

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 337

Phishing Telecommunications Malware Scams 337

Malwarebytes

FEBRUARY 4, 2025

When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its use in cyberattacks. This warning comes from our 2025 State of Malware report, which compiled a years worth of intelligence to identify the most pressing cyberattacks on the horizon.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

The Last Watchdog

JULY 27, 2023

In its H1 2023 Report: Cybersecurity Trends & Insights , Perception Point reported an overall increase in social engineering attacks, including a 20% growth in the prevalence of Business Email Compromise (BEC) attacks along with a 41% surge in phishing attacks from H2 2022 to H1 2023.

Phishing 186

Phishing Social Engineering Engineering Media 186

Security Affairs

FEBRUARY 19, 2025

In some phishing attacks, attackers frequently masked malicious QR codes as legitimate Signal resources, such as group invites, security alerts, or as legitimate device pairing instructions from the Signal website. ” continues the report. ” concludes the report. ” concludes the report.

Phishing 94

Phishing Accountability Social Engineering Malware 94

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce.

Phishing 135

Phishing Spyware Firmware Malware 135

SecureList

SEPTEMBER 8, 2022

H1 2022 in numbers. In H1 2022, malicious objects were blocked at least once on 31.8% Percentage of ICS computers on which malicious objects were blocked, January – June 2020, 2021, and 2022. 15 countries and territories with the highest percentage of ICS computers on which malicious objects were blocked, H1 2022.

Spyware 127

Spyware Cryptocurrency Ransomware Phishing 127

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 315

Hacking Malware Ransomware Government 315

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 145

Phishing Accountability Hacking Scams 145

CSO Magazine

OCTOBER 28, 2022

Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the 2021 level by 55.8 Malware email volume peaked in July, reaching 19.2

Phishing 128

Phishing Threat Detection Malware 128

SecureList

NOVEMBER 23, 2022

In this research, we analyze various types of threats, such as financial malware and phishing pages mimicking the world’s biggest retail platforms, banking and payment systems, and discuss recent trends. Over the first ten months of 2022, Kaspersky prevented 38,596,555 financial phishing attacks. Methodology.

Phishing 127

Phishing Banking Scams Retail 127

SecureList

OCTOBER 31, 2022

Kaspersky has been tracking activities involving the LODEINFO malware family since 2019, looking for new modifications and thoroughly investigating any attacks utilizing those new variants. LODEINFO is sophisticated fileless malware first named in a blogpost from JPCERT/CC in February 2020. 2022-06-14 03:47:04.A A 11900 9181 1.docx

Malware 145

Malware Encryption Media Phishing 145

eSecurity Planet

FEBRUARY 4, 2022

Malware is one of the biggest threats businesses face, and with nearly a third of all malware coming through the internet and email, businesses and consumers alike need ways to protect themselves. Also Read: 4 Best Antivirus Software of 2022. Also Read: Mobile Malware: Threats and Solutions. Password Managers.

Internet 144

Internet Internet Software Antivirus 144

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 142

Malware Ransomware Banking Healthcare 142

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. On January 24, a hash for sophisticated Solaris SPARC malware was posted on Twitter. Pangolin is private malware we discovered in 2021, exclusively used by ZexCone, the threat actor behind ExCone and DexCone. The most remarkable findings.

Malware 145

Malware Firmware Phishing Cryptocurrency 145

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware 125

Malware Phishing Ransomware Mobile 125

Security Affairs

MAY 21, 2025

Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165tracked in the cybersecurity community under several names (see Cybersecurity Industry Tracking).”

Technology 87

Technology Malware Phishing Government 87

SecureList

JUNE 22, 2023

We wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. The attackers target German-speaking companies in the DACH region.

Phishing 133

Phishing Encryption Cybercrime Ransomware 133

SecureList

SEPTEMBER 6, 2022

According to the analytical agency Newzoo, in 2022, the global gaming market will exceed $ 200 billion , with 3 billion players globally. In this report, we provide the latest statistics on cyberthreats to gamers, as well as detailed information on the most widespread and dangerous types of malware that players must be aware of.

Mobile 135

Mobile Passwords Software Accountability 135

SecureList

NOVEMBER 1, 2022

This is our latest installment, focusing on activities that we observed during Q3 2022. We can confirm a Maui ransomware incident in 2022, but we would expand their “first seen” date from the reported May 2021 to April 15, 2021, and the geolocation of the target to Japan and India. The most remarkable findings.

Malware 145

Malware Ransomware Spyware Encryption 145

SecureList

DECEMBER 27, 2024

Changes in the percentage of ICS computers on which malicious objects were blocked in selected industries Diversity of detected malicious objects In the third quarter of 2024, Kaspersky’s protection solutions blocked malware from 11,882 different malware families in various categories on industrial automation systems.

Malware 106

Malware Spyware Internet Internet 106

SecureList

NOVEMBER 29, 2024

The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities 106

Energy and Utilities Ransomware Malware Government 106

Security Affairs

JULY 30, 2024

In the 2022 attacks, the threat actors also targeted departments of Foreign Affairs, Scientific and Defence organisations, Aviation, IT industry, and Legal firms. ” The attackers use these decoy documents as a diversive tactic while while the malware is being deployed.

Phishing 133

Phishing Malware Hacking Information Security 133

Security Affairs

FEBRUARY 17, 2022

Starting in January 2022, security researchers from Avanan observed attackers compromising Microsoft Teams accounts attach malicious executables to chat and infect participants in the conversation. “Starting in January 2022, Avanan observed how hackers are dropping malicious executable files in Teams conversations.

Malware 145

Malware Accountability Phishing Data breaches 145

SecureList

NOVEMBER 28, 2024

The most remarkable findings In the second half of 2022, a wave of attacks from an unknown threat actor targeted victims with a new type of attack framework that we dubbed P8. Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails.

Malware 120

Malware Government Software Spyware 120

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware 137

Malware Banking Phishing Engineering 137

SecureList

JANUARY 19, 2023

Shaoye) is well-known as a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. This was newly implemented in the known Android malware Wroba.o/Agent.eq

DNS 144

DNS Mobile Malware Accountability 144

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 89

Small Business Cybersecurity Passwords Scams 89