Security Affairs

FEBRUARY 22, 2022

The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks. The police arrested five that created and administered more than 40 phishing sites used to harvest bank card data of unaware citizens. Once obtained the data, crooks used it to empty their victims’ bank accounts.

Phishing 82

Phishing Banking Mobile Telecommunications 82

Security Affairs

APRIL 11, 2020

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. Pierluigi Paganini.

Phishing 139

Phishing Advertising Healthcare Cyber Attacks 139

Security Affairs

JUNE 4, 2020

Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Pierluigi Paganini.

Accountability 94

Accountability Phishing DNS Cryptocurrency 94

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing 97

Phishing Banking Advertising Accountability 97

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data.

Phishing 72

Phishing Banking Retail Financial Services 72

Security Affairs

OCTOBER 10, 2020

In March, Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019. The security key used during the registration process will be required anytime the users will sign into their accounts on new devices.

Accountability 72

Accountability Malware Phishing Advertising 72

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing 116

Phishing Malware Government Small Business 116

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Secure web- phishing. Main web-phishing target categories also included payment services, cloud storages, social networks, and dating websites.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

JUNE 2, 2021

Feedback message data contained Account id, feedback rating given, and users’ email addresses. Player profile data included Player id; username; country; total money spent on the game; and even Facebook, Apple, and Google account data if the user linked either account with their game account. What Data Was Leaked?

Data breaches 108

Data breaches Accountability Mobile Phishing 108

Security Affairs

JULY 22, 2019

Last week, hackers published a list of Discord credentials (email addresses/passwords) that were allegedly phished from the users of the gaming chat platform. Last week, a group of hackers published a list of Discord login credentials (email addresses and passwords) that were allegedly phished from the users of the gaming chat platform.

Phishing 78

Phishing Data breaches Passwords Advertising 78

Security Affairs

MAY 27, 2022

. “The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums. Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime 131

Cybercrime Education Accountability Phishing 131

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Lynx0x00’s Medium and Twitter accounts have mysteriously vanished but, fortunately, the Internet never truly forgets. ” reported Slashgear. Pierluigi Paganini.

Accountability 93

Accountability Data breaches Passwords Advertising 93

Security Affairs

JUNE 5, 2022

The hacker conducted a phishing attack, they set up a phishing site that impersonated the official BAYC site claiming that BAYC, MAYC and OthersideMeta holders were able to claim a free NFT for a short period of time. At this time it is unclear how the attackers have hacked the community manager’s account.

Phishing 133

Phishing Hacking Accountability Scams 133

Security Affairs

OCTOBER 5, 2020

“According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities. The hackers carried out spear-phishing attacks against the Swiss universities in an attempt of tricking its employees into providing their access data.

Advertising 145

Advertising Phishing Cybercrime Hacking 145

Security Affairs

APRIL 6, 2023

The experts pointed out that crooks engaged in phishing activities have started to rely on the popular instant messaging platform more in recent months. On Telegram is possible to find channels that offer: Free phishing kits that can be used to target users of a large number of global and local brands. ” Phishing-as-a-Service.

Phishing 89

Phishing Scams Social Engineering Banking 89

Krebs on Security

APRIL 14, 2019

Scammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called “ Land Lordz ,” which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings. co.uk , airbnb.pt-anuncio[.]com

Scams 243

Scams Advertising Accountability Phishing 243

Security Affairs

APRIL 12, 2020

The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software companies. ” reads the report published by security firm IntSights. ” reads the report published by security firm IntSights. Pierluigi Paganini.

Healthcare 145

Healthcare Phishing Accountability Banking 145

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. It is unclear why APT28 is using compromised email accounts of (mostly) defense companies in the Middle East.

Phishing 135

Phishing Accountability Advertising DNS 135

Security Affairs

MARCH 23, 2020

The University of Utah Health disclosed a security breach, it has discovered malware on its systems and revealed unauthorized access to some employee email accounts. Attackers breached the organization with a phishing attack, the intrusion took place between January 7 and February 21, 2020. ” continues the alert.

Accountability 101

Accountability Advertising Malware Phishing 101

Krebs on Security

NOVEMBER 21, 2018

Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. A USPS brochure advertising the features and benefits of Informed Visibility.

Accountability 264

Accountability Authentication Identity Theft Advertising 264

Webroot

APRIL 3, 2024

In a world where our lives are increasingly navigated through digital apps and online accounts, understanding and managing our online identities has become paramount. Simply put, it’s the practice of ensuring that only authorized individuals have access to your sensitive information and online accounts.

VPN 83

VPN Passwords Scams Accountability 83

Security Affairs

JANUARY 2, 2024

Palo Alto Networks’s Unit 42 first observed the malware in November 2023 reporting that it has been advertised on the hacking forum Hackforums since April 30, 2023. The attack spotted by the researchers used phishing messages posing as Abu Dhabi National Oil Company (ADNOC).

Malware 114

Malware Passwords Cryptocurrency Hacking 114

Security Affairs

OCTOBER 25, 2019

Experts have uncovered an ongoing phishing campaign targeting the United Nations and NGOs, including UNICEF and UN World Food. Security firm Lookout uncovered an ongoing spear-phishing campaign aimed at NGOs, including human rights organizations such as the Red Cross, UNICEF, the UN World Food and the UN Development programs.

Phishing 43

Phishing Mobile Advertising Scams 43

Security Affairs

MARCH 7, 2024

In January 2023, the government institutions of Moldova were hit by a wave of phishing attacks , threat actors sent more than 1,330 emails to accounts belonging to the country’s state services. The phishing messages attempt to trick recipients into clicking on an embedded link claiming that their domain is expiring.

DDOS 95

DDOS Government Phishing Advertising 95

Security Affairs

SEPTEMBER 18, 2020

The arsenal of the group included several strains of malware, including an Android backdoor disguised inside malicious apps and four variants of Windows infostealers that were also able to access victims’ Telegram Desktop and KeePass account information. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 103

Malware Phishing Accountability Advertising 103

Security Affairs

SEPTEMBER 5, 2020

Experts spotted a phishing campaign that employees overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the victims. Researchers from Cofense discovered a phishing campaign that uses overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the targets.

Social Engineering 121

Social Engineering Phishing Engineering Advertising 121

Security Affairs

OCTOBER 17, 2020

Google delivered 33,015 alerts to its users during the first three quarters of 2020 to warn them of phishing attacks, launched by nation-state actors, targeting their accounts. Google sent 11,856 government-backed phishing warnings during Q1 2020, 11,023 in Q2 2020, and 10,136 in Q3 2020. of all Gmail accounts.

DDOS 88

DDOS Phishing Advertising Accountability 88

Security Affairs

MAY 2, 2020

billion records containing personally identifiable information (PII) of employees, reporters, and at least 42,000 users. Logs sensitive data related to the company’s data infrastructure included SQL query errors, Traffic between different servers, Communication protocols, Potential access to admin accounts. billion records.”

Identity Theft 112

Identity Theft Passwords Advertising Accountability 112

Security Affairs

OCTOBER 4, 2020

The attackers targeted the employees at the merchant with a phishing campaign to obtain credentials for user accounts and were able to take over an administrator account. The recent attacks demonstrate that the threat actors continue to target merchant POS systems to harvest card present payment account data.

Malware 140

Malware Advertising Accountability Hacking 140

Security Affairs

SEPTEMBER 27, 2020

GADOLINIUM abuses Microsoft cloud services as command and control infrastructure, the experts uncovered a spear-phishing campaign using messages with weaponized attachments. “ Microsoft also took down a GitHub account that was used by the Gadolinium group as part of a 2018 campaign. ” states Microsoft’s report.

Advertising 140

Advertising Malware Phishing Hacking 140

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” ” reads the report published by Fortinet.

Cybercrime 87

Cybercrime Malware Education Phishing 87

Security Affairs

JANUARY 10, 2024

” The conspirators hacked into the protected computers of corporate entities and stole proprietary and corporate information. The group advertised stolen data for sale and sometimes threatened to leak or sell stolen sensitive files if the victim did not pay a ransom.

Identity Theft 105

Identity Theft Hacking Cryptocurrency Advertising 105

Security Affairs

JUNE 9, 2020

Researchers from the IBM X-Force Incident Response and Intelligence Services (IRIS) reported that attackers launched a COVID-19-themed spear-phishing campaign to steal the user credentials of over 100 senior executives. Once the attackers have obtained the login credentials they are sent to via email to several Yandex email accounts.

Phishing 81

Phishing Manufacturing Government Advertising 81

Security Affairs

JULY 14, 2020

In response to the incident, the bidding portal has forced a password reset for all users’ accounts, both bidder and auctioneer ones. Unfortunately stolen data are already available for sale on the dark web, security researchers at CloudSEK reported. The experts found a post advertising information of roughly 3.4

Hacking 100

Hacking Data breaches Identity Theft Advertising 100

Security Affairs

APRIL 19, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Scams 85

Scams Phishing Advertising DDOS 85

Security Affairs

APRIL 29, 2020

State-sponsored hackers have compromised a small number of accounts of the Estonian email provider Mail.ee Alleged state-sponsored hackers have hijacked a small number of accounts at the Estonian email provider Mail.ee, they exploited a zero-day vulnerability in the attack. belonging to high-profile people.

Accountability 109

Accountability Advertising Hacking Phishing 109

Security Affairs

MARCH 19, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts. Avoid reusing passwords for multiple accounts.

Ransomware 98

Ransomware DDOS Passwords Backups 98