Security Affairs

AUGUST 6, 2023

Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in print management software exposes servers to RCE attacks A cyberattack impacted operations of multiple hospitals in several US states Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 Malicious packages in (..)

Malware 77

Malware Cybercrime Cryptocurrency Social Engineering 77

Security Affairs

JANUARY 3, 2024

For the tool to function, the operator must input a list of compromised email accounts to be scanned. It’s noteworthy that most of the victim accounts identified were predominantly from the U.K. Utilizing AI-driven bots for advanced social engineering techniques.

Artificial Intelligence 118

Artificial Intelligence Banking Scams Cybercrime 118

Appknox

JUNE 23, 2022

Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Cryptocurrency and NFT attacks are rising as decentralized finance, and digital art assets become sophisticated socially engineered threats. Common Trends Among the Australian Mobile Threats.

Social Engineering 92

Social Engineering Mobile Scams Engineering 92

SecureWorld News

AUGUST 2, 2022

New research from security firm CloudSEK shows that more than 3,200 mobile applications were leaking Twitter API (Application Program Interface) keys, which can be used to gain access and take over user accounts. Of those, 230 were leaking all four authorization credentials and could be used to fully take over Twitter accounts.

Mobile 83

Mobile Accountability Identity Theft Cryptocurrency 83

Identity IQ

FEBRUARY 8, 2024

Transactions on the dark web are typically conducted using cryptocurrencies such as Bitcoin to maintain anonymity. The deep web is also made up of content that is not indexed by search engines and requires a login to access. The dark web is similar in that it can’t be found by search engines, but that is where the similarities end.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

SecureWorld News

NOVEMBER 1, 2021

Americans’ personal information, stolen en masse by state-backed actors and online gangs alike, is being weaponized via increasingly sophisticated social engineering or disinformation campaigns. Criminals and extremists similarly can threaten unprecedented levels of disruption and coercion.

Cybersecurity 75

Cybersecurity Government Cyber Insurance Technology 75

SecureList

FEBRUARY 16, 2023

These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself. For example, one website offered users to obtain a COVID vaccination certificate by entering their British National Health Service (NHS) account credentials.

Phishing 90

Phishing Scams Accountability Energy and Utilities 90

SC Magazine

JULY 2, 2021

The research will cover such innovations of interest as P2P payments, mobile payments, digital wallets and central bank digital currencies – nationally sponsored cryptocurrencies that, unlike Bitcoin or Monero, would serve as a legitimate substitute for a country’s official currency.

Financial Services 71

Financial Services Banking Identity Theft Media 71

Security Boulevard

APRIL 26, 2022

In 2022, the same threat actor started spoofing various important entities in South Korea, including KRNIC (Korea Internet Information Center), Korean security vendors such as Ahnlab, cryptocurrency exchanges such as Binance, and others. This is done for the purpose of social engineering. Attack chains. Figure 3: Decoy content.

Phishing 52

Phishing DNS Cryptocurrency Accountability 52

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. A single bitcoin is trading at around $45,000.

Cryptocurrency 233

Cryptocurrency Cybercrime Computers and Electronics Scams 233

Security Affairs

OCTOBER 10, 2018

As stated in Group-IB’s annual report “ Hi-Tech Crime Trends 2018 ” presented at the CyberCrimeCon18 conference, every month, 1-2 banks lose money as a result of cyber attacks, and the damage caused by one successful theft is, on average, $2 million. They account for 80% of all financial phishing sites. million (2.96

Cyber Attacks 83

Cyber Attacks Banking Cyber threats Phishing 83

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. SIM swapping attacks primarily target individuals who are visibly active in the cryptocurrency space.

Mobile 236

Mobile Cryptocurrency Accountability Passwords 236

SecureList

AUGUST 23, 2021

Analysts predict that mobile gaming will account for $90.7 Most of the statistics presented in the report were collected between July 1, 2020 and June 30, 2021. The statistics show downloaders accounted for an overwhelming majority (87.24%) of the software being spread. Additionally, the number of gamers will continue to rise.

Adware 112

Adware Mobile Phishing Malware 112

SecureList

APRIL 10, 2023

It is especially important to analyze how this threat originates, because many cybercriminals work in teams, buying and selling Google Play accounts, malware, advertising services, and more. It’s a whole underground world with its own rules, market prices, and reputational institutions, an overview of which we present in this report.

Malware 99

Malware Encryption Mobile Accountability 99

ForAllSecure

SEPTEMBER 29, 2022

Stok : DEF CON that that summer for hacker summer camp and got invited or more or less kind of social engineer myself into a hacker one live hacking event used to be at the bar. All on his own Jack discovered a security flaw in a cryptocurrency app, a flaw that opened the door to the world of bug bounties.

Hacking 40

Hacking Cryptocurrency Software InfoSec 40

Security Affairs

MARCH 27, 2023

Such was related to a worldwide malware operation known as NullMixer, a controversial and widespread malware delivery maneuver based on SEO poisoning and social engineering technique to lure tech-savvy users, including IT personnel. The module also exfiltrates 2FA secrets from Twilio’s Authy local storage.

Malware 83

Malware Social Engineering Encryption Marketing 83

eSecurity Planet

FEBRUARY 16, 2021

These adware strains often present themselves as a video, banner, full screen, or otherwise pop-up nuisance. By obtaining sensitive authentication access, attackers can break into the vendor network or user account. Phishing and Social Engineering. Examples of Adware Malware Attacks. Backdoors.

Malware 105

Malware Adware Spyware Antivirus 105

NetSpi Executives

APRIL 27, 2024

Ransomware, a definition Ransomware is a set of malware technologies, hacking techniques, and social engineering tactics that cybercriminals use to cause harm, breach data, and render data unusable. Victims pay ransomware adversaries for decryption keys through cryptocurrency, such as Bitcoin. Unpatched exploits.

Ransomware 52

Ransomware Cyber Insurance Backups Insurance 52

SecureList

MAY 27, 2022

In January, we reported a malicious campaign targeting companies that work with cryptocurrencies, smart contracts, decentralized finance and blockchain technology: the attackers are interested in fintech in general. The campaign has two goals: gathering information and stealing cryptocurrency. zip”).

Phishing 103

Phishing Spyware Firmware Malware 103

SecureList

NOVEMBER 18, 2022

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. The group delivers its malware using social engineering. Other packages were presented in English, so they could be targeting users from other countries.

Malware 100

Malware Computers and Electronics Adware Cryptocurrency 100

Security Through Education

DECEMBER 5, 2023

Malicious actors and scammers, commonly referred to as “bad actors,” are adept at seizing the opportunity presented by these tragedies to carry out their deceitful schemes. Watch out for “charities” asking you to pay with cash, gift cards, wire transfers, or cryptocurrency.

Scams 52

Scams Identity Theft Media Social Engineering 52

SecureList

AUGUST 5, 2021

In Q2 2021, corporate accounts continued to be one of the most tempting targets for cybercriminals. A fake notification about a Microsoft Teams meeting or a request to view an important document traditionally takes the victim to a phishing login page asking for corporate account credentials. Quarterly highlights. The corporate sector.

Phishing 116

Phishing Banking Scams Computers and Electronics 116

eSecurity Planet

OCTOBER 21, 2022

Malware has been present in the digital space since the 1980s, with early prank malware like the Morris Worm or the (c)Brain. The method of infection can vary from attack to attack and can include social engineering strategies, such as phishing and email spoofing , or a fraudulent website masquerading as legitimate, among others.

Malware 69

Malware Adware Spyware Antivirus 69

Spinone

MAY 8, 2020

Infiltrate – Another aim of attackers is to infiltrate your organization’s network and slyly stay hidden, moving laterally through the network looking to ultimately compromise an administrator account. The ransomware then demands a sum of money in the form of untraceable cryptocurrency to unlock the data to regain access.

Cyber Attacks 78

Cyber Attacks Phishing Backups Ransomware 78

Spinone

JANUARY 20, 2020

Some estimates of the damages exceed one billion dollars, taking into account data loss, service outages, disrupted operations, and recovery. The most preferred method of ransom payment is cryptocurrency because it is hard to track. That is why hackers use social engineering tricks to pressure victims into paying a ransom.

Ransomware 59

Ransomware Encryption Antivirus Backups 59

SecureList

MARCH 7, 2024

To get access to the content (or contest), phishing sites prompted the victim to sign in to one of their gaming accounts. If the victim entered their credentials on the phishing form, the account was hijacked. The information could later be used to steal both funds from victims’ accounts and their identities.

Phishing 95

Phishing Scams Cryptocurrency Accountability 95

SecureList

JULY 29, 2021

From here, the victim was presented with a LNK file made to look like a folder within an Explorer window. Some activity involved PowerShell commands and loader variants different from the downloaders presented in our recent report. In recent operations, the group has focused on cryptocurrency businesses.

Malware 140

Malware Phishing Password Management Social Engineering 140

Adam Levin

DECEMBER 7, 2020

Many of the contact tracing scams of 2020 similarly followed social engineering scripts that have been used in taxpayer identity theft schemes since the 1990s as well. This represents an evolutionary step beyond credential stuffing (a crime where the target’s passwords are used to access other accounts).

IoT 130

IoT Artificial Intelligence Technology Scams 130

eSecurity Planet

NOVEMBER 2, 2022

Instead, it was meant to point out weaknesses present in networks of the time. Social engineering attacks soon found use in the digital space. The advent of untraceable digital payment methods like cryptocurrency was a boon to hackers looking to extort as much money as they could from their targets without being caught.

Malware 138

Malware Ransomware Antivirus Internet 138

Malwarebytes

MAY 21, 2023

ChatGPT can step in to offer insights on identifying the latest scams, avoiding social engineering pitfalls, and setting stronger passwords in concise, conversational text that may be more effective than a lecture or slide presentation. More than 27,500 signatures have since been added to the letter.

Cybersecurity 73

Cybersecurity Artificial Intelligence Social Engineering Engineering 73

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. Although there was a public report of drones used to hack a Wi-Fi network in 2022, there are no accounts of similar events happening in 2023.

Hacking 102

Hacking Energy and Utilities Media Malware 102

BH Consulting

NOVEMBER 9, 2022

In all, the agency grouped the main risks into eight categories: ransomware, malware, social engineering, threats against data, threats against availability, disinformation/misinformation, and supply chain targeting. Spice up your security presentation without the tired ‘hacker in a hoodie’ tropes. Links we liked.

Social Engineering 52

Social Engineering Ransomware Password Management Engineering 52