Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 73

Spyware Ransomware Malware Data breaches 73

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 89

Data breaches DDOS Artificial Intelligence Ransomware 89

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The targets included government and military agencies, defense contractors, political parties and consultancies, logistics companies, energy firms, universities, law firms and media companies. And now, we turn our attention to the future.

Mobile 128

Mobile Surveillance Ransomware Government 128

SC Magazine

MARCH 10, 2021

A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., Hacktivist Tillie Kottmann is reportedly among those asserting responsibility for the incident, telling Bloomberg that their act helped expose the security holes of modern-day surveillance platforms.

Surveillance 129

Surveillance IoT Accountability Passwords 129

Malwarebytes

NOVEMBER 2, 2023

Unlike other generations whose privacy fears are deeply entangled with concerns of traditional cybercrimes like identity and credit card theft, Gen Z worries most about the exposure of their private information because of the chance of harassment, bullying, and lost friendships. But it isn’t that Gen Z, wholesale, doesn’t care about privacy.

Identity Theft 118

Identity Theft Data breaches Hacking Surveillance 118

Security Affairs

SEPTEMBER 30, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . · Bitcoin Core Team fixes a critical DDoS flaw in wallet software. · SHEIN Data breach affected 6.42 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches 59

Data breaches IoT Advertising Banking 59

SecureList

FEBRUARY 26, 2021

The Coalition Against Stalkerware warns that stalkerware “may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.” They still need physical access to the phone to jailbreak it, so iPhone users who fear surveillance should always keep an eye on their device. The legal status.

Mobile 80

Mobile Surveillance Software Passwords 80

Krebs on Security

MARCH 29, 2022

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. ” On April 5, 2021, Everlynn posted a new sales thread to the cybercrime forum cracked[.]to THE LAPSUS$ CONNECTION.

Accountability 275

Accountability Government Hacking Social Engineering 275

SecureList

NOVEMBER 26, 2021

At the end of September, at the Kaspersky Security Analyst Summit , our researchers provided an overview of FinSpy , an infamous surveillance toolset that several NGOs have repeatedly reported being used against journalists, political dissidents and human rights activists. FinSpy: analysis of current capabilities.

Malware 86

Malware Banking Energy and Utilities Accountability 86

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Once inside a victim company’s bank accounts, the crooks would modify the firm’s payroll to add dozens of “ money mules ,” people recruited through work-at-home schemes to handle bank transfers.

Banking 268

Banking Small Business Accountability Cybercrime 268

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. AI-Powered Cybercrime Despite the advancements in using AI to improve security, cybercriminals also have access to AI and LLMs.

Cybersecurity 139

Cybersecurity CISO Government Technology 139

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 85

Spyware Surveillance Artificial Intelligence Data breaches 85

Krebs on Security

NOVEMBER 6, 2018

Snippets from that fascinating conversation are recounted below, and punctuated by accounts from a recent victim who lost more than $100,000 after his mobile phone number was hijacked. The force was originally created to tackle a range of cybercrimes, but Tarazi says SIM swappers are a primary target now for two reasons.

Mobile 236

Mobile Cryptocurrency Accountability Passwords 236

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. After a conversation on social media, the actor sent a spear-phishing email to the potential victim using a stolen email account. documents), /??(pictures)

Surveillance 116

Surveillance Malware Phishing Encryption 116

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. The stolen cookies can be used later to remotely access victims’ email accounts. The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews.

Government 101

Government Malware VPN Manufacturing 101

Krebs on Security

MARCH 22, 2023

Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. According to The Washington Post , four of the Apple App Store’s 10 most-downloaded free apps are owned by Chinese companies, including Temu and the social media network TikTok.

Malware 263

Malware eCommerce Mobile Media 263

ForAllSecure

MAY 26, 2022

Either in courts or in the media, hackers have been demonized. ” I wrote about the pending Cyber Security Enhancement Act of 2002 (CSEA) and said: “ The problem with this legislation is that it's often very difficult to determine who is responsible for any given cybercrime. Who is responsible? McAninch: Excellent.

Hacking 52

Hacking Technology InfoSec Media 52

SecureList

OCTOBER 26, 2021

The first accounts of its activity date back to March last year, in which archives carrying COVID-related decoy file names that contained a malicious executable were described in a tweet by MalwareHunterTeam. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services.

Malware 140

Malware Government Surveillance Spyware 140

SecureList

JULY 29, 2021

FourteenHi abuses the popular VLC media player to execute its loader. However, we observed that ScarCruft compromised a North Korea-related news media website in January, beginning a campaign that was active until March. For further surveillance of the victim, the malware operator may also deploy additional tools.

Malware 140

Malware Phishing Password Management Social Engineering 140

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. Although there was a public report of drones used to hack a Wi-Fi network in 2022, there are no accounts of similar events happening in 2023.

Hacking 102

Hacking Energy and Utilities Media Malware 102

Security Affairs

DECEMBER 10, 2023

Will Enable Mass Spying Reddit Says Leaked U.S.-U.K. billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 90

Data breaches Ransomware Hacking Financial Services 90