Security Affairs

NOVEMBER 25, 2020

Group-IB supported an INTERPOL-led operation Falcon targeting business email compromise cybercrime gang from Nigeria, dubbed TMT. Group-IB , a global threat hunting and intelligence company, supported an INTERPOL-led operation Falcon targeting business email compromise (BEC) cybercrime gang from Nigeria, dubbed TMT by Group-IB.

Cybercrime 126

Cybercrime Phishing Social Engineering Spyware 126

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. “Anomalous” spyware attacks. “Anomalous” spyware attacks. C2 infrastructure.

Spyware 81

Spyware Accountability VPN Malware 81

The Last Watchdog

JULY 18, 2023

This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla., July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error.

Hacking 100

Hacking DDOS Small Business Spyware 100

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 72

Spyware Ransomware Malware Data breaches 72

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 93

Data breaches Malware Mobile Spyware 93

Malwarebytes

FEBRUARY 16, 2021

When COVID-19 cases first began spiking in several countries, cybercriminals preyed upon people’s fears mercilessly, with an avalanche of coronavirus phishing emails and scams. If 2020 taught us anything, it’s that cybercrime stops for nothing. As you can see from these findings, 2020 proved to be a tumultuous year.

Malware 121

Malware Scams Spyware Healthcare 121

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. The attack chain starts with an phishing emails containing a malicious URL or malicious attachment that lead to deployment of WasabiSeed and Screenshotter malware. ” reads the post published by Proofpoint.

Malware 82

Malware Phishing Spyware Cybercrime 82

SecureWorld News

JULY 27, 2023

Some highlights include: Stealers are primarily sold on cybercrime forums. Cybersecurity vendor experts provided their commentary on the findings: Zane Bond, Head of Product at Keeper Security, said: "The first phase of any breach begins with an external facing risk, such as a software vulnerability or employee who falls victim to phishing.

Malware 67

Malware Social Engineering Passwords Spyware 67

IT Security Guru

FEBRUARY 13, 2023

With so many well known banking sites falling short when it comes to blocking fraudsters, cybersecurity experts at VPNOverview have compiled a list of 12 safety tips to keep your money safe from malware and phishing scams. What are the possible dangers of online banking?

Banking 62

Banking Cybersecurity Antivirus Phishing 62

CyberSecurity Insiders

MARCH 21, 2021

Make sure all devices and computers at your office have installed anti-virus, and anti-spyware as these are connected to the network, offering a gateway to hackers. There are different kinds of cyber attacks that are faced by small businesses, including malware, phishing, SQL injection, DNS tunneling, and more.

Small Business 145

Small Business Cyber Attacks VPN Backups 145

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale. Gnosticplayers round 5 – 65 Million+ fresh accounts from 8 security breaches available for sale. Million email accounts without permission. Paper Copy.

Computers and Electronics 61

Computers and Electronics Spyware Data breaches Advertising 61

Security Affairs

JULY 11, 2022

Axie Infinity disclosed the security breach through the official Discord and Twitter accounts, and by Ronin Network. A PDF containing the offer was sent to the employee, once opened the file a spyware compromised his system and infiltrate the Ronin’s network. The attackers have stolen roughly 173,600 ether and 25.5 million USDC.

Engineering 80

Engineering Spyware Phishing Hacking 80

Webroot

MAY 12, 2021

NFT theft and a new brand of cybercrime. It seems phishing for users’ passwords to the sites used to buy and sell NFTs is the main method of compromise. Two-factor authentication for accounts managing NFTs is strongly recommended by marketplaces. It’s certainly been speculated that they’re driving up the price of Etherium.

Cryptocurrency 91

Cryptocurrency Marketing Phishing Authentication 91

Security Affairs

APRIL 8, 2019

This data comes not only from the analysis of underground forums and phishing websites, but also from the analysis of cybercriminals’ infrastructure (including but not limited to C&Cs) and malware disassembling. Group-IB Threat Intelligence experts detected a total of 138 978 compromised cards issued by the Gulf countries’ banks.

Artificial Intelligence 63

Artificial Intelligence Government Banking Advertising 63

SecureList

NOVEMBER 22, 2022

Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks. These are attractive aspects that cybercrime groups will be unable to resist. One of the most striking new stealers has been OnionPoison.

Cryptocurrency 92

Cryptocurrency Mobile Ransomware Banking 92

SecureList

NOVEMBER 1, 2022

The victims are targeted with spear-phishing emails that trick them into mounting a malicious ISO file and double-clicking an LNK, which starts the infection chain. In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. í religion that are banned in Iran.

Malware 142

Malware Ransomware Spyware Encryption 142

SecureList

AUGUST 30, 2023

Tomiris employs a wide variety of attack vectors: spear-phishing, DNS hijacking, exploitation of vulnerabilities (specifically ProxyLogon ), suspected drive-by downloads, and other “creative” methods. Using a number of vulnerabilities in iOS, the attachment is executed and installs spyware.

Malware 78

Malware Spyware Cryptocurrency Government 78

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware: the most likely COVID-19 payload.

Phishing 104

Phishing Malware Spyware DDOS 104

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Such attacks are likely to comprise an even larger portion of the threat landscape next year.

Spyware 110

Spyware Phishing Cybercrime Energy and Utilities 110

Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool. Target reshuffle.

Phishing 56

Phishing Spyware Banking Malware 56

SecureList

MAY 27, 2022

The attackers are mainly interested in collecting data on user accounts, IP addresses and session information; and they steal configuration files from programs that work directly with cryptocurrency and may contain account credentials. The campaign has two goals: gathering information and stealing cryptocurrency. Other malware.

Phishing 110

Phishing Spyware Firmware Malware 110

Security Affairs

JULY 4, 2023

It has been estimated that the threat actor has stolen over 350,000 EUR from victims’ bank accounts and compromised Personally Identifiable Information (PII) of thousands of victims. Neo_Net has set up and rented out a wide-ranging infrastructure, including phishing panels, Smishing software, and Android trojans to its network of affiliates.

Banking 79

Banking Phishing Social Engineering Authentication 79

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 84

Spyware Surveillance Artificial Intelligence Data breaches 84

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF].

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

SecureList

NOVEMBER 10, 2021

With millions of new users on streaming platforms, cyberattackers have recognized this heightened demand and seek to take advantage of it by distributing streaming phishing scams and spreading malware under the guise of users’ favorite shows. An example of a phishing page offering to stream Money Heist. Methodology.

Phishing 100

Phishing Accountability Malware Adware 100

Security Affairs

DECEMBER 11, 2018

Group-IB Threat Intelligence has detected government websites’ user accounts compromised by cyber criminals in 30 countries. Government employees, military and civilian citizens who had accounts on official government portals of France ( gouv.fr ), Hungary ( gov.hu ) and Croatia ( gov.hr ) became victims of this data compromise.

Government 91

Government Cybercrime Accountability Advertising 91

Malwarebytes

OCTOBER 18, 2021

No spear-phishing attack against an executive’s personal device. No surreptitious implantation of spyware to collect admin credentials. Online scams already ruin people’s lives by emptying their bank accounts. The breach at the Oldsmar water plant, however, may have involved no malware at all.

Ransomware 145

Ransomware Firewall Antivirus Cybersecurity 145

eSecurity Planet

OCTOBER 21, 2022

From ransomware attacks locking businesses out of their data until they pay potentially millions of dollars to spyware tracking users’ every move through their infected device, the effects of malware can be devastating. Types of spyware are often classified based on what information they’re gathering. Need More Intel on Rootkits?

Malware 75

Malware Adware Spyware Antivirus 75

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware 88

Malware Government Phishing Social Engineering 88

SecureWorld News

FEBRUARY 7, 2023

The cybercrime campaigns below demonstrate how crooks can get a leg up in this cat-and-mouse game. Google Docs comments functionality mishandled for phishing In early 2022, analysts at email security firm Avanan spread the word about a new unorthodox technique for delivering toxic links to numerous users.

Cybercrime 86

Cybercrime Phishing Accountability Government 86

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. Drone hacking!

Hacking 110

Hacking Energy and Utilities Media Malware 110