SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Such attacks are likely to comprise an even larger portion of the threat landscape next year.

Spyware 109

Spyware Phishing Cybercrime Energy and Utilities 109

SecureWorld News

NOVEMBER 27, 2023

Users could log into their account any time to see real time positioning of their tracker. An inexpensive phone could be purchased and left in someone’s bag or car for several days while an app communicates with the user’s account to notify them whenever the phone is on the move.

Wireless 88

Wireless Energy and Utilities Technology Data privacy 88

SecureList

FEBRUARY 16, 2023

For example, one website offered users to obtain a COVID vaccination certificate by entering their British National Health Service (NHS) account credentials. An energy or resource crisis was not used as a pretext in this particular case, but refunds were still offered in the name of the water supply authority.

Phishing 96

Phishing Scams Accountability Energy and Utilities 96

SecureList

AUGUST 15, 2022

For instance, J-Lightning Application purported to help users to invest into a Polish oil refinery, a Russian energy company, a Chinese cryptocurrency exchange and an American investment fund. Yemen rose to second place with 17.97%; the Trojan-Spy.AndroidOS.Agent.aas spyware was the threat most often encountered by users in that country.

Mobile 100

Mobile Adware Banking Malware 100

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. Drone hacking!

Hacking 109

Hacking Energy and Utilities Media Malware 109

SecureList

DECEMBER 1, 2023

DroxiDat, a lean variant of SystemBC that acts as a system profiler and simple SOCKS5-capable bot, was detected at an electric utility company. The C2 (command and control) infrastructure for the incident involved an energy-related domain, ‘powersupportplan[.]com’, com’, that resolved to an already suspicious IP host.

Malware 98

Malware Ransomware Encryption Energy and Utilities 98

ForAllSecure

AUGUST 14, 2019

Reports suggest that smishing is one possible attack vector for the spyware. Its apparent goal is espionage directed against the financial and energy sectors. The attackers are using administrative privileges to create fraudulent student accounts. Dave Bittner: [00:03:09] This isn't a commodity attack tool. Pegasus is pricey.

Energy and Utilities 52

Energy and Utilities Penetration Testing Government Education 52