Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 113

Malware Ransomware Banking Healthcare 113

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. SecurityAffairs – hacking, Subway UK).

Marketing 132

Marketing Phishing Hacking Data breaches 132

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.” government and defense entities. ” continues the DoJ.

Hacking 100

Hacking Identity Theft Social Engineering Accountability 100

Security Affairs

AUGUST 1, 2023

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto Network Unit 42 discovered a previously unreported phishing campaign that distributed a Python variant of the NodeStealer. environment. The author used Node.js

Accountability 86

Accountability Cryptocurrency Malware Phishing 86

Malwarebytes

FEBRUARY 27, 2024

For the most popular operating system in the world—which is Android and it isn’t even a contest —there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. But Google Play’s security measures frequently detect malware and prevent it from being listed.

Banking 143

Banking Passwords Accountability Malware 143

Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. In every case, Firsh says, the hackers had created a new account and even Github repositories for spoofed developers to make the apps appear legitimate and hide their tracks. This particular campaign is tied to the government of Vietnam.

Malware 297

Malware Spyware Phishing Government 297

Security Affairs

FEBRUARY 13, 2021

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. SecurityAffairs – hacking, Gmail). ” continues the report. .”

Phishing 83

Phishing Malware Accountability Risk 83

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing 112

Phishing Scams Education Passwords 112

Heimadal Security

MAY 31, 2021

The Microsoft Threat Intelligence Center (MSTIC) disclosed the fact that the hacking group APT29, also known as Nobelium, compromised the Contact account for USAID, by using four new malware families. The post Russian Hackers Are Using 4 New Malware Families appeared first on Heimdal Security Blog.

Malware 119

Malware Marketing Accountability Phishing 119

Threatpost

DECEMBER 11, 2020

Facebook shut down accounts and Pages used by two separate threat groups to spread malware and conduct phishing attacks.

Accountability 139

Accountability Phishing Malware Hacking 139

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing 115

Phishing Malware Government Small Business 115

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams 139

Scams Hacking Malware Mobile 139

Security Affairs

JANUARY 1, 2021

Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Threat actors are using Facebook ads to redirect users to Github accounts hosting phishing pages used to steal victims’ login credentials. The first phishing page was created in GitHub 5 months ago.

Phishing 145

Phishing Scams Accountability Malware 145

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 119

Phishing Accountability Hacking Scams 119

Graham Cluley

JANUARY 11, 2024

Anyone who works in computer security knows that they should have two-factor authentication (2FA) enabled on their accounts. A hacker might be able to guess, steal, or brute force the password on your accounts - but they won't be able to gain access unless they also have a time-based one-time password.

Accountability 91

Accountability Passwords Hacking Authentication 91

Security Affairs

OCTOBER 10, 2020

Google improves malware protection for Google Chrome users who are covered by the company’s Advanced Protection Program (APP). Google announced an improved malware protection. Google announced an improved malware protection. activists, journalists, and political parties), who are exposed to the risk of targeted attacks.

Accountability 71

Accountability Malware Phishing Advertising 71

Malwarebytes

JANUARY 6, 2022

Academics from Stony Brook University and Palo Alto Networks—namely Brian Kondracki, Babak Amin Azad, Nick Nikiforakis, and Oleksii Starov—have found at least 1,200 phishing kits online capable of capturing or intercepting 2FA security codes. Illustration of what a MiTM phishing would look like. Source: Kondracki, et al).

Phishing 121

Phishing Authentication Accountability Data breaches 121

Graham Cluley

JANUARY 4, 2024

Google-owned cybersecurity company Mandiant has found itself in the awkward position of having to wrestle back control of its Twitter account, after it was hijacked by scammers yesterday.

Accountability 82

Accountability Cryptocurrency Cybersecurity Scams 82

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. Urlscan also found this phishing scam from Jan.

Phishing 326

Phishing Marketing Scams Accountability 326

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. The phishing attacks began in February 2023, the IT giant reported. Ahead of the U.S.

Accountability 88

Accountability Phishing Financial Services Surveillance 88

CyberSecurity Insiders

APRIL 4, 2022

Fresh reports are in that a hacking group possibly funded by North Korea Intelligence has been strategically targeting South Korean citizens through phishing emails urging recipients to book appointments for a newly developed corona vaccine that is countering a novel strain of Coronavirus that has sent almost half of Beijing into a lock-down again.

Phishing 108

Phishing Cryptocurrency Banking Malware 108

Security Affairs

APRIL 6, 2022

Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts.

Accountability 99

Accountability Phishing Passwords Hacking 99

Security Affairs

APRIL 13, 2020

Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Cyble confirmed that the accounts’ credentials belonging to some of its clients were valid.

Accountability 145

Accountability Passwords Advertising Phishing 145

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait. Others offered the coveted Green Pass without vaccination.

Phishing 92

Phishing Scams Accountability Energy and Utilities 92

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware 109

Malware Banking Phishing Engineering 109

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. ” reads trhe announcement published by DKWOC.

Accountability 102

Accountability Government Phishing Authentication 102

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware 90

Malware Phishing Banking Hacking 90

Security Affairs

FEBRUARY 16, 2021

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost.

Phishing 124

Phishing Cybercrime Mobile Internet 124

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. SecurityAffairs – hacking, Asylum Ambuscade). Pierluigi Paganini.

Phishing 78

Phishing Accountability Government Malware 78

Security Boulevard

SEPTEMBER 7, 2022

Phish or Be Phished. Email phishing attacks are becoming more challenging to spot. Why did the email provider’s email anti-spam and anti-phish protection layer not quarantine the message? Even with a generic greeting, you would think an AL-powered anti-phishing protection engine would have blocked the message.

Phishing 52

Phishing Social Engineering Identity Theft Engineering 52

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 327

Accountability Passwords Advertising Phishing 327

Security Affairs

FEBRUARY 17, 2022

Attackers compromise Microsoft Teams accounts to attach malicious executables to chat and spread them to participants in the conversation. Starting in January 2022, security researchers from Avanan observed attackers compromising Microsoft Teams accounts attach malicious executables to chat and infect participants in the conversation.

Malware 141

Malware Phishing Accountability Data breaches 141

Malwarebytes

JULY 11, 2023

Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. In the past few weeks, there's been a resurgence in sponsored posts and accounts that impersonate Meta/Facebook's own Ads Manager. In early June, we identified fraudulent accounts running the same scam using similar lures.

Accountability 84

Accountability Scams Malware Advertising 84

Security Affairs

AUGUST 10, 2022

The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Talos revealed that threat actors compromised a Cisco employee’s credentials after they gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. SecurityAffairs – hacking, Yanluowang ransomware).

Ransomware 124

Ransomware Hacking VPN Phishing 124

Security Affairs

MAY 13, 2023

Discord disclosed a data breach, the security breach was caused by the compromise of a third-party support agent’s account. In response to the incident, the company immediately deactivated the compromised account and analyzed the impacted machine to determine if it was infected with malware. ” concludes the notice.

Hacking 91

Hacking Data breaches Accountability Phishing 91

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter.

Malware 81

Malware Phishing Spyware Cybercrime 81

Security Affairs

FEBRUARY 4, 2022

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. ” states Microsoft.

Phishing 89

Phishing Authentication Cyber threats Education 89