Accountability, Information Security, Spyware and VPN

Experts warn of anomalous spyware campaigns targeting industrial firms

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities.

Spyware

Spyware Accountability Social Engineering Phishing

SandStrike, a previously undocumented Android malware targets a Persian-speaking religion minority

Security Affairs

NOVEMBER 2, 2022

Threat actors are using previously undocumented Android spyware, dubbed SandStrike, to spy on a Persian-speaking religion minority. In Q3 2022, Kaspersky researchers uncovered a previously undocumented Android spyware, dubbed SandStrike, employed in an espionage campaign targeting the Persian-speaking religion minority, Bahá?í.

Spyware

Spyware Malware VPN Accountability

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware

Spyware Manufacturing Small Business Surveillance

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

European ICS engineering organizations were mainly targeted by phishing campaigns attempting to deliver spyware and cryptominers. Computers that use VPN software are less exposed to online threats, but unfortunately, they represent only 15% of the total. Such threats were blocked more often on computers with VPN software.”

Engineering

Engineering VPN Accountability Software

Security Affairs newsletter Round 350

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform. from the Lympo NTF platform.

VPN

VPN Ransomware Spyware DDOS

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. We look forward to proving our case against NSO in court and seeking accountability for their actions.” ” Who will win?

Surveillance

Surveillance Spyware Advertising Government

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter.

Malware

Malware Phishing Spyware Cybercrime

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. The UK Security Service MI5 said 10,000 staff from every UK government department and from important UK industries have been lured by fake LinkedIn profiles.

Ransomware

Ransomware Passwords Scams Government

Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware

Spyware Surveillance Identity Theft DDOS

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS

DDOS VPN Data breaches Cybercrime

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Update firewalls and SSL VPN gateways in good time. Actions of various attacker categories.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

Who Wants to Support My Work Commercially?

Security Boulevard

JANUARY 25, 2022

Dancho Danchev’s “Astalavista Security Group – Investment Proposal” Presentation – A Photos Compilation. Dancho Danchev’s “Building and Implementing a Successful Information Security Policy” White Paper – [PDF]. Dancho Danchev’s Primary Contact Points for this Project – Email/XMPP/Jabber/OMEMO and PGP Key Accounts.

Cybercrime

Cybercrime Hacking Scams Ransomware

Updates from the MaaS: new threats delivered through NullMixer

Security Affairs

MARCH 27, 2023

The threat actor abused Bitly shortener and an ad hoc BlogSpot account to protect the malicious code, lastly stored in an encrypted zip archive hosted on Mega.nz. Lower.exe, a sample of “GCleaner” spyware, historically, this piece of malware was initially faking CCleaner to drop additional malware ( link ).

Malware

Malware Social Engineering Encryption Marketing

Agrius group targets Israel with data-wipers disguised as ransomware

Security Affairs

MAY 25, 2021

The threat actors leverage VPN services (primarily ProtonVPN) to fly under the radar when accessing public facing applications of the targets. “Agrius uses those webshells to tunnel RDP traffic in order to leverage compromised accounts to move laterally. ” continues the report.

Ransomware

Ransomware Malware VPN Hacking

Cyber Security Informer

Experts warn of anomalous spyware campaigns targeting industrial firms

SandStrike, a previously undocumented Android malware targets a Persian-speaking religion minority

Webinars

Trending Sources

Security Affairs newsletter Round 377

Webinars

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs newsletter Round 350

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

New TA886 group targets companies with custom Screenshotter malware

Cyber Security Roundup for May 2021

Security Affairs newsletter Round 458 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition

Threats to ICS and industrial enterprises in 2022

Who Wants to Support My Work Commercially?

Updates from the MaaS: new threats delivered through NullMixer

Agrius group targets Israel with data-wipers disguised as ransomware

Stay Connected