Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year. Follow me on Twitter: @securityaffairs and Facebook.

Phishing 98

Phishing Government Antivirus Passwords 98

SecureList

FEBRUARY 15, 2021

The email antivirus was triggered most frequently by email messages containing members of the Trojan.Win32.Agentb The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. The most frequent targets of phishing attacks were online stores (18.12 Agentb malware family. Trends of the year.

Phishing 136

Phishing Malware Scams Accountability 136

SecureList

FEBRUARY 9, 2022

Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. Hurry up and lose your account: phishing in the corporate sector. That’s why these e-mails would contain a link to a document, file, payment request, etc.,

Phishing 65

Phishing Scams Accountability Banking 65

Webroot

MAY 9, 2024

From important resumes and portfolios to personal documents, your digital footprint needs robust protection. Real-time antivirus protection Install robust antivirus software that provides continuous protection against emerging threats like malware, ransomware, and phishing scams.

Identity Theft 68

Identity Theft VPN Password Management Antivirus 68

Security Boulevard

MARCH 3, 2023

Malvertising Enters a New Age While Google grapples with the potential threat that ChatGPT poses to its advertising business, cybercriminals are taking advantage of Google Ads to ramp up their phishing attacks on unsuspecting victims. The post Defeating Malvertising-Based Phishing Attacks appeared first on Security Boulevard.

Phishing 59

Phishing DNS Malware Antivirus 59

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. Pierluigi Paganini.

Phishing 86

Phishing Social Engineering Malware Advertising 86

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. MacOS computers include X-Protect , Apple’s built-in antivirus technology. ” Image: SlowMist. Image: SlowMist.

Malware 265

Malware Cryptocurrency Software Scams 265

Security Affairs

APRIL 30, 2021

The state-sponsored hackers sent spear-phishing messages to a general director working at the Rubin Design Bureau , in Saint Petersburg, which is one of three main Russian centers of submarine design. The spear-phishing messages used a malicious Rich Text File (RTF) document that included descriptions of an autonomous underwater vehicle.

Phishing 132

Phishing Malware Antivirus Encryption 132

Security Affairs

DECEMBER 1, 2021

APT groups from China, India, and Russia have used a new RTF (rich text format) template injection technique in recent phishing attacks. The technique was first reported by the security firm Proofpoint spotted which observed phishing campaigns using the weaponized RTF template injection since March 2021. ” concludes the report.

Phishing 125

Phishing Antivirus Engineering Hacking 125

SC Magazine

JULY 8, 2021

A recent phishing scheme targeting live chat platforms works in part because website operators that use chat features are not always diligently scanning uploaded files for malware. The scheme is yet another recent example of phishing campaigns leveraging communication mediums outside of email to catch prospective victims off-guard.

Phishing 134

Phishing Antivirus Scams Malware 134

CyberSecurity Insiders

JUNE 27, 2023

This malware can infiltrate your smartphone through various means, such as malicious apps, infected websites, or phishing emails. If you don’t have a backup, you may lose important files, personal photos, or sensitive documents forever. Understand common phishing techniques and learn how to identify suspicious emails or messages.

Ransomware 107

Ransomware Antivirus Backups Encryption 107

eSecurity Planet

DECEMBER 2, 2021

Bad actors are using the new technique to leverage RTF text file attachments in phishing emails. ATP Phishing Campaigns. Users should become aware of the risks of opening documents that require downloads of templates or other data from the internet, especially from unknown users.”. A Change from Office Files.

Malware 121

Malware Phishing Antivirus Cyber threats 121

Security Affairs

AUGUST 23, 2020

A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. ” reads the post published by THN.

Malware 138

Malware Phishing Advertising Antivirus 138

Krebs on Security

JULY 20, 2021

Junk email campaigns touting employment or “money mule” scams cost $300 per million, and phishing emails could be blasted out through Severa’s botnet for the bargain price of $500 per million. Severa ran several affiliate programs that paid cybercriminals to trick people into installing fake antivirus software.

Antivirus 293

Antivirus Cybercrime Identity Theft Scams 293

Security Affairs

FEBRUARY 22, 2021

APOMacroSploit is a macro builder that was to create weaponized Excel documents used in multiple phishing attacks. Excel documents created with the APOMacroSploit builder are capable of bypassing antivirus software, Windows Antimalware Scan Interface (AMSI), and even Gmail and other email-based phishing detection.

Malware 119

Malware Antivirus Phishing Cryptocurrency 119

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. The Sentinel Labs’s analysis revealed that Black Basta ransomware operators develop and maintain their own toolkit, they documented only collaboration with a limited and trusted set of affiliates.

Cybercrime 101

Cybercrime Ransomware Antivirus Malware 101

SecureList

DECEMBER 27, 2022

The group usually takes advantage of Word documents and uses shortcut files for the initial intrusion. Based on our telemetry, we observed that one victim in the UAE was attacked using a malicious Word document. The victim received a document file named “Shamjit Client Details Form.doc” on September 2, 2022.

Malware 131

Malware Banking Passwords Antivirus 131

Security Affairs

AUGUST 28, 2022

Twilio hackers also breached the food delivery firm DoorDash Unprecedented cyber attack hit State Infrastructure of Montenegro Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus Critical flaw impacts Atlassian Bitbucket Server and Data Center Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access GoldDragon (..)

DDOS 79

DDOS Data breaches Malware Antivirus 79

SecureList

OCTOBER 18, 2023

The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an internet browser. Each phishing document contains an external link to fetch a remote page containing a CVE-2021-26411 exploit.

Malware 97

Malware Phishing Internet Internet 97

Hacker Combat

MARCH 16, 2021

Ransomware is malevolent programming that scrambles documents on a contaminated PC, in this manner keeping the proprietor from getting to them. Like any remaining kinds of pernicious programming, ransomware is, for the most part, disseminated through phishing messages that connect to a malignant substance or contain traded-off connections.

Ransomware 113

Ransomware Antivirus Malware Media 113

Security Affairs

OCTOBER 6, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. In the middle-August, the malware was employed in fresh COVID19-themed spam campaign.

Government 134

Government Banking Advertising Malware 134

Security Affairs

MAY 22, 2021

The attacks were spotted in 2020, threat actors leveraged spear-phishing attacks, exploitation of vulnerabilities in web applications, hacking the infrastructure of contractors to penetrate the infrastructure of the Russian federal executive authorities. . Group to download the collected data.

Computers and Electronics 120

Computers and Electronics Malware Antivirus Government 120

Malwarebytes

DECEMBER 2, 2021

Among the information that was stolen is access to government portals, Facebook, Twitter and Google credentials, banking information, and password-protected documents. The name of the archive file usually is in this pattern “Download-Name-FamilyName-CV.zip” “ New document.zip “: This loads a document as decoy.

Government 135

Government Banking Phishing Antivirus 135

Security Affairs

AUGUST 9, 2022

The threat actors launched spear-phishing campaigns against the victims, in some cases, the messages contained information related to the victims which were not publicly available. The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The vulnerability affects the MS Office component EQNEDT32.EXE

Antivirus 105

Antivirus Encryption Malware Hacking 105

Security Boulevard

MARCH 1, 2023

Attackers are increasingly using OneNote documents to distribute malware, due to the heightened security measures against macro-based attacks and the widespread adoption and popularity of the platform. Key Takeaways: Threat actors are increasingly using Microsoft OneNote documents to deliver malware via phishing emails.

Malware 78

Malware Phishing Threat Detection Encryption 78

Krebs on Security

SEPTEMBER 6, 2021

The Manipulaters’ core brand in the underground is a shared cybercriminal identity named “ Saim Raza ,” who for the past decade across dozens of cybercrime sites and forums has peddled a popular spamming and phishing service variously called “ Fudtools ,” “ Fudpage ,” “ Fudsender ,” etc.

Software 235

Software Phishing Cybercrime Accountability 235

Malwarebytes

MAY 19, 2022

A mainstay of business-centric attacks, everything from spear phishing to CEO fraud and Business Email Compromise (BEC) lies in wait for unwary admins. These may be obtained by phishing, social engineering, insider threats, or carelessly handed data. Failure to detect or block phishing attempts. Trusted relationships.

Phishing 134

Phishing Passwords Social Engineering VPN 134

Security Affairs

AUGUST 31, 2022

The phishing emails contain a Microsoft Office attachment that includes an external reference in its metadata which downloads a malicious template file. Upon opening the document, a malicious template file is downloaded and saved on the system. The template file contains a VB script that will start the infection process. .”

Malware 90

Malware DNS Antivirus Encryption 90

Krebs on Security

JULY 11, 2023

Microsoft has also published a blog post about phishing campaigns tied to Storm-0978 and to the exploitation of this flaw. In late 2022, security experts at Sophos , Trend Micro and Cisco warned that ransomware criminals were using signed, malicious drivers in an attempt to evade antivirus and endpoint detection and response (EDR) tools.

Software 202

Software Malware Antivirus Ransomware 202

Security Affairs

JULY 10, 2020

The archive contains LNK (shortcut) files that extract and execute JavaScript code while displaying a decoy document (usually a photo of an ID, credit card, or a bill to prove the physical address). The version 4.0 The image is stored in a file called SC4.P7D

eCommerce 101

eCommerce Advertising Malware Spyware 101

CyberSecurity Insiders

NOVEMBER 14, 2021

Keep highly-sensitive documents at home and make sure to properly dispose of any printed documents that contain personal data. #2: Still, most attackers will use trusted methods such as phishing, ransomware, or social engineering. Start with a solid antivirus and make sure all your software tools are up to date.

Identity Theft 122

Identity Theft Passwords Password Management Social Engineering 122

Hot for Security

MARCH 17, 2021

The group typically gains access to victim networks by compromising Remote Desktop Protocol (RDP) credentials and/or through phishing emails, the FBI notes. The cyber actors conduct network reconnaissance and execute commands to deactivate antivirus capabilities on targeted systems before deploying the ransomware.

Education 111

Education Healthcare Government Ransomware 111

Cytelligence

MAY 24, 2023

Here are seven best practices for cybersecurity in small businesses: Employee Education and Training: Provide cybersecurity awareness training to your employees, teaching them about common threats such as phishing emails, social engineering, and the importance of strong passwords. WPA2 or WPA3).

Small Business 52

Small Business Cybersecurity Antivirus Passwords 52

BH Consulting

AUGUST 16, 2023

As TechRepublic reports , IOCTA documents how cybercriminals often avail of multiple services for certain types of fraud. Europol plans to follow up the IOCTA report with three spotlight documents, each focusing on one emerging cybercrime trend. The group’s eighth annual Security Awareness Report is also its largest ever. “No

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

Security Affairs

MAY 16, 2020

Experts spotted a new malware dubbed QNodeService that was involved in Coronavirus-themed phishing campaign, crooks promise victims COVID-19 tax relief. Researchers uncovered a new malware dubbed QNodeService that was employed in a Coronavirus-themed phishing campaign. “The use of Node.js js” or “qnodejs-win32-x64.js”)

Malware 111

Malware Phishing Advertising Antivirus 111

Identity IQ

APRIL 12, 2023

What Methods Are Employed by Identity Thieves Phishing Identity thieves will create fake emails trying to impersonate an organization to get you to reveal information. Hacking Identity thieves may even try to hack databases, such as institutions or government agencies, to steal your personal information, such as tax-related documents.

Identity Theft 59

Identity Theft Computers and Electronics Accountability Phishing 59

Spinone

NOVEMBER 6, 2020

There, it encrypts emails, documents, calendars, and contacts, depending on the type and purpose of the ransomware. The same is fair for any type of data in the cloud: documents, calendars, contacts, sites, presentations, etc. In the case in the video, hackers had three opportunities: delete emails, encrypt them, or steal information.

Ransomware 52

Ransomware Backups Antivirus Encryption 52