Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 139

Phishing Data breaches Cryptocurrency Social Engineering 139

Hot for Security

JUNE 17, 2021

In December last year, we reported how the email and mailing addresses of some 270,000 Ledger customers had been published on a hacking forum following a data breach. At the time we warned users of the hardware cryptocurrency wallet to watch out for phishing scams that might attempt to steal users’ credentials.

Cryptocurrency 145

Cryptocurrency Data breaches Scams Phishing 145

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 91

Small Business Cybersecurity Scams Passwords 91

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency 112

Cryptocurrency Hacking Malware Data breaches 112

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. 2, and Aug.

Phishing 342

Phishing Mobile Authentication Accountability 342

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” A phishing message targeting FTX users that went out en masse today.

Mobile 244

Mobile Cyber Risk Data breaches Cryptocurrency 244

Tech Republic Security

NOVEMBER 22, 2023

Phishing, infostealer malware, ransomware, supply chain attacks, data breaches and crypto-related attacks are among the top evolving threats in the financial sector, says Sekoia.

Cyber threats 212

Cyber threats Data breaches Phishing Ransomware 212

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

SecureList

DECEMBER 16, 2024

Verdict: Partially fulfilled Evolution and market dynamics of Bitcoin mixers and cleaning services In 2024, there was no significant increase in the number of services advertising cryptocurrency “cleaning” solutions. It is worth noting that a breach does not necessarily have to affect critical assets to be destructive.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Identity IQ

JANUARY 19, 2022

5 Data Breach Trends to Anticipate This Year. In its recent annual Data Breach Industry Forecast, credit reporting agency Experian made five predictions for cybercrime and data breach trends to expect this year. Here are five data breach and cybercrime trends to anticipate this year.

Data breaches 111

Data breaches Scams Cybercrime Phishing 111

Security Affairs

APRIL 12, 2021

Users on the hacker forum can view the leaked samples for about $2 worth of forum credits, the threat actor was auctioning the much-larger 500 million user database for at least a 4-digit sum, worth of bitcoin or other cryptocurrencies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn.

Data breaches 126

Data breaches Phishing Accountability Cryptocurrency 126

Security Affairs

DECEMBER 8, 2024

warn of PRC-linked cyber espionage targeting telecom networks U.S. Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence 104

Artificial Intelligence Spyware Hacking Ransomware 104

Heimadal Security

MARCH 2, 2023

A phishing campaign poses as a Trezor data breach notification order to steal a target’s cryptocurrency wallet and assets. Trezor is a hardware cryptocurrency wallet that allows users to store their cryptocurrency offline rather than in cloud-based or device-based wallets.

Scams 98

Scams Phishing Cryptocurrency Data breaches 98

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. The now-defunct and always phony cryptocurrency trading platform xtb-market[.]com,

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Krebs on Security

JULY 15, 2024

The Squarespace domain hijacks, which took place between July 9 and July 12, appear to have mostly targeted cryptocurrency businesses, including Celer Network , Compound Finance , Pendle Finance , and Unstoppable Domains.

Accountability 339

Accountability Cryptocurrency Passwords DNS 339

Troy Hunt

JUNE 11, 2018

Running Have I Been Pwned (HIBP) has presented some fascinating insights into all sorts of aspects of how data breaches affect us; the impact on the individual victims such as you and I, of course, but also how they affect the companies involved and increasingly, the role of government and law enforcement in dealing with these incidents.

Cryptocurrency 167

Cryptocurrency Cybercrime Data breaches Passwords 167

SecureWorld News

JANUARY 20, 2023

Popular email marketing service MailChimp recently fell victim to another data breach, this time caused by a successful social engineering attack on its employees and contractors. Such information could be exploited by threat actors in phishing attacks.

Social Engineering 98

Social Engineering Data breaches Engineering Accountability 98

Bleeping Computer

MARCH 1, 2023

An ongoing phishing campaign is pretending to be Trezor data breach notifications attempting to steal a target's cryptocurrency wallet and its assets. [.]

Phishing 83

Phishing Data breaches Cryptocurrency 83

Krebs on Security

APRIL 6, 2022

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. “voice phishing” a.k.a. “vishing”).

Social Engineering 293

Social Engineering Phishing Accountability Engineering 293

Security Affairs

JANUARY 12, 2025

cannabis dispensary STIIIZY disclosed a data breach A novel PayPal phishing campaign hijacks accounts Banshee macOS stealer supports new evasion mechanisms Researchers disclosed details of a now-patched Samsung zero-click flaw Phishers abuse CrowdStrike brand targeting job seekers with cryptominer China-linked APT group MirrorFace targets Japan U.S.

Data breaches 62

Data breaches Phishing Social Engineering Engineering 62

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 71

Spyware Data breaches DNS Ransomware 71

Security Affairs

APRIL 20, 2025

CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog Entertainment venue management firm Legends International disclosed a data breach China-linked APT Mustang Panda upgrades tools in its arsenal Node.js

Data breaches 62

Data breaches Malware Phishing Hacking 62

Malwarebytes

JULY 4, 2024

In that post, ShinyHunters suggests that buyers combine the data set with those leaked in the Gemini or Nexo data breaches. Nexo is a crypto platform where users can buy, exchange, and store Bitcoin and other cryptocurrencies. Gemini is another cryptocurrency exchange which has suffered several breaches in the past years.

Cryptocurrency 133

Cryptocurrency Phishing Authentication Data breaches 133

Security Affairs

OCTOBER 2, 2021

According to a data breach notification letter filed with US state attorney general offices, the attackers with the knowledge of their username and password and phone number associated with the account, were able to steal funds bypassing the SMS-based authentication. ” reads the data breach notification letter. .

Data breaches 142

Data breaches Cryptocurrency Authentication Accountability 142

Centraleyes

DECEMBER 16, 2024

Verizons Data Breach Investigations Report showed that 74% of security breaches involve a human element, with system administrators and developers accounting for most of these errors. These tools will help companies stay compliant with evolving regulations while minimizing the risk of data breaches.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing 102

Phishing Banking Retail Financial Services 102

SecureWorld News

APRIL 23, 2025

In its 17th edition, Verizon's 2025 Data Breach Investigations Report (DBIR) continues to deliver one of the most comprehensive analyses of cyber incidents worldwide. Stolen credentials played a role in more than 60% of breaches, making them the top vector once again. Phishing accounted for nearly 25% of all breaches.

Ransomware 100

Ransomware Backups CISO Risk 100

Security Affairs

MAY 18, 2025

European Class Action as potential next step Cofense Reveals Rapid Rise in AI-Powered Phishing: New Threat Every 42 Seconds Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Data breaches 64

Data breaches Cybercrime Ransomware Cyber Attacks 64

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 80

Malware Cryptocurrency Encryption Phishing 80

Malwarebytes

SEPTEMBER 30, 2022

On an online forum, optusdata threatened to publish the data of 10,000 Optus customers per day unless they received $1 million in cryptocurrency. They began by posting the data of 10,200 customers. We can’t even be hundred percent sure that the person posting that statement is the actual holder of the data.

Data breaches 97

Data breaches Banking Cryptocurrency Hacking 97

Security Boulevard

MARCH 24, 2025

Vulnerabilities Apples Passwords app was vulnerable to phishing attacks for nearly three months after launch 9to5Mac Mysk security researchers first discovered this vulnerability after noticing the Passwords app had connected to 130 different domains over regular (unencrypted) HTTP.

Surveillance 75

Surveillance Telecommunications Data breaches Spyware 75

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? Now the important question: how many of you got scammed in some sort of way by cryptocurrency or another type of investment? The report shows that phishing schemes were the most common type of cybercrime reported by victims in 2022, with 300,497 complaints.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

SecureWorld News

MAY 14, 2025

Top cybercrime categories: Phishing/spoofing: 193,407 complaints Extortion: 86,415 complaints Personal data breaches: 64,882 complaints Cryptocurrency-related scams: Nearly 150,000 complaints involved cryptocurrency, accounting for $9.3 billion in losses. billion.

Cybercrime 71

Cybercrime Scams Cryptocurrency Internet 71

Security Affairs

MAY 19, 2024

records on Chinese users Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea U.S. elections face more threats from foreign actors and artificial intelligence Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 121

Data breaches Artificial Intelligence Ransomware Hacking 121

Malwarebytes

MARCH 17, 2022

The linked article focuses on misconfiguration, phishing issues, limiting data share, and the ever-present Internet of Things. Cryptocurrency wallet attacks. Digital wallet phish attempts are rampant on social media, and we expect this to rise. Below, we dig into a few of those. Ransomware supply chain triple-threat.

Cryptocurrency 134

Cryptocurrency Backups Phishing Password Management 134

Security Affairs

AUGUST 7, 2018

Group-IB researchers have investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, when cryptocurrencies were gaining momentum, their record-breaking capitalization and a spike in Bitcoin’s exchange rate led to dozens of attacks on cryptocurrency services.

Cryptocurrency 75

Cryptocurrency Passwords Authentication Accountability 75