Security Affairs

OCTOBER 14, 2020

G7 Finance ministers expressed concern on Tuesday over the rise in ransomware attacks during the Covid-19 pandemic, including some involving cryptocurrencies. Experts are observing a significant increase in the number of Ransomware attacks against hospitals, financial institutions, schools, and other critical infrastructure in G7 countries.

Ransomware 140

Ransomware Cryptocurrency Financial Services Banking 140

Security Affairs

NOVEMBER 20, 2023

The economically motivated APT group used specially crafted archives in phishing attacks against forum users through online trading forum posts. NSFOCUS Research Labs pointed out that exploitation of the CVE-2023-38831 flaw can be integrated into watering hole and phishing attacks. ” reads the report published by NSFOCUS.

Phishing 145

Phishing Financial Services Cryptocurrency Technology 145

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. The term is also used to describe malware seeking access to financial organizations’ IT infrastructures. Financial Phishing.

Banking 136

Banking Phishing Cryptocurrency Malware 136

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing 98

Phishing Energy and Utilities Insurance Manufacturing 98

SecureWorld News

FEBRUARY 18, 2021

And the targets in this case are widespread: banks, ATMs, cryptocurrency exchanges, online casinos, movie studios such as Sony Pictures, and theater chains such as AMC. million from an Indonesian cryptocurrency company in September 2018; and $11.8 million from an Indonesian cryptocurrency company in September 2018; and $11.8

Hacking 109

Hacking Cryptocurrency Computers and Electronics Banking 109

SecureList

MARCH 31, 2021

Even though, in 2020, we have seen ever more sophisticated cyberattacks, the overall statistics look encouraging: the number of users hit by computer and mobile malware declines, so does financial phishing. In this research, by financial malware we mean several types of malevolent software. Financial phishing.

Banking 145

Banking Phishing Malware Mobile 145

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 132

Data breaches Hacking Ransomware Financial Services 132

eSecurity Planet

SEPTEMBER 30, 2021

“Over the past few months, we’ve seen actors provide access to services that call victims, appear as a legitimate call from a specific bank and deceive victims into typing an OTP or other verification code into a mobile phone in order to capture and deliver the codes to the operator,” the Intel 471 researchers wrote.

Authentication 113

Authentication Social Engineering Phishing Banking 113

Security Affairs

JANUARY 13, 2019

Proofpoint analyzed two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang.

Malware 111

Malware DNS Financial Services Retail 111

Security Affairs

NOVEMBER 16, 2020

According to a report published by Kaspersky Lab in January 2020, in the two years the North Korea-linked APT group has continued to target cryptocurrency exchanges evolving its TTPs. In August, F-Secure Labs experts observed a spear-phishing campaign targeting an organization in the cryptocurrency industry.

Malware 114

Malware Software Cryptocurrency Financial Services 114

eSecurity Planet

JUNE 16, 2022

Cisco Umbrella , analyzing the threat environment for 2022, found that 86% of organizations experienced phishing, 69% experienced unsolicited crypto mining, 50% were affected by ransomware, and 48% experienced some form of information-stealing malware. Restoration is offered in exchange for a ransom, usually in cryptocurrencies.

Backups 145

Backups Ransomware Firewall Malware 145

The Last Watchdog

SEPTEMBER 7, 2022

Healthcare and public health, financial services, and IT organizations are frequent targets, although businesses of all sizes can fall victim to these schemes. Likewise, lookalike and spoofed web domains and well-crafted phishing emails now easily trick employees into thinking they’re dealing with trustworthy sources.

Ransomware 124

Ransomware Education Financial Services Phishing 124

Security Affairs

DECEMBER 17, 2023

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center New NKAbuse malware abuses NKN decentralized P2P network protocol Snatch ransomware gang claims the hack of the food giant Kraft Heinz Multiple flaws in pfSense firewall can lead to arbitrary code execution BianLian, White Rabbit, and Mario Ransomware Gangs Spotted (..)

Data breaches 130

Data breaches Cybercrime Firewall Ransomware 130

Malwarebytes

OCTOBER 27, 2023

In a security blog about Octo Tempest Microsoft states: “Octo Tempest monetized their intrusions in 2022 by selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals to steal their cryptocurrency.”

Social Engineering 122

Social Engineering Engineering Ransomware Backups 122

SecureList

DECEMBER 27, 2022

BlueNoroff group is a financially motivated threat actor eager to profit from its cyberattack capabilities. We have published technical details of how this notorious group steals cryptocurrency before. Japanese multinational banking and financial services. Mitsubishi UFJ Financial Group. Mizuho Financial Group.

Malware 145

Malware Banking Passwords Antivirus 145

Malwarebytes

DECEMBER 21, 2022

This allows the threat actors to harvest login credentials for banking applications and other financial services. The target apps include banking applications, cryptocurrency wallets, and crypto exchanges. It sends the harvested data to the attacker.

Banking 98

Banking Malware Financial Services Mobile 98

eSecurity Planet

NOVEMBER 16, 2021

Bad actors are increasingly using a technique called HTML smuggling to deliver ransomware and other malicious code in email campaigns aimed at financial services firms and other organizations, according to Microsoft researchers. Also, cryptocurrencies allow these attackers to collect their ransoms with almost anonymity.

Firewall 121

Firewall Ransomware Banking Malware 121

Security Boulevard

NOVEMBER 8, 2024

CISA is warning about a spear-phishing campaign that spreads malicious RDP files. 1 - CISA: Beware of nasty spear-phishing campaign Proactively restrict outbound remote-desktop protocol (RDP) connections. 1 - CISA: Beware of nasty spear-phishing campaign Proactively restrict outbound remote-desktop protocol (RDP) connections.

Phishing 49

Phishing Cybersecurity Cybercrime Ransomware 49

SC Magazine

APRIL 19, 2021

Recently, New York State’s Department of Financial Services issued a memorandum providing guidance to the insurance industry to help stabilize and safeguard the cyber insurance market. Extortion payment policy reform: Cryptocurrency has fueled the growth of ransomware.

Insurance 113

Insurance Cyber Insurance Ransomware InfoSec 113

Security Affairs

JANUARY 27, 2022

Large businesses appear to be affected, including FxPro Direct App – a trading platform with over five million installs on Google Play alone – and Europcar, a vehicle rental service with over one million installs on Google Play. Onfido, a London-based company, offers photo-based IDV services for businesses. Looming dangers.

Identity Theft 98

Identity Theft Accountability Data breaches Social Engineering 98

Security Boulevard

NOVEMBER 29, 2023

Initially perceived as a phishing campaign orchestrated by the EvilNum group, recent analyses by cybersecurity firm NSFOCUS have reclassified DarkCasino as an advanced persistent threat (APT). In a recent cybersecurity revelation, a formidable and highly sophisticated cyber threat has surfaced, going by the name DarkCasino.

Cyber threats 52

Cyber threats Phishing Cybersecurity Financial Services 52

eSecurity Planet

FEBRUARY 16, 2021

For access to the decryption key, the victim must make prompt payment, often in cryptocurrency shielding the attacker’s identity. Healthcare and financial services are the most attacked industries. Attackers will inform the victim that their data is encrypted. Ransomware facts.

Ransomware 97

Ransomware Backups Encryption Software 97

Centraleyes

DECEMBER 16, 2024

Attackers are becoming more organized, with ransomware-as-a-service (RaaS) operations providing easy access to malicious tools for even novice cybercriminals. Current cybersecurity trends show that attackers are now targeting critical infrastructure, healthcare, and financial services, leading to massive disruptions.

Cybersecurity 52

Cybersecurity Insurance Cyber Insurance Risk 52

NetSpi Executives

APRIL 27, 2024

Victims pay ransomware adversaries for decryption keys through cryptocurrency, such as Bitcoin. terminal services, virtual private networks (VPNs), and remote desktops—often use weak passwords and do not require MFA. Attackers guess the passwords easily, find them in open source code repositories, or collect them via phishing.

Ransomware 52

Ransomware Cyber Insurance Backups Insurance 52

SecureList

MAY 1, 2023

Can ChatGPT detect phishing links? We work on applying machine learning technologies to cybersecurity tasks, specifically models that analyze websites to detect threats such as phishing. live/login.php Yes, it is likely a phishing attempt. Is it phishing? Please explain why.

Phishing 128

Phishing DNS Cybersecurity Technology 128

SecureList

AUGUST 5, 2021

A fake notification about a Microsoft Teams meeting or a request to view an important document traditionally takes the victim to a phishing login page asking for corporate account credentials. Cybercriminals also faked emails from cloud services in schemes aimed at stealing not accounts but money. Statistics: phishing.

Phishing 130

Phishing Banking Scams Computers and Electronics 130

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. Meanwhile, cryptocurrency became a prominent target for those seeking monetary gain. Now we see that APT actors have also switched to crypto.

Banking 108

Banking Phishing Cryptocurrency Mobile 108

SecureWorld News

OCTOBER 15, 2020

The teens also took over Twitter accounts of several cryptocurrency companies regulated by the New York State Department of Financial Services (NYDFS). In its new report, the New York State Department of Financial Services says the cyberattack and resulting bitcoin scam netted the teen hackers at least $118,000.

Social Engineering 104

Social Engineering Media Scams Financial Services 104

SecureWorld News

SEPTEMBER 27, 2020

Some not only blindly facilitate the criminal norms of the cryptocurrency marketplace, but their law firms also blithely encourage cryptocurrency transactions by accepting bitcoin as a form of payment for their legal services. This last point about lawyers and cryptocurrency hits home and bothers me the most. Would a U.S.

Ransomware 95

Ransomware Cryptocurrency Computers and Electronics Banking 95

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. These sites referenced public figures and humanitarian groups, offering to accept cash in cryptocurrency, something that should have raised a red flag in itself.

Phishing 113

Phishing Scams Accountability Energy and Utilities 113