Cyber threats and Malware - Cyber Security Informer

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Dunham Ken Dunham , Cyber Threat Director, Qualys Threat Research Unit Nation-state attacks and cloud compromises with long dwell times are rising as security lags behind post-Covid digital transformation. While streamlining threat response, AIs rapid integration raises ethical concerns, especially in national security.

Cyber threats

Cyber threats CISO IoT Phishing

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

The Last Watchdog

JANUARY 7, 2025

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist , a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

Threat Detection

Threat Detection Engineering Malware Artificial Intelligence

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware

Malware Cybersecurity Cyber threats Threat Detection

OpenAI Report: 10 AI Threat Campaigns Revealed Including Windows-Based Malware, Fake Resumes

Tech Republic Security

JUNE 6, 2025

OpenAI’s June 2025 report, which details 10 threats from six countries, warns that AI is accelerating cyber threats, lowering barriers for attackers, and calling for collective detection efforts.

Cyber threats

Cyber threats Malware Artificial Intelligence

Sekoia: Latest in the Financial Sector Cyber Threat Landscape

Tech Republic Security

NOVEMBER 22, 2023

Phishing, infostealer malware, ransomware, supply chain attacks, data breaches and crypto-related attacks are among the top evolving threats in the financial sector, says Sekoia.

Cyber threats

Cyber threats Data breaches Phishing Ransomware

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

The Hacker News

MAY 26, 2025

Cyber threats don't show up one at a time anymore. For cybersecurity teams, the key isnt just reacting to alertsits spotting early signs of trouble before they become real threats. Theyre layered, planned, and often stay hidden until its too late.

Cyber threats

Cyber threats Malware Cybersecurity

Android malware campaigns use.NET MAUI to evade detection

Security Affairs

MARCH 25, 2025

Researchers warn of a new Android malware that uses.NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using.NET MAUI to evade detection. Another malware observed by the experts targets Chinese-speaking users, stealing contacts, SMS, and photos through third-party app stores.

Malware

Malware Encryption Banking Cyber threats

Hackers Hijack JFK File Release: Malware & Phishing Surge

Security Boulevard

FEBRUARY 2, 2025

Veriti Research has uncovered a potentially growing cyber threat campaign surrounding the release of the declassified JFK, RFK, and MLK files. Attackers are capitalizing on public interest in these historical documents to launch potential malware campaigns, phishing schemes, and exploit attempts.

Phishing

Phishing Malware Cyber threats

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Security Affairs

JUNE 11, 2025

Between January and April 2025, INTERPOL led Operation Secure, a global effort that took down over 20,000 malicious IPs and domains linked to information-stealing malware. INTERPOL continues to support practical, collaborative action against global cyber threats. said Neal Jetton, INTERPOL’s Director of Cybercrime.

Cybercrime

Cybercrime Data collection Scams Cyber threats

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Security Affairs

FEBRUARY 4, 2025

Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous websites. The researchers analyzed the LNK files’ metadata, including Machine ID and MAC addresses, to trace infections linked to the same threat actor.

Banking

Banking Malware Antivirus Cyber threats

Every Computer and Smartphone in the Capitol Should be Considered Compromised and Dangerous

Joseph Steinberg

JANUARY 7, 2021

While much of the security-oriented focus regarding the storming of the Capitol building by protesters yesterday has rightfully been on the failure of the Capitol Police to prevent the breach of security, the country also faces a potentially serious cyber-threat as a result of the incident.

Malware

Malware Cyber threats Risk Cybersecurity

Threat Landscape Report: Uncovering Critical Cyber Threats to Hospitality and Recreation

Digital Shadows

MARCH 12, 2025

Lets dive into the key findings from this period and explore how organizations in this sector can strengthen their defenses against rising cyber threats. Another 5% of phishing emails carried malware, often infostealers that extract saved credentials from browsers.

Cyber threats

Cyber threats Cryptocurrency IoT Ransomware

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. Unfortunately, its misuse by malicious actors is altering the cyber threat landscape.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features

Penetration Testing

MAY 11, 2025

Cyber threat actors tied to North Korea are expanding their global reach with an updated strain of malware The post WaterPlums OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features appeared first on Daily CyberSecurity.

Malware

Malware Cyber threats Cybersecurity Cryptocurrency

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024

Tech Republic Security

OCTOBER 16, 2024

Zscaler ThreatLabz report reveals a 2024 surge in mobile, IoT, and OT cyberattacks, highlighting key trends and the need for zero trust security.

IoT

IoT Mobile Cyber threats Internet

Report Shows Ransomware Has Grown 41% for Construction Industry

Digital Shadows

NOVEMBER 12, 2024

By containing a threat as quickly as possible, organizations drastically limit incident impact, preventing damaging consequences such as data exfiltration, malware deployment, lateral movement, and operational downtime. On average, companies in the construction industry contain a threat within about 5 hours.

Ransomware

Ransomware Phishing Cyber threats Malware

CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware

Security Affairs

APRIL 4, 2025

. “The Ukrainian government’s computer emergency response team, CERT-UA, is taking systematic measures to accumulate and analyze data on cyber incidents in order to provide up-to-date information on cyber threats.” ” Since fall 2024, threat actor used compromised accounts to send emails with links (e.g.,

Malware

Malware Cyber threats Government Hacking

Digital life protection: How Webroot keeps you safe in a constantly changing world

Webroot

FEBRUARY 21, 2025

Cyber threats are no longer just the occasional virus or suspicious email. It combines multiple security capabilities into one easy-to-use package that includes: Antivirus protection Detects and neutralizes viruses, malware , spyware , and ransomware. Viruses and malware programs harm your devices or steal your data.

Antivirus

Antivirus Identity Theft Cyber threats Phishing

Honeywell Report OT Under Siege

SecureWorld News

JUNE 6, 2025

The Honeywell 2025 Cyber Threat Report delivers a sobering snapshot of today's industrial cybersecurity landscape: cyberattacks targeting operational technology (OT) environments are no longer rare or speculative—they're persistent, highly targeted, and increasingly sophisticated. OT defenders must plan for: Hybrid threats (e.g.,

Media

Media Social Engineering Malware Engineering

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

The Akira ransomware attack reveals the risks of overlooked IoT devices, evolving cyber threats, and EDR limitations. 1] Akira was subsequently able to encrypt files across the victims network.” ” reads the report published by the S-RM team. “Preventing and remediating novel attacks like this one can be challenging.

Ransomware

Ransomware IoT Encryption Passwords

When Prevention Fails: How Hackers and AI Are Forcing a Cybersecurity Rethink

Jane Frankland

MAY 18, 2025

On one side, defenders are using AI to predict, prevent, and respond to cyber threats with precision. This has given rise to Cybercrime-as-a-Service (CaaS) and Hacking-as-a-Service (HaaS)turnkey offerings that provide everything from ransomware kits to AI-generated malware and phishing campaigns.

Cybersecurity

Cybersecurity Backups Ransomware Firewall

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SecureWorld News

FEBRUARY 25, 2025

AI-powered threat detection is enabling organizations to identify and neutralize attacks faster, but adversarial AI is also supercharging cyber threats. According to the report: "AI can analyze vast amounts of security data in real time, identifying anomalies and potential threats faster than traditional methods.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Cyber threats

SideCopy APT Group Evolves Tactics, Targets Critical Indian Infrastructure

Penetration Testing

APRIL 10, 2025

The cyber threat landscape is in constant flux, with threat actors continuously refining their techniques to breach defenses and achieve their malicious objectives.

Cyber threats

Cyber threats Cybersecurity Phishing Malware

Massive InfoStealer Malware Breach Exposes 184 Million Credentials

SecureWorld News

JUNE 3, 2025

Fowler's analysis suggests that the data was harvested using InfoStealer malware, a malicious software designed to extract sensitive information from infected systems. This malware can siphon off credentials, autofill data, cookies, and even crypto wallet details, often without the user's knowledge.

Malware

Malware Passwords Identity Theft Phishing

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

SpyCloud , a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection. This allows security teams to neutralize threats in less than 15 minutes of discovery, reducing risk without straining resources or operational bandwidth.

Cybercrime

Cybercrime Phishing Accountability Malware

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

SecureWorld News

FEBRUARY 26, 2025

Dubai-based exchange Bybit was targeted in a malware-driven attack that resulted in the theft of approximately $1.46 The Bybit theft resulted from malware-driven manipulation of cold wallet transactions, exploiting multi-signature vulnerabilities," Soroko said. billion in crypto assets.

Hacking

Hacking Cryptocurrency Cyber threats Malware

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency

Cryptocurrency Malware Hacking Ransomware

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

Security Affairs

APRIL 30, 2025

Their campaigns involve multi-phase intrusions, initial access, privilege escalation, and data exfiltration, using modular malware, LOTL techniques, and evasive C2 infrastructure. The APT group uses RomCom malware in multi-stage attacks. Tools like WinRAR and Plink are deployed, with data exfiltrated from c:userspublicmusic.

Encryption

Encryption Ransomware Malware Phishing

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SecureWorld News

JANUARY 21, 2025

Keeping pests out of your home and keeping cyber threats out of your organization might seem worlds apart, but there are surprising parallels between the two. CISO takeaway: Cyber threats evolve constantly, with attackers using sophisticated tactics like ransomware-as-a-service or AI-driven malware.

CISO

CISO Cybersecurity Cyber threats Education

SMBs Know They’re At Risk, but Most Aren’t Embracing AI

Security Boulevard

MAY 8, 2025

A survey by CrowdStrike finds the gap between SMB awareness of cyber threats and efforts by them to protect themselves is widening, with not enough of them spending the money needed on AI and other tools to defend against ransomware and other attacks.

Risk

Risk Cyber threats Ransomware Data privacy

The Role and Benefits of AI in Cybersecurity

SecureWorld News

APRIL 13, 2025

Cyber threats evolve daily, often outpacing traditional security measures. On defense, AI analyzes network traffic, detects anomalies, and responds to threats in real time. Unlike traditional signature-based systems, AI excels at identifying new and unknown cyber threats, making security stronger and more adaptive.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Cyber threats

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. These factors make it a persistent cyber threat.

Scams

Scams Media Cryptocurrency Cybercrime

Black Friday Triggers Near 700% Rise in Retail Cyber Scams

SecureWorld News

DECEMBER 4, 2024

The United States retail sector faced an especially aggressive wave of cyber threats, with phishing attacks mimicking major holiday brands [3] including Walmart, Target, and Best Buy increasing by more than 2,000% during peak shopping periods. Here are five tips to help businesses protect themselves and their customers.

Retail

Retail Scams Phishing Cyber threats

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

JANUARY 20, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user. Approximately 70% of observed malware cases in 2024 derived from browser-based malware.

Surveillance

Surveillance Malware Data breaches Scams

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

IT Security Guru

JANUARY 30, 2025

So, lets explore how spread betting platforms are rising to this challenge and ensuring that their platforms are cyber risk-free. Cyber Risks Facing Spread Betting Platforms Cyber threats are becoming more dangerous than ever, and spread betting platforms are a major target for most of these cyberattacks.

Cyber Risk

Cyber Risk Risk Penetration Testing Accountability

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

DECEMBER 10, 2020

But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business. Payment card processing giant TSYS suffered a ransomware attack earlier this month. Headquartered in Columbus, Ga., Total System Services Inc.

Ransomware

Ransomware Financial Services Cyber threats Banking

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Jane Frankland

MAY 3, 2025

Allegedly orchestrated by the same group known as Scattered Spider, these attacks highlight the significant challenges even the most respected and established brands face in defending against modern cyber threats. Then, the focus of cyber attacks on retailers, and what lessons must be learned by business leaders and customers.

Cyber Attacks

Cyber Attacks Retail Cyber threats Backups

FireEye Hacked

Schneier on Security

DECEMBER 9, 2020

These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers. FireEye’s Red Team tools are essentially built from malware that the company has seen used in a wide range of attacks. None of the tools contain zero-day exploits. Reuters article.

Hacking

Hacking Government Cyber threats Malware

Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries

Security Affairs

NOVEMBER 27, 2024

. “Operation Serengeti (2 September – 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams – all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.” ” reads the press release published by INTERPOL.

Scams

Scams Cybercrime Ransomware Cyber threats

Microsoft Patch Tuesday, May 2023 Edition

Krebs on Security

MAY 9, 2023

“Local Privilege escalation vulnerabilities are a key part of attackers’ objectives,” said Kevin Breen , director of cyber threat research at Immersive Labs. However, as the SANS Internet Storm Center points out , the attack vector for this bug is local. “Therefore, the relatively low CVSSv3 base score of 6.7

Malware

Malware Software Internet Internet

Silent Ransom Group targeting law firms, the FBI warns

Security Affairs

MAY 24, 2025

“The cyber threat actor Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims.”

Social Engineering

Social Engineering Antivirus Phishing Engineering

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

While fully agentic AI malware remains years away, the industry must prepare now. The growing sophistication of cyber threats demands robust identity assurance solutions that include multifactor authentication, risk monitoring and adaptive verification collectively forming multi-factor verification (MFV.)

Risk

Risk Threat Detection Technology Phishing

Best WordPress Plugins for Cybersecurity 2025

IT Security Guru

MARCH 14, 2025

It also has a malware scanner that checks your site for viruses and suspicious code. The plugin also scans your website for malware and removes it if necessary. Conclusion Cyber threats are increasing, and UK businesses must take website security seriously.

Cybersecurity

Cybersecurity Firewall Cyber Attacks Passwords

Microsoft Patch Tuesday, April 2022 Edition

Krebs on Security

APRIL 13, 2022

Nine of the updates pushed this week address problems Microsoft considers “critical,” meaning the flaws they fix could be abused by malware or malcontents to seize total, remote access to a Windows system without any help from the user. . “Go patch your systems before that situation changes.”. 10 being the worst). .”

DNS

DNS Internet Internet Firewall

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

Trending Sources

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

OpenAI Report: 10 AI Threat Campaigns Revealed Including Windows-Based Malware, Fake Resumes

Sekoia: Latest in the Financial Sector Cyber Threat Landscape

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

Android malware campaigns use.NET MAUI to evade detection

Hackers Hijack JFK File Release: Malware & Phishing Surge

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Every Computer and Smartphone in the Capitol Should be Considered Compromised and Dangerous

Threat Landscape Report: Uncovering Critical Cyber Threats to Hospitality and Recreation

How threat actors can use generative artificial intelligence?

WaterPlum’s OtterCookie Malware Upgrades to v4 with Credential Theft and Sandbox Detection Features

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024

Report Shows Ransomware Has Grown 41% for Construction Industry

CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware

Digital life protection: How Webroot keeps you safe in a constantly changing world

Honeywell Report OT Under Siege

Akira ransomware gang used an unsecured webcam to bypass EDR

When Prevention Fails: How Hackers and AI Are Forcing a Cybersecurity Rethink

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SideCopy APT Group Evolves Tactics, Targets Critical Indian Infrastructure

Massive InfoStealer Malware Breach Exposes 184 Million Credentials

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SMBs Know They’re At Risk, but Most Aren’t Embracing AI

The Role and Benefits of AI in Cybersecurity

Crazy Evil gang runs over 10 highly specialized social media scams

Black Friday Triggers Near 700% Rise in Retail Cyber Scams

Privacy Roundup: Week 3 of Year 2025

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

FireEye Hacked

Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries

Microsoft Patch Tuesday, May 2023 Edition

Silent Ransom Group targeting law firms, the FBI warns

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Best WordPress Plugins for Cybersecurity 2025

Microsoft Patch Tuesday, April 2022 Edition

Stay Connected