Security Affairs

SEPTEMBER 1, 2023

SapphireStealer is an open-source information stealer written in.NET, which is available in multiple public malware repositories since its public release in December 2022. SapphireStealer allows operators to gather system data (i.e. The malware is also able to siphon files stored with specific extensions and take screenshots.

Malware 110

Malware Data collection Architecture Hacking 110

Security Affairs

OCTOBER 27, 2022

Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin payload-related alert in the last 30 days. In some cases, the attackers delivered the Truebot malware between the Raspberry Robin infection and the Cobalt Strike deployment.

Ransomware 101

Ransomware Malware Data collection Encryption 101

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. New cybercrime groups are also expected to start operations in Asia and Latin America. Security Affairs – Central Bank of Russia, cybercrime ). Pierluigi Paganini.

Cybercrime 87

Cybercrime Hacking Banking Phishing 87

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. Experts found multiple variants in the wild, many of them belonging to the Terdot Zbot/Zloader malware family. The malware is able to infect all operating systems.

Banking 136

Banking Advertising Malware Cybercrime 136

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. “The 911[.]re FORUM ACTIVITY?

VPN 312

VPN Computers and Electronics Antivirus Software 312

Security Affairs

MARCH 7, 2021

jailbreaking tool Attackers took over the Perl.com domain in September 2020 Bug bounty hunter awarded $50,000 for a Microsoft account hijack flaw Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys Cyber Defense Magazine – March 2021 has arrived. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches 68

Data breaches Data collection Ransomware Hacking 68

SecureWorld News

JUNE 21, 2023

Info stealers are a type of malware that specializes in collecting various credentials and personal information from infected computers. This includes data from browsers, such as saved credentials, browsing history, and cookies, as well as information from instant messengers and emails.

Accountability 123

Accountability Data collection Cyber threats Cybersecurity 123

Security Affairs

OCTOBER 4, 2023

The data collected paints a vivid picture, revealing 1,736 ransomware claims, with 53 incidents specifically targeting Italy. Geographical data and affected sectors provide crucial insights into emerging trends and threats. Wrapping up: The second quarter of 2023 reflects a concerning surge in ransomware attacks globally.

Ransomware 113

Ransomware Data collection Cyber threats Hacking 113

Security Affairs

APRIL 15, 2023

A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. ” The library can load web pages without user awareness, this means that the malware can load ads for financial profit.

Data collection 97

Data collection Mobile Malware Education 97

Security Affairs

FEBRUARY 13, 2024

The data collected unearthed a total of 1771 ransomware claims, with 55 recorded incidents in Italy. Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities.

Ransomware 112

Ransomware Data collection Hacking Cybersecurity 112

Security Affairs

JANUARY 9, 2023

All data collected by the dashboard can be exported in different formats and can be analyzed using useful graphics. . “The strength of this OSINT Italian project , quite unique in its kind, is the chance of following it with a standard, worldwide and easy RSS feed.” ” explained the development team.

Ransomware 95

Ransomware Data collection Hacking Cybersecurity 95

Security Affairs

OCTOBER 11, 2020

Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year. The HTA report warns of an intensification of malicious activities conducted by both nation-states and cybercrime groups. critical infrastructure.

Government 141

Government Advertising Data collection Hacking 141

SecureList

SEPTEMBER 28, 2022

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. Active since 2014, in 2016, the group decided to give up ATM malware and focus all of their attacks on PoS systems, targeting the core of the payment industry. Evolving into PoS malware.

Malware 114

Malware Banking Software Encryption 114

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. “Our office is committed to holding these criminals accountable and protecting our communities as cybercrime becomes an ever more prominent threat.”

Accountability 107

Accountability Banking Advertising Data collection 107

SecureList

MARCH 29, 2023

However, traditional financial threats – such as banking malware and financial phishing, continue to take up a significant share of such financially-motivated cyberattacks. For instance, malicious spam campaigns targeting organizations grew 10-fold in April 2022, spreading Qbot and Emotet malware. of all phishing attacks in 2022.

Banking 82

Banking Phishing Cryptocurrency Mobile 82

Malwarebytes

DECEMBER 7, 2021

Nickel’s techniques vary, but in the end the group’s activity has only one objective, namely to implant stealthy malware for getting into networks, stealing data, and spying on government agencies, think tanks, and human rights organizations. Targets, methods, and techniques.

Hacking 101

Hacking Malware Surveillance Data collection 101

SecureList

NOVEMBER 10, 2022

If the cryptomining malware is installed successfully on the victim’s computer, it delivers its operator stable earnings. The main tool we use to obtain and analyze threat-related data is Kaspersky Security Network (KSN). Not always malware. Ways of propagation. Cryptojacking in numbers.

Cryptocurrency 121

Cryptocurrency Malware Software Ransomware 121

Malwarebytes

DECEMBER 7, 2021

Nickel’s techniques vary, but in the end the group’s activity has only one objective, namely to implant stealthy malware for getting into networks, stealing data, and spying on government agencies, think tanks, and human rights organizations. Targets, methods, and techniques.

Hacking 79

Hacking Malware Surveillance Data collection 79

Security Affairs

DECEMBER 29, 2023

Under Christmas tree you can find great gifts such as significant improvements of user interface (panel), modal windows on loading and expansion of data collection objects. The New Year’s Update Before the New Year 2024, the Meduza team decided to please customers with an update.

Password Management 131

Password Management Cryptocurrency Passwords Authentication 131

eSecurity Planet

AUGUST 10, 2022

From mass production of cheap malware to ransomware as a service (RaaS) , cyber criminals have industrialized cybercrime, and a new HP Wolf Security report warns that cybercriminals are adapting advanced persistent threat (APT) tactics too. These simulations can help organizations stay one step ahead of cyber criminals.

Ransomware 132

Ransomware Digital transformation Malware Internet 132

Security Affairs

SEPTEMBER 18, 2020

Ransomware , the headliner of the previous half-year, walked off stage: only 1 percent of emails analyzed by Group-IB’s Computer Emergency Response Team (CERT-GIB) contained this kind of malware. They are followed by banking Trojans , whose share in the total amount of malicious attachments showed growth for the first time in a while.

Phishing 106

Phishing Ransomware Spyware Banking 106

The Last Watchdog

JULY 30, 2018

More than 230,000 new malware samples are launched every day. And the cost of damage directly related to cybercrime is adding up, expected to reach $6 trillion by 2021. Security analysts need the ability to view attacks as they unfold by enriching data collected from across the business with contextual and behavioral insights.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

Security Affairs

NOVEMBER 15, 2018

As regards to genuine notifications from the Central Bank of Russia, in the past hackers from Lurk and Buhtrap used them to send malware to bank employees. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Pierluigi Paganini.

Banking 105

Banking Computers and Electronics Phishing Cybercrime 105

Security Affairs

OCTOBER 15, 2018

In addition to technological ways of attracting traffic by using bots that target opinion leaders, scammers do not shy away from the classic tactic of mass email blasts purporting to be from popular brands, with 20% of users opening emails that contain content that is characteristic of malware or phishing. Pierluigi Paganini.

Marketing 81

Marketing Phishing Media Engineering 81

Security Affairs

NOVEMBER 8, 2021

With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover, the healthcare industry collects unique data, known as Protected Health Information (PHI), which is extremely valuable. The healthcare industry might be known for the work it does to treat patients.

Healthcare 105

Healthcare Identity Theft Digital transformation Data collection 105

SecureList

DECEMBER 2, 2022

This is the most precious source of intelligence as it provides unique and reliable data from trusted systems and technologies. Kaspersky’s private Threat Intelligence Portal (TIP), which is available to customers as a service, offers limited access to such in-house technical data. In other words, the concept of defense in depth.

Cyber threats 117

Cyber threats DNS Technology Engineering 117

Security Affairs

MARCH 14, 2019

We dubbed this JS Sniffer family GMO because the malware uses gmo[.]li 1 The screenshot shows a one-line code (line # 771) that downloads a JS Sniffer designed to steal customers’ data once a user lands on a checkout page. JS Sniffers is a type of malware that remains poorly researched. li host.”. Pierluigi Paganini.

eCommerce 90

eCommerce Marketing Data breaches Advertising 90

SecureList

SEPTEMBER 6, 2022

In this report, we provide the latest statistics on cyberthreats to gamers, as well as detailed information on the most widespread and dangerous types of malware that players must be aware of. As the mobile gaming market continues to grow, we analyzed KSN data specifically on mobile threats. Methodology. Key findings. Grand Theft Auto.

Mobile 113

Mobile Passwords Software Accountability 113

Security Affairs

NOVEMBER 19, 2019

CERT-GIB’s report is based on data collected and analyzed by the Threat Detection System (TDS) Polygon as part of operations to prevent and detect threats distributed online in H1 2019 in more than 60 countries. Another trend was disguising malware in emails. Half as much malware was distributed through links in 2018.

Ransomware 71

Ransomware Antivirus Malware Banking 71

BH Consulting

AUGUST 31, 2023

Those risks include: Fraud, spam or virus attacks Falling prey to online scams, resulting in data or identity theft Potential for negative comments from employees about the organisation Legal consequences if employees use these sites to view or distribute objectionable, illicit or offensive material. billion dollars in annual global revenue.

Media 52

Media Accountability Authentication Passwords 52

Security Affairs

OCTOBER 27, 2022

Either way, even if all of the data was essential, that doesn’t make it less sensitive if leaked. Cases like these raise questions about corporate data collection practices. The ramifications of a data leak of such scale are worrying to say the least,” Sasnauskas explained.

IoT 116

IoT Engineering Passwords Media 116

Security Affairs

OCTOBER 10, 2018

An exception to this is the malware Banks in Your Hand. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Security Affairs – financial sector, cybercrime ). New Android Trojans— Easy, Exobot 2.0, Pierluigi Paganini.

Cyber Attacks 86

Cyber Attacks Banking Cyber threats Phishing 86

Malwarebytes

APRIL 10, 2024

Digital security is about so much more than malware. When I started Malwarebytes more than 16 years ago, malware was the primary security concern—the annoying pop-ups, the fast-spreading viruses, the catastrophic worms—and throughout our company’s history, Malwarebytes routinely excelled against this threat. It was our attitude.

Data breaches 72

Data breaches Passwords Banking Malware 72

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware.

Cryptocurrency 238

Cryptocurrency Cybercrime Computers and Electronics Scams 238

Malwarebytes

JUNE 30, 2022

The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon stealer is malware as a service, with the developers selling it to would-be users. If files end up on malware scanning services, the malware authors know exactly who the leak has come from.

Cryptocurrency 80

Cryptocurrency Malware Data collection Passwords 80

Security Affairs

NOVEMBER 28, 2020

The news reported by ZDnet is not surprising, I have discovered several times such kind of offer, but it is important to raise awareness on the cybercrime-as-a-service model that could rapidly enable threat actors to carry out malicious activities. Exploit.in

Accountability 107

Accountability Cybercrime Hacking Retail 107

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open-sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. in Q2 2022.

Threat Reports 89

Threat Reports Phishing Malware Banking 89