Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. A new financially motivated threat actor, tracked by FireEye Experts as UNC2529, has targeted many organizations in the United States and other countries using several new pieces of malware.

Cybercrime 101

Cybercrime Malware Manufacturing Retail 101

Krebs on Security

MAY 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name. Source: DOJ. Vladimir Gorin , a.k.a

Cybercrime 176

Cybercrime Banking Small Business Computers and Electronics 176

Security Affairs

JULY 8, 2022

The operators behind the TrickBot malware are systematically targeting Ukraine since the beginning of the war in February 2022. Since February, the Conti ransomware group has taken over TrickBot malware operation and also planned to replace it with BazarBackdoor malware. ” concludes IBM.

Cybercrime 95

Cybercrime Malware DDOS Ransomware 95

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:?

Phishing 89

Phishing Cybercrime Ransomware Encryption 89

SecureWorld News

OCTOBER 30, 2023

When it comes to impactful types of internet-borne crime, phishing is the name of the game. It serves as a vessel for various strains of malware, including ransomware, and underlies data-stealing campaigns that target large organizations and individuals alike. And for good reason. Tactics matter a lot, too.

Phishing 100

Phishing Scams Passwords Wireless 100

Security Boulevard

JULY 28, 2022

Emotet is a Windows-based malware loader operated by the cybercrime group TA542 ( 1 ), also referred to as Mummy Spider ( 2 ). Emotet is primarily distributed through phishing campaigns ( 1 ). Emotet has been observed dropping other malware families such as Qakbot ( 5 ) and CobaltStrike ( 6 ). Macro when Enabled.

Encryption 59

Encryption Malware Phishing Cybercrime 59

CyberSecurity Insiders

APRIL 18, 2023

Cybersecurity analysts from Securonix have discovered a new malware variant hiding in the images produced by the James Webb Space Telescope. Technically, images embedded with malware are a common web affair these days, and that is what the memes trolling the big celebrities speak about.

Malware 106

Malware Cybercrime Phishing Cybersecurity 106

Identity IQ

FEBRUARY 7, 2023

What is Phishing? One of the most common techniques used to exploit web users is the phishing scam. This article will cover what phishing is, cybercriminals’ different approaches, and how to prevent yourself from becoming a victim. What is Phishing? How Does Phishing Work? Spear Phishing.

Phishing 98

Phishing Identity Theft Scams Banking 98

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware 93

Malware Phishing Banking Hacking 93

Malwarebytes

JULY 19, 2022

This data includes identification documents, spreadsheets related to Roblox creators, and various email addresses. At time of writing, there’s no specifics with regard to the “identification documents” This could mean driving licence, passport, employee ID scan…we simply don’t know at the moment.

Accountability 90

Accountability Phishing Hacking Ransomware 90

Security Affairs

JUNE 29, 2023

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year.

Malware 83

Malware Cybercrime Phishing Internet 83

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware 90

Malware Phishing Banking Hacking 90

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. This isn’t a good thing when tackling malware developments. ” Have you ever stopped to consider “what, exactly, are we up against” when dealing with malware? “How bad is it, really?”

Cybercrime 108

Cybercrime Malware Banking Phishing 108

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 250

Hacking Malware Ransomware Government 250

Malwarebytes

SEPTEMBER 11, 2023

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. exe and a bundled script.

Malware 114

Malware Social Engineering Cryptocurrency Cybercrime 114

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering 77

Social Engineering Mobile Authentication Engineering 77

Security Affairs

NOVEMBER 9, 2022

Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 Researchers from AhnLab Security Emergency Response Center (ASEC) reported that the Amadey malware is being used to deploy LockBit 3.0 Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads.

Malware 91

Malware Ransomware Cybercrime Phishing 91

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. The Sentinel Labs’s analysis revealed that Black Basta ransomware operators develop and maintain their own toolkit, they documented only collaboration with a limited and trusted set of affiliates.

Cybercrime 97

Cybercrime Ransomware Antivirus Malware 97

Malwarebytes

FEBRUARY 6, 2024

Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 101

Ransomware Cybercrime Malware Social Engineering 101

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. Client-side attacks on the wane.

Cybercrime 137

Cybercrime Banking Malware Ransomware 137

Security Affairs

DECEMBER 25, 2021

The phishing messages use weaponized Word or Excel attachments to install the Dridex banking Trojan. “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads a phishing message shared by Bleeping Computer.

Phishing 128

Phishing Passwords Banking Malware 128

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. In the documented attack, once the backdoor is deployed, UNC2465 interactively established an NGROK tunnel and performed lateral movements in less than 24 hours. Pierluigi Paganini.

Cybercrime 105

Cybercrime Ransomware Antivirus Software 105

Security Affairs

SEPTEMBER 29, 2022

The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. ” concludes the report.

Malware 121

Malware Cybercrime Phishing Hacking 121

Schneier on Security

JANUARY 28, 2021

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware.

Malware 239

Malware Phishing Ransomware Cybercrime 239

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC.

Data breaches 99

Data breaches Phishing Ransomware Malware 99

Security Affairs

MARCH 14, 2024

In the campaign observed by ZDI, threat actors used PDF documents lures that contained Google DoubleClick Digital Marketing (DDM) open redirects. “The phishing campaign employed open redirect URLs from Google Ad technologies to distribute fake Microsoft software installers (.MSI) MSI) installers. In mid-February, U.S.

Phishing 106

Phishing Malware Software Internet 106

CyberSecurity Insiders

JUNE 19, 2022

There are several types of phishing attacks, which are just one form of cybercrime. . A phishing attack takes place when a criminal pretends to be someone they’re not to trick people into giving over their personal information, such as their credit card details. Email phishing is also known as deception phishing.

Phishing 118

Phishing Media Cybercrime DNS 118

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. In October 2022, Lazarus Group started using a malicious Microsoft Office document to deliver the AppleJeus malware.

Cryptocurrency 78

Cryptocurrency Malware Scams Cybercrime 78

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. Image: Abnormal Security. billion in 2020. Image: FBI.

Ransomware 358

Ransomware Social Engineering Cybercrime Scams 358

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing 83

Phishing Social Engineering Malware Advertising 83

Security Affairs

FEBRUARY 13, 2023

Alleged Russian threat actors have been targeting cryptocurrency users in Eastern Europe with Enigma info-stealing malware. A malware campaign conducted by alleged Russian threat actors has been targeting users in Eastern European in the crypto industry. ” reads the analysis published by Trend Micro. ” continues the report.

Cryptocurrency 83

Cryptocurrency Malware Media Phishing 83

Security Affairs

MAY 21, 2024

The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems. The attacks began with a spam/phishing email containing malicious URL links. Sunoco is the largest at 8 billion gallons.

Hacking 120

Hacking Ransomware Phishing Malware 120

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 105

Phishing Advertising Cryptocurrency Encryption 105

Security Affairs

JANUARY 27, 2019

The Cobalt cybercrime gang has been using Google App Engine to distribute malware through PDF decoy documents. The Cobalt hacking group has been using Google App Engine to distribute malware through PDF decoy documents. Attackers used specially crafted PDF documents created with the Adobe Acrobat 18.0

Engineering 86

Engineering Cybercrime Banking Advertising 86

Malwarebytes

MARCH 29, 2022

We’ve also observed several different wipers and cybercrime groups such as FormBook using the same tactics. These methods include using documents that exploit CVE-2017-0199 and CVE-2021-40444, macro-embedded documents, and executables. Spear phishing as the main initial infection vector. Figure 1: Phishing template.

Phishing 74

Phishing Education Telecommunications Technology 74

SC Magazine

JUNE 17, 2021

” The attacker then uses the phishing lure to get the victim to “ Click here to download the document.” Once the victim clicks on the link, they are redirected to the actual malicious phishing website where their credentials are stolen through a web page designed to mimic the Google Login portal.

Phishing 110

Phishing Social Engineering Engineering CISO 110

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Data breaches 103

Data breaches Cybercrime Ransomware Hacking 103