Malwarebytes

FEBRUARY 6, 2024

Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 100

Ransomware Cybercrime Malware Social Engineering 100

Malwarebytes

APRIL 19, 2022

These days, financial cybercrimes often involve Bitcoin and other cryptocurrencies. Since 2018, one of the Lazarus Group’s tactics has been to disguse AppleJeus malware as cryptocurrency trading platforms for both Windows and Mac. Educate users on social engineering attacks like spearphishing. Mitigation.

Social Engineering 115

Social Engineering Cryptocurrency Computers and Electronics Engineering 115

Security Boulevard

APRIL 14, 2022

In April 2022, hackers targeted the customers of eight Malaysian banks by urging them to download malicious apps. The apps stole user credentials and forwarded the messages to the malware operators. Bad actors love social engineering, and even distribute the spoofed websites via Facebook ads.

DNS 72

DNS Social Engineering Cybercrime Banking 72

Security Affairs

APRIL 25, 2023

North Korea-linked APT group BlueNoroff (aka Lazarus) was spotted targeting Mac users with new RustBucket malware. Researchers from security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket, family in recent attacks. The trojan can run on both ARM and x86 architectures.

Malware 82

Malware Social Engineering Architecture Education 82

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. PC malware The number of users affected by financial malware for PCs dropped by 11% from 2022. Ramnit and Zbot were the prevalent malware families, together targeting over 50% of affected users. Money is what always attracts cybercriminals.

Phishing 80

Phishing Banking Mobile Scams 80

BH Consulting

AUGUST 16, 2023

Shedding the light of the law on cybercrime methods Today’s cybercrime landscape involves criminals operating across borders as business-like syndicates, says Europol. The agency’s ninth Internet Organised Crime Assessment (IOCTA) 2023 report gives a law enforcement perspective on current cybercrime techniques.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Social Engineering 174

Social Engineering Cyber Attacks Scams Engineering 174

CyberSecurity Insiders

OCTOBER 14, 2021

This gang of cybercriminals targets individuals within an organization with social engineering tactics designed to fool them into opening a document from a ZIP file attached to an email. Ransomware is then downloaded and the breach is underway. How do hackers use social engineering? OnePercent Group attacks.

Social Engineering 133

Social Engineering Ransomware Engineering Phishing 133

SecureList

APRIL 13, 2023

Recently we explored the topic of infection methods, including malvertising and malicious downloads. In this blog post, we provide excerpts from the recent reports that focus on uncommon infection methods and describe the associated malware. According to the author, the malware: Is written in C/C++, while the C2 is written in Golang.

Malware 98

Malware Engineering Advertising Phishing 98

Security Affairs

JANUARY 24, 2022

Experts warn Emotet malware campaign using “unconventional” IP address formats in an attempt to evade detection. Threat actors behind a recent Emotet malware campaign have been observed using using “unconventional” IP address formats to evade detection. ” reported Trend Micro. ” reported Trend Micro.

Malware 126

Malware Social Engineering Ransomware Banking 126

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 86

Spyware Hacking Malware Social Engineering 86

Identity IQ

FEBRUARY 14, 2024

Spear phishing is a targeted form of cybercrime that focuses on specific individuals or organizations. The selection process involves meticulous research and social engineering to help identify potential targets. Only download or click on something if you’re 100% sure about its origin. What Is Spear Phishing?

Phishing 94

Phishing Identity Theft Social Engineering Scams 94

Security Affairs

MARCH 7, 2023

The experts found similarities between the SYS01 stealer and another info stealing malware, tracked as S1deload, that was discovered by Bitdefender researchers. “We have seen SYS01 stealer attacking critical government infrastructure employees, manufacturing companies, and other industries.”

Government 92

Government Manufacturing Social Engineering Malware 92

SecureWorld News

NOVEMBER 8, 2023

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. Given the much more psychologically focused and methodical ways that social engineering attacks can be conducted, it makes spotting them hard to do.

Social Engineering 90

Social Engineering Engineering Cyber Attacks Artificial Intelligence 90

SecureWorld News

JUNE 29, 2023

There needs to be more training aimed at mobile threats; for example, downloading apps from non-approved sources (this was noted as how the vast majority of Android malware is planted) should be something organizations can train their employees on to reduce the number of incidents."

Mobile 84

Mobile Social Engineering IoT Phishing 84

Malwarebytes

OCTOBER 11, 2023

Antivirus software—or more correctly, its modern descendents endpoint security and Endpoint Detection and Response (EDR)—are essential tools in the battle against cybercrime. Their data is now available for download on the dark web. Their data is now available for download on the dark web. Detect intrusions.

Antivirus 99

Antivirus Insurance Ransomware Healthcare 99

CyberSecurity Insiders

JUNE 13, 2023

Stay informed about the latest cyber threats, such as phishing, malware, ransomware, and social engineering attacks. Be cautious when clicking on links or downloading attachments, especially from unfamiliar or suspicious sources. Keep these security programs up to date to detect and mitigate potential threats effectively.

Cybersecurity 93

Cybersecurity Education Cyber threats Passwords 93

eSecurity Planet

AUGUST 23, 2021

Ransomware attackers, who use myriad methods to get their malware into the systems of businesses large and small in hopes of pulling down millions of dollars, are now going directly to the source. The malware, which also is known as Black Kingdom and DEMON, has been around for a few years and is available for free on GitHub.

Ransomware 127

Ransomware Social Engineering Engineering VPN 127

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing 82

Phishing Social Engineering Malware Advertising 82

eSecurity Planet

SEPTEMBER 14, 2022

Cybercrime is a growth industry like no other. Then, we’ll go over the basic, foundational techniques most scammers find themselves using, such as social engineering and phishing. Social Tactics. Basic phishing and social engineering techniques are still the most common starting point for cyber attacks.

Social Engineering 118

Social Engineering Energy and Utilities Phishing Scams 118

Security Affairs

AUGUST 2, 2021

Through the pre-established Wi-Fi network (kitty3), the attacker remotely connects to the TV and views and downloads the saved screen recording. The cleaner’s insider access takes care of the physical access challenge, while detachment to the organization makes the individual more susceptible to social engineering.

Social Engineering 129

Social Engineering Healthcare Engineering Hacking 129

Security Affairs

MARCH 10, 2020

Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. ” reads the post published by Microsoft.

Ransomware 115

Ransomware Cybercrime Social Engineering Banking 115

SecureList

SEPTEMBER 13, 2021

Download full report (PDF). We deliver a range of services to help organizations when they are in need: incident response, digital forensics and malware analysis. Security issues with passwords, software vulnerabilities and social engineering combined into an overwhelming majority of initial access vectors during attacks.

Social Engineering 109

Social Engineering Healthcare Ransomware Government 109

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. Cracking down hard on the cybercrime world. Analysis of forecasts for 2021. We should expect more fraud, targeting mostly BTC , because this cryptocurrency is the most popular.

Cryptocurrency 104

Cryptocurrency Banking Cybercrime Ransomware 104

SC Magazine

JUNE 17, 2021

” The attacker then uses the phishing lure to get the victim to “ Click here to download the document.” This incident shows how easily somebody can build a convincing phishing page without having to be an experienced software engineer, said Hank Schless, senior manager, security solutions at Lookout.

Phishing 110

Phishing Social Engineering Engineering CISO 110

Security Affairs

JANUARY 2, 2019

In November, experts from ESET uncovered a massive spam campaign that was distributing the Emotet malware. Unlike past campaigns, attackers used a downloader incorporated into an Office file-. On this occasion though, the implementation is a little unusual, consisting of a downloader incorporated into an Office file.”

Social Engineering 84

Social Engineering Advertising Malware Engineering 84

SecureList

NOVEMBER 22, 2022

Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks. These are attractive aspects that cybercrime groups will be unable to resist. million downloads. It also offers anonymity to users.

Cryptocurrency 87

Cryptocurrency Mobile Ransomware Banking 87

SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. The first infection usually aims to install a downloader, which attempts to download other malicious implants from legitimate web services.

Malware 139

Malware Ransomware Spyware Encryption 139

SecureWorld News

MARCH 1, 2023

Thinking like a fraudster can help create additional barriers for these social engineering tricks and form a foundation for effective security awareness training so that the human factor hardens an organization's defenses instead of being the weakest link. Yet another step in prepping for the attack is to proofread the email.

Phishing 84

Phishing Social Engineering Scams Security Awareness 84

Security Affairs

MARCH 30, 2020

The Zeus Sphinx malware is back, operators are now spreading it exploiting the interest in the Coronavirus outbreak. The Zeus Sphinx malware is back, it was observed in a new wave of attacks attempting to exploit the interest in the Coronavirus outbreak. ” continues the post.”Next,

Banking 102

Banking Malware Social Engineering Advertising 102

eSecurity Planet

AUGUST 16, 2021

A phishing campaign that Microsoft security researchers have been tracking for about a year highlights not only the ongoing success of social engineering efforts by hackers to compromise systems, but also the extent to which the bad actors will go to cover their tracks while stealing user credentials. Invoice-Themed Lures.

Phishing 109

Phishing Social Engineering Passwords Engineering 109

SecureList

AUGUST 23, 2021

Last year’s lockdowns gave a boost to the mobile market, with users downloading thirty percent more mobile games per week in Q1 2021 than in Q4 2019 globally, reaching over one billion weekly downloads. We examined malware and unwanted software disguised as popular PC and mobile games. billion in the first half of 2021.

Adware 112

Adware Mobile Phishing Malware 112

Security Affairs

JANUARY 23, 2022

“cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.” ” reads the FBI’s PSA.

Cryptocurrency 98

Cryptocurrency Social Engineering Malware Scams 98

SecureList

SEPTEMBER 28, 2022

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. Active since 2014, in 2016, the group decided to give up ATM malware and focus all of their attacks on PoS systems, targeting the core of the payment industry. Evolving into PoS malware.

Malware 96

Malware Banking Software Encryption 96

Security Affairs

FEBRUARY 26, 2020

Researchers from Cybaze Yoroi ZLab have spotted a new campaign exploiting the interest in coronavirus (COVID-19) evolution to spread malware. The proof is the leverage of the current physical threat, the CoronaVirus (COVID-19), as a social engineering trick to infect the cyber world. Introduction. Technical Analysis.

Cyber Attacks 115

Cyber Attacks Malware Social Engineering Advertising 115

SecureList

JUNE 2, 2022

In their initial disclosures on this threat actor, TeamT5 identified three malware families: SpyDealer, Demsty and WinDealer. In 2020, we discovered a whole new distribution method for the WinDealer malware that leverages the automatic update mechanism of select legitimate applications. WinDealer is a modular malware platform.

Malware 113

Malware Encryption Social Engineering Telecommunications 113

Malwarebytes

FEBRUARY 14, 2023

In a collaborative partnership, officials in the United States and the United Kingdom unmasked and imposed financial sanctions against seven members of the notorious Russian gang TrickBot (alias "TrickLoader"), a mainstream banking Trojan turned malware-as-a-service (MaaS) platform for other criminals. Educate your staff.

Ransomware 65

Ransomware Backups Banking Social Engineering 65