Remove Cybercrime Remove Download Remove Social Engineering
article thumbnail

Silent Ransom Group targeting law firms, the FBI warns

Security Affairs

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. FBI warns Silent Ransom Group has targeted U.S. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. ” concludes the report.

article thumbnail

MUT-1244 Campaign Steals Hundreds of Thousands of WordPress Credentials and More

SecureWorld News

Researchers at Datadog Security Labs have uncovered a year-long, large-scale cybercrime campaign by a threat actor tracked as MUT-1244. This operation, which blends social engineering and technical exploitation, has resulted in the theft of more than 390,000 WordPress credentials.

Phishing 109
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Node.js malvertising campaign targets crypto users

Security Affairs

In this attack phase, a PowerShell script downloads an archive from the command-and-control server containing the Node.js In a documented instance, attackers used a ClickFix social engineering tactic to trick users into running a PowerShell command that downloads and installs Node.js to deploy malicious payloads.

article thumbnail

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

SecureWorld News

Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day. And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect.

Scams 83
article thumbnail

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

Threat actors relies on social engineering tactics like ClickFix and FakeCaptcha to trick users into executing malicious scripts via PowerShell or Run prompts. To extract cookies from Chromium-based browsers, it downloads a module from the C&C to bypass App-Bound encryption. ” reads the report published by Gen Digital.

article thumbnail

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

Initially, the group published screenshots of stolen data as proof of the attack, now the whole archive can be downloaded from the leak page. The group said that the waiting period had expired and claimed the theft of 134GB of sensitive data. ” reads a report published by Halcyon.

article thumbnail

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Security Affairs

“Contact information acquired through social engineering schemes could also be used to impersonate contacts to elicit information or funds.” Avoid clicking links or downloading files from unverified sources. ” reads the alert issued by the FBI. Dont send money or crypto without confirming requests.