Security Affairs

FEBRUARY 20, 2023

Social engineering techniques are becoming increasingly sophisticated and are exploiting multiple emerging means, such as deep fakes. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”. Deepfake technology, what’s it? Education improves awareness” is his slogan.

Social Engineering 98

Social Engineering Engineering Artificial Intelligence Computers and Electronics 98

Security Affairs

OCTOBER 13, 2024

CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalog China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems Google Pixel 9 supports new security features to mitigate baseband attacks International Press – Newsletter Cybercrime Indiana Man Pleads Guilty to Conspiracies Involving (..)

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

Security Affairs

FEBRUARY 3, 2025

” Crazy Evil is referred as a traffer team, which is a group of social engineering specialists tasked with redirecting legitimate traffic to malicious landing pages. The cybercrime gang focused on targeting the Web3 and decentralized finance industry. These factors make it a persistent cyber threat.

Scams 84

Scams Media Cryptocurrency Cybercrime 84

Security Affairs

OCTOBER 22, 2021

FIN7 is a Russian criminal group that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces. SecurityAffairs – hacking, cyber security). ” concludes the report.

Cybercrime 130

Cybercrime Ransomware Cybersecurity Backups 130

Security Affairs

JULY 2, 2025

“We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.” At the end of June, the FBI reports that the cybercrime group Scattered Spider is now targeting the airline sector.

Data breaches 64

Data breaches Social Engineering Engineering Cybercrime 64

Security Affairs

DECEMBER 25, 2024

TraderTraitor activity is often characterized by targeted social engineering directed at multiple employees of the same company simultaneously.” The FBI will continue to expose and combat the DPRKs use of illicit activitiesincluding cybercrime and virtual currency theftto generate revenue for the regime. BTC ($308M).

Cryptocurrency 122

Cryptocurrency Social Engineering Hacking Cybercrime 122

Security Affairs

MAY 17, 2025

Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. The financially motivated group UNC3944 (also known as Scattered Spider , 0ktapus ) is known for social engineering and extortion. They exploit help desks and outsourced IT via social engineering for high-impact attacks.

Retail 66

Retail Social Engineering Cybercrime Financial Services 66

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. FBI warns Silent Ransom Group has targeted U.S. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. ” reads the alert issued by the FBI.

Social Engineering 113

Social Engineering Antivirus Phishing Authentication 113

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

OCTOBER 11, 2024

Observed ChatGPT behavior mainly involved reconnaissance, threat actors used the OpenAI’s platform to seek info on companies, services, and vulnerabilities, similar to search engine queries. They also attempted to send malware-laden emails to OpenAI employees, but the spear-phishing campaign was detected and neutralized.

Malware 136

Malware Social Engineering Engineering Hacking 136

Security Affairs

OCTOBER 16, 2023

Microsoft announced that its Microsoft Defender for Endpoint helped to block a large-scale hacking campaign carried out by Akira ransomware operators (tracked by Microsoft as Storm-1567) The attack took place in early June 2023 and aimed at an industrial engineering organization.

Engineering 129

Engineering Ransomware Hacking Education 129

Zero Day

JUNE 6, 2025

The data in question was posted on a Russian cybercrime forum on May 15 and then uploaded again on June 3, apparently garnering attention from other cybercriminals and potential buyers. But in this age of cybercrime, these numbers have become vulnerable.

Password Management 128

Password Management Passwords Identity Theft Artificial Intelligence 128

Security Boulevard

FEBRUARY 14, 2025

Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Security Affairs

JULY 1, 2025

. “Europol expects online fraud to outpace other types of serious and organised crime as it is being accelerated by AI, aiding social engineering and access to data.” ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Scams 68

Scams Cryptocurrency Banking Social Engineering 68

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 71

Cybercrime Firewall Social Engineering Phishing 71

Security Affairs

FEBRUARY 1, 2025

The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack.

Technology 117

Technology Ransomware Manufacturing Engineering 117

Security Affairs

DECEMBER 26, 2022

The FBI warns of cybercriminals using search engine advertisement services to impersonate brands and defraud users. The FBI is warning of cyber criminals using search engine advertisement services to impersonate brands and direct users to websites that were used to defraud users. Pierluigi Paganini.

Advertising 98

Advertising Engineering Education Internet 98

Security Affairs

JUNE 12, 2023

Researchers detailed a fully undetectable (FUD) malware obfuscation engine named BatCloak that is used by threat actors. Researchers from Trend Micro have analyzed the BatCloak, a fully undetectable (FUD) malware obfuscation engine used by threat actors to stealthily deliver their malware since September 2022. and FileObfuscation.cs.

Engineering 98

Engineering Malware Encryption Hacking 98

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J.

Scams 80

Scams Social Engineering Phishing Mobile 80

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. SocksEscort began in 2009 as “ super-socks[.]com

Malware 245

Malware VPN Internet Internet 245

Security Affairs

FEBRUARY 9, 2025

CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog Cisco addressed two critical flaws in its Identity Services Engine (ISE) Notorious hacker behind 40+ cyberattacks on strategic organizations arrested Lazarus APT targets crypto wallets using cross-platform JavaScript stealer U.S.

Spyware 61

Spyware Cybercrime Scams Social Engineering 61

Security Affairs

OCTOBER 10, 2024

“The added obfuscation does introduce confusion (we call this obfuscation potency) but it does not add any resiliency (how hard it is to reverse engineer, using manual or automated methods). .” reads the report published by Jscrambler.

Data collection 127

Data collection Engineering Malware Hacking 127

Security Affairs

APRIL 21, 2025

The malware is delivered via social engineering, attackers attempt to trick victims into tapping cards on infected phones. Calls enable social engineering in a Telephone-Oriented Attack Delivery (TOAD) scenario. Analysis of the SuperCard X campaign in Italy revealed custom malware builds tailored for regional use.

Malware 106

Malware Social Engineering Banking Engineering 106

Security Affairs

OCTOBER 6, 2023

The creation of a dedicated emergency number for cybersecurity could provide an effective solution to this rapidly growing challenge The growing threat of cybercrime is calling for new and innovative defense strategies. This would have a long-term impact on cybercrime prevention, helping to create a society more aware of digital threats.

Cybersecurity 129

Cybersecurity Cybercrime Computers and Electronics Education 129

Security Affairs

MARCH 17, 2025

Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users actions and preferences. Cisco Talos observed threat actors abusing Cascading Style Sheets (CSS) to evade detection and track user behavior, raising security and privacy concerns, including potential fingerprinting.

Phishing 118

Phishing Engineering Media Hacking 118

Security Affairs

MARCH 5, 2025

The company, which is engaged in product engineering, provides services to automotive and aerospace original equipment manufacturers as well as industrial machinery companies. The group claims the theft of 1.4 terabytes of data and is threatening to leak it. ” reads the filing. Who is Hunters International?

Technology 108

Technology Ransomware Engineering Manufacturing 108

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. McAfee researchers discovered 15 SpyLoan Android apps on Google Play with a combined total of over 8 million installs.

Social Engineering 129

Social Engineering Media Mobile Scams 129

Security Affairs

JULY 22, 2024

for suspected involvement in the Scattered Spider cybercrime syndicate. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). Law enforcement arrested a 17-year-old boy from Walsall, U.K., Law enforcement in the U.K.

Cybercrime 133

Cybercrime Social Engineering Hacking Scams 133

Security Affairs

FEBRUARY 27, 2023

Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach.

Engineering 98

Engineering Backups Data breaches Passwords 98

Security Affairs

OCTOBER 18, 2024

. “On August 7, 2024, we became aware of claims that information was taken from our systems and posted on the dark web. The dark web is a hidden part of the internet that is not accessible through regular search engines like Google. We also notified federal law enforcement.” ” reads the data breach notification.

Data breaches 139

Data breaches Healthcare Insurance Engineering 139

Security Affairs

MAY 17, 2025

Access to personal or official accounts operated by US officials could be used to target other government officials, or their associates and contacts, by using trusted contact information they obtain.” ” reads the alert issued by the FBI.

Government 122

Government Social Engineering Authentication Accountability 122

Security Affairs

DECEMBER 6, 2024

“the threat intel search engine LeakIX reported that 21,761vulnerable CyberPanel instances were exposed online, and nearly half (10,170) were in the United States.” The vulnerability was exploited in a large-scale hacking campaign that targeted more than 22,000 CyberPanel instances. ” reported Bleeping Computer.

DNS 109

DNS Authentication Ransomware Hacking 109

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 133

Malware Cybercrime DDOS Social Engineering 133

Security Affairs

APRIL 17, 2025

In a documented instance, attackers used a ClickFix social engineering tactic to trick users into running a PowerShell command that downloads and installs Node.js Another notable technique observed by researchers in recent campaign employs inline JavaScript execution via Node.js to deploy malicious payloads. components.

Social Engineering 115

Social Engineering Malware Cryptocurrency Engineering 115

Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Penetration Testing 144

Penetration Testing Retail Cybersecurity Social Engineering 144

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. “The security of our data is paramount and we have comprehensive information security protocols in place to ensure its confidentiality. Activision was breached December 4th, 2022.

Hacking 98

Hacking Cybercrime Social Engineering Data breaches 98

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. Researchers from Gen Digital who discovered the threat, believe it is in its early development phase.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116