Security Affairs

MARCH 24, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices.

Malware 100

Malware Cybercrime Hacking Cyber threats 100

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime.

Cybercrime 60

Cybercrime Surveillance Spyware Government 60

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 96

Spyware Cyber Insurance Hacking Advertising 96

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 106

Social Engineering Spyware Data breaches Surveillance 106

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 111

Spyware Energy and Utilities Malware Engineering 111

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 87

DDOS Cybercrime Spyware Malware 87

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 101

Artificial Intelligence Firmware Data breaches Hacking 101

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Spyware 89

Spyware Hacking Data breaches Mobile 89

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 123

Spyware Manufacturing Small Business Surveillance 123

Security Affairs

APRIL 21, 2024

Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 98

Data breaches Phishing Ransomware Malware 98

Security Affairs

NOVEMBER 25, 2020

Group-IB supported an INTERPOL-led operation Falcon targeting business email compromise cybercrime gang from Nigeria, dubbed TMT. Group-IB , a global threat hunting and intelligence company, supported an INTERPOL-led operation Falcon targeting business email compromise (BEC) cybercrime gang from Nigeria, dubbed TMT by Group-IB.

Cybercrime 130

Cybercrime Phishing Social Engineering Spyware 130

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cyber Attacks 84

Cyber Attacks Firewall Data breaches Telecommunications 84

Security Affairs

MAY 29, 2022

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks The strange link between Industrial Spy and the Cuba ransomware operation Reuters: Russia-linked APT behind Brexit leak website GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack Android pre-installed apps are affected by high-severity (..)

InfoSec 101

InfoSec Spyware DDOS Firewall 101

Security Affairs

MARCH 4, 2023

FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0

Spyware 82

Spyware Data breaches Retail Ransomware 82

SecureWorld News

NOVEMBER 23, 2021

The steps we’re taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place.". Being on this list effectively blocks the government or its vendors from doing business with NSO. And he didn't stop there.

Spyware 73

Spyware Surveillance Engineering Software 73

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 81

Spyware Backups Manufacturing Data breaches 81

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. government said was used to infect more than a half million computers worldwide. An advertisement for Orcus RAT.

Advertising 220

Advertising Malware Marketing Software 220

SecureList

AUGUST 30, 2023

Both infection methods resulted in the same malware (the DeathNote downloader), which uploaded the target’s information and retrieved the next-stage payload at the discretion of the C2 (Command and Control) server. It’s thought that the malware was spread through a vulnerability in the software.

Malware 73

Malware Spyware Cryptocurrency Government 73

Security Affairs

MARCH 5, 2020

According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Chinese hackers also targeted several organizations in the healthcare sector, government and defense sectors of countries in Asia. ” reads the report published by CrowdStrike.

Telecommunications 91

Telecommunications Mobile Spyware Advertising 91

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6

Spyware 72

Spyware Surveillance Ransomware Hacking 72

SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. In most cases, the targets appear to be diplomatic and government organizations in Europe. Chinese-speaking activity.

Malware 139

Malware Ransomware Spyware Encryption 139

Security Affairs

AUGUST 27, 2021

Government experts state that the group uses multiple mechanisms to compromise networks of the victims, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network. The malware deletes the Hive executable and the hive.bat script.

Ransomware 97

Ransomware Encryption Spyware Backups 97

Security Affairs

OCTOBER 27, 2019

TA505 cybercrime group use SDBbot RAT in recent campaigns. malware to control Microsoft SQL Servers. Autoclerk travel reservations platform data leak also impacts US Government and military. Trend Micro Anti-Threat Toolkit could be used to run malware on Win PCs. Fake UpdraftPlus WordPress Plugins used to backdoor sites.

Spyware 41

Spyware Advertising Hacking DDOS 41

Security Affairs

NOVEMBER 17, 2019

TA505 Cybercrime targets system integrator companies. New TA2101 threat actor poses as government agencies to distribute malware. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure.

DDOS 52

DDOS Spyware Advertising Ransomware 52

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. In 2020, we predicted that governments would adopt a “name and shame” strategy to draw attention to the activities of hostile APT groups, a trend that has evolved even more in the last year.

Mobile 128

Mobile Surveillance Ransomware Government 128

Security Affairs

APRIL 21, 2019

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading. Analyzing OilRigs malware that uses DNS Tunneling. Operator of Codeshop Cybercrime Marketplace Sentenced to 90 months in prison. Hacker broke into super secure French Governments Messaging App Tchap hours after release. Code execution – Evernote.

Computers and Electronics 63

Computers and Electronics Spyware Data breaches Advertising 63

Security Affairs

APRIL 8, 2019

This data comes not only from the analysis of underground forums and phishing websites, but also from the analysis of cybercriminals’ infrastructure (including but not limited to C&Cs) and malware disassembling. Upon identification of this information, CERT-GIB reached out to region’s government CERTs to inform about the threat. “It

Artificial Intelligence 65

Artificial Intelligence Government Banking Advertising 65

Security Affairs

NOVEMBER 8, 2021

Government experts state that the group uses multiple mechanisms to compromise networks of the victims, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network. The Hive ransomware adds the.hive extension to the filename of encrypted files.

Computers and Electronics 114

Computers and Electronics Ransomware Retail Spyware 114

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 54

Spyware Data breaches Ransomware Retail 54

Security Affairs

JULY 11, 2022

A PDF containing the offer was sent to the employee, once opened the file a spyware compromised his system and infiltrate the Ronin’s network. government blamed North Korea-linked APT Lazarus for the Ronin Validator cyber heist. reads a post-mortem analysis published by Sky Mavis. In April, the U.S.

Engineering 79

Engineering Spyware Phishing Hacking 79

Security Affairs

MARCH 19, 2019

Group-IB specialists discovered 19 928 of Singaporean banks’ cards that have shown up for sale in the dark web in 2018 and found hundreds of compromised government portals’ credentials stolen by hackers throughout past 2 years. New malware in gang’s arsenal. Users’ logins and passwords from the Government Technology Agency ( [link] [.]

Banking 80

Banking Government Passwords Marketing 80

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Source: CERT-GIB. Source: CERT-GIB.

Phishing 107

Phishing Malware Spyware DDOS 107

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Reducing the life cycle of malware. And the tactic is likely to spread to other types of threats as well.

Spyware 102

Spyware Phishing Cybercrime Energy and Utilities 102

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 93

Spyware Surveillance Identity Theft DDOS 93

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 84

Spyware Surveillance Artificial Intelligence Data breaches 84

Security Affairs

DECEMBER 11, 2018

Group-IB, an international company that specializes in preventing cyberattacks , has detected more than 40 000 compromised user credentials of online government services in 30 countries around the world. Group-IB Threat Intelligence has detected government websites’ user accounts compromised by cyber criminals in 30 countries.

Government 91

Government Cybercrime Accountability Advertising 91

SecureList

MAY 27, 2022

Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. Subsequently, DDoS attacks hit some government websites. Roaming Mantis reaches Europe.

Phishing 103

Phishing Spyware Firmware Malware 103