Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC.

Data breaches 96

Data breaches Phishing Ransomware Malware 96

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 99

Data breaches Small Business Hacking Malware 99

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 68

Ransomware VPN Cybercrime Accountability 68

Security Affairs

AUGUST 10, 2022

Once obtained the credentials, the attackers launched voice phishing attacks in an attempt to trick the victim into accepting the MFA push notification started by the attacker. Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user.

Ransomware 124

Ransomware Hacking VPN Phishing 124

Security Affairs

AUGUST 21, 2020

The Federal Bureau of Investigation ( FBI ) and the Cybersecurity and Infrastructure Security Agency ( CISA ) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries.

Social Engineering 116

Social Engineering VPN Phishing Authentication 116

Security Affairs

SEPTEMBER 12, 2022

Once obtained the credentials, the attackers launched voice phishing attacks in an attempt to trick the victim into accepting the MFA push notification started by the attacker. Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user.

Ransomware 99

Ransomware VPN Authentication Phishing 99

Security Affairs

APRIL 21, 2024

The cybersecurity researchers observed threat actors obtaining initial access to organizations through a virtual private network (VPN) service without multifactor authentication (MFA) configured. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware 104

Ransomware Encryption Antivirus VPN 104

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. Nikulin used data stolen from Linkedin to launch spear-phishing attacks against employees at other companies, including Dropbox. Pierluigi Paganini.

Hacking 77

Hacking Cybercrime Data breaches Advertising 77

Security Affairs

FEBRUARY 10, 2023

The attack chain starts with an phishing emails containing a malicious URL or malicious attachment that lead to deployment of WasabiSeed and Screenshotter malware. Experts, for example, observed phishing emails using Microsoft Publisher (.pub) Telegram, Discord), email clients, VPN configurations, cookies, grab files, and more.

Malware 82

Malware Phishing Spyware Cybercrime 82

Security Affairs

JUNE 20, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here.

Data breaches 99

Data breaches DDOS Small Business Ransomware 99

Security Affairs

NOVEMBER 19, 2022

Never access links or attachments you receive from unknown sources – Use a Bitdefender security solution to fend off scam and phishing links. Add an extra layer of security and privacy to your device when shopping this Black Friday with Bitdefender Premium Security.

Scams 141

Scams Retail Password Management Phishing 141

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. We are in the final!

Malware 92

Malware Phishing VPN Accountability 92

Security Affairs

AUGUST 4, 2020

NetWalker ransomware operators continue to be very active, according to McAfee the cybercrime gang has earned more than $25 million since March 2020. The affiliates used to deliver the threat via brute-forcing attacks on RDP servers or exploiting known vulnerabilities in VPN servers and firewalls. and foreign government organizations.

Ransomware 75

Ransomware VPN Cybercrime Advertising 75

Security Affairs

JANUARY 15, 2023

Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4

Small Business 88

Small Business Password Management VPN Healthcare 88

Security Affairs

NOVEMBER 15, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware 114

Ransomware Manufacturing Healthcare Education 114

Security Affairs

MARCH 19, 2022

Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities (i.e.,

Ransomware 97

Ransomware DDOS Passwords Backups 97

Security Affairs

SEPTEMBER 10, 2020

The popular cybercrime gang is demanding a $4.5 “Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems.” Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN. ” reads the statement.

Ransomware 106

Ransomware VPN Data breaches Advertising 106

Security Affairs

MAY 12, 2023

Once discovered the security breach, ABB closed VPN connections with its customers to prevent the threat from spreading. The attacks began with a spam/phishing email containing malicious URL links. BleepingComputer states that some of the projects were delayed and the attack impacted some of the company factories.

Ransomware 86

Ransomware VPN Hacking Technology 86

Security Affairs

JANUARY 3, 2021

HackerOne announces first bug hunter to earn more than $2M in bug bounties SolarWinds releases updated advisory for SUPERNOVA backdoor Vermont Hospital confirmed the ransomware attack E-commerce app 21 Buttons exposes millions of users data Finland confirms that hackers breached MPs emails accounts Multi-platform card skimmer targets Shopify, BigCommerce, (..)

Data breaches 95

Data breaches Mobile VPN Firewall 95

Security Affairs

DECEMBER 10, 2022

HC3 added that threat actors continue to use multiple attack vectors associated with this ransomware, including phishing, Remote Desktop Protocol (RDP) compromises and credential abuse, compromises of exploited vulnerabilities, such as VPN servers, and compromises in other known vulnerabilities” HHS notes.

Healthcare 88

Healthcare Ransomware Encryption Malware 88

Security Affairs

JANUARY 21, 2022

Threat actors sent spear-phishing messages from compromised corporate accounts to their contacts, the email carry malicious attachments. Many of the email RDP, SMTP, SSH, cPanel, and VPN account credentials siphoned by the attackers were made available on dark web marketplaces and sold to other threat actors.

Spyware 86

Spyware Accountability Social Engineering Phishing 86

Security Affairs

MAY 28, 2023

Once discovered the security breach, ABB closed VPN connections with its customers to prevent the threat from spreading. The attacks began with a spam/phishing email containing malicious URL links. The researchers noticed that once obtained access to the network, the threat actor moves extremely fast.

Data breaches 88

Data breaches Ransomware VPN Hacking 88

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 53

Spyware Data breaches Ransomware Retail 53

Malwarebytes

MAY 28, 2021

As with other “big game” ransomware, the delivery method changes according to the preferences of the group operating it, but among the most common attack vectors are remote desktop protocol (RDP) , phishing , and weaknesses in either software or hardware. Only use secure networks and avoid using public Wi-Fi networks.

Healthcare 107

Healthcare Ransomware Encryption Passwords 107

Security Affairs

OCTOBER 27, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. TA505 cybercrime group use SDBbot RAT in recent campaigns. NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches.

Spyware 41

Spyware Advertising Hacking DDOS 41

Security Affairs

NOVEMBER 29, 2020

Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Data breaches 85

Data breaches Social Engineering Ransomware Malware 85

Security Affairs

JUNE 30, 2021

Law enforcement has seized the servers of DoubleVPN (doublevpn.com), a Russian-based VPN service that provides double-encryption service widely used by threat actors to anonymize their operation while performing malicious activities. The VPN service was offered for a starting price of €22 ($25). . Pierluigi Paganini.

VPN 128

VPN Cybercrime Encryption Advertising 128

SecureList

NOVEMBER 23, 2021

For example, a popular tactic in spyware attacks is now to send phishing e-mails from compromised corporate mail accounts of a partner organization of the intended victim. The debate about which threats pose the most danger to industrial enterprises often revolves around comparisons between APTs and cybercrime. Current attack vectors.

Spyware 102

Spyware Phishing Cybercrime Energy and Utilities 102

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Astalavista Security Group – Investment Proposal” Presentation – A Photos Compilation.

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

NOVEMBER 25, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware 118

Ransomware Hacking Engineering Manufacturing 118

Security Affairs

DECEMBER 26, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Hacking 121

Hacking Ransomware Manufacturing Healthcare 121

Security Affairs

FEBRUARY 12, 2024

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware 114

Ransomware Encryption VPN Manufacturing 114

Security Affairs

NOVEMBER 29, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts.

Ransomware 110

Ransomware Hacking Manufacturing Healthcare 110

Security Affairs

NOVEMBER 20, 2023

VPNs, RDPs) to gain initial access to the target network and maintain persistence. The group relied on compromised credentials to authenticate to internal VPN access points.

Ransomware 113

Ransomware Cyber Attacks Manufacturing Healthcare 113

Security Affairs

NOVEMBER 18, 2022

The group used various attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. According to a report published by blockchain analytics company Chainalysis, the Hive ransomware is one of the top 10 ransomware strains by revenue in 2021. key files.

Ransomware 91

Ransomware VPN Manufacturing Healthcare 91

Security Affairs

DECEMBER 5, 2021

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency warns of ransomware attacks over Christmas holidays Cuba ransomware gang hacked 49 US critical infrastructure organizations CISA warns of vulnerabilities in Hitachi Energy products NSO Group spyware used to compromise iPhones of 9 US State Dept officials (..)

Spyware 84

Spyware Ransomware Hacking VPN 84

SecureList

MAY 12, 2021

Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. Access sellers.

Ransomware 123

Ransomware Encryption Malware Cybercrime 123