Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 106

Social Engineering Spyware Data breaches Surveillance 106

CyberSecurity Insiders

JANUARY 23, 2022

According to a research conducted by Avast, grandparents aged between in 55 to 64 are being targeted mainly by those spreading ransomware, tech support scams, spyware and botnets. Whereas, the younger generation was being hit by TikTok scams that mainly spread malware, spyware, adware and data, stealing Trojans to mobiles.

Scams 90

Scams Ransomware Spyware Adware 90

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 80

Surveillance Malware Spyware Education 80

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 96

Ransomware Hacking Spyware Cybercrime 96

SiteLock

AUGUST 27, 2021

The consequences of which are not only born by companies who are the primary targets of cybercrime. Data security is a problem for anyone who has an online account, whether it be for health services, banking, or social media. Your home systems are more vulnerable than you think. What Can You Do to Protect Your Networked Devices?

IoT 98

IoT Spyware VPN Passwords 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 74

Spyware Ransomware Malware Data breaches 74

Security Affairs

JULY 24, 2022

ransom and sued its insurance firm for refusing to cover this payment Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever Google is going to remove App Permissions List from the Play Store Security Affairs newsletter Round 374 by Pierluigi Paganini APT groups target journalists and media organizations since 2021.

Spyware 92

Spyware Surveillance Insurance Malware 92

The Last Watchdog

JULY 18, 2023

This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla., July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error.

Hacking 100

Hacking DDOS Small Business Spyware 100

Identity IQ

MARCH 2, 2023

Keyloggers are used for many different things – from tracking employees’ activity to monitoring children’s internet use – but their proliferation has led to an epidemic of cybercrime affecting millions of people every year. Here’s what you need to know about keyloggers and how to protect your personal information.

Antivirus 97

Antivirus Passwords Identity Theft Software 97

Security Affairs

NOVEMBER 8, 2021

Media Markt is a German multinational chain of stores selling consumer electronics with over 1000 stores in Europe. In order to facilitate file encryption, the ransomware look for processes associated with backups, anti-virus/anti-spyware, and file copying and terminates them.

Computers and Electronics 113

Computers and Electronics Ransomware Retail Spyware 113

Security Affairs

NOVEMBER 17, 2019

TA505 Cybercrime targets system integrator companies. Adobe patch Tuesday updates addressed critical flaws in Media Encoder and Illustrator products. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Facebook is secretly using iPhones camera as users scroll their feed. Pierluigi Paganini.

DDOS 50

DDOS Spyware Advertising Ransomware 50

SecureWorld News

JULY 27, 2023

Some highlights include: Stealers are primarily sold on cybercrime forums. Whether this rise is part of the overall trend, a fluctuation relative to other malware activity like ransomware and spyware, or a genuine increase in this specific threat, is hard to say without more research.

Malware 66

Malware Social Engineering Passwords Spyware 66

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The targets included government and military agencies, defense contractors, political parties and consultancies, logistics companies, energy firms, universities, law firms and media companies.

Mobile 139

Mobile Surveillance Ransomware Government 139

Webroot

MAY 12, 2021

Even social media posts are being turned into NFTs; the digital certificate for Jack Dorsey’s first-ever Tweet sold for $2.9 NFT theft and a new brand of cybercrime. It’s a work known as The First 5000 Days by the artist known as Beeple and it’s essentially a $69 million JPEG file. And NFTs aren’t limited to fine art.

Cryptocurrency 91

Cryptocurrency Marketing Phishing Authentication 91

BH Consulting

OCTOBER 6, 2022

So with European Cybersecurity Month here, now’s a good time to familiarise ourselves again with a popular cybercrime tactic. spyware, ransomware).”. The Verizon Data Breach Investigations Report tells us that 82 per cent of security incidents have a human component. .

Security Awareness 52

Security Awareness Phishing Scams Social Engineering 52

SecureList

AUGUST 30, 2023

The attackers were able to embed malicious code into the libffmpeg media processing library to download a payload from their servers. Using a number of vulnerabilities in iOS, the attachment is executed and installs spyware. The deployment of the spyware is completely hidden and requires no action from the person being targeted.

Malware 80

Malware Spyware Cryptocurrency Government 80

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts. SandStrike is distributed as a means to access resources about the Bahá?í í religion that are banned in Iran.

Malware 143

Malware Ransomware Spyware Encryption 143

SecureWorld News

NOVEMBER 27, 2023

There is still no federal-wide data privacy laws, but lawmakers on both sides of the aisle have introduced a bill banning law enforcement and intelligence agencies from easily purchasing personal data use that includes location tracking, social media activity and search history records.

Wireless 87

Wireless Energy and Utilities Technology Data privacy 87

Heimadal Security

APRIL 8, 2022

Hamas-linked cybercrime organization dubbed ‘APT-C-23’ was noticed catfishing Israeli officials working in defense, law, enforcement, and government institutions, resulting in the deployment of new malware. Experts at security […].

Hacking 93

Hacking Social Engineering Spyware Cybercrime 93

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 86

Spyware Surveillance Artificial Intelligence Data breaches 86

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF].

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 105

DDOS VPN Data breaches Cybercrime 105

SecureList

MAY 27, 2022

While it’s not clear how the threat actor tricked the victims into executing the Trojanized app, we suspect they sent a spear-phishing email or contacted them via social media. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. Other malware.

Phishing 117

Phishing Spyware Firmware Malware 117

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing 105

Phishing Malware Spyware DDOS 105

Krebs on Security

JULY 16, 2019

For at least the past decade, a computer crook variously known as “ Yalishanda ,” “ Downlow ” and “ Stas_vl ” has run one of the most popular “bulletproof” Web hosting services catering to a vast array of phishing sites, cybercrime forums and malware download servers.

Cybercrime 186

Cybercrime Phishing Banking Malware 186

Security Affairs

JULY 18, 2021

Biden discussed Russian ransomware gangs with Putin in a phone call Hackers accessed Mint Mobile subscribers data and ported some numbers Magecart hackers hide stolen credit card data into images and bogus CSS files Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack BIOPASS malware abuses OBS Studio to spy on victims (..)

Spyware 54

Spyware Surveillance Ransomware Retail 54

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. On March 31, Google TAG released an update on this activity showing another wave of fake social media profiles and a company the actor set up mid-March.

Malware 143

Malware Spyware Government Social Engineering 143

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. Google addressed three critical code execution flaws in Android Media Framework. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. New variant of Dridex banking Trojan implements polymorphism. Singapore Government will run its third bug bounty program.

Scams 47

Scams Spyware DNS Advertising 47

Security Affairs

JUNE 23, 2022

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. ” concludes the report.

Spyware 80

Spyware Surveillance Software Media 80

Security Affairs

SEPTEMBER 17, 2023

TikTok fined €345M by Irish DPC for violating children’s privacy Iranian Peach Sandstorm group behind recent password spray attacks Dariy Pankov, the NLBrute malware author, pleads guilty Dangerous permissions detected in top Android health apps Caesars Entertainment paid a ransom to avoid stolen data leaks Free Download Manager backdoored to serve (..)

Spyware 94

Spyware DDOS Cybercrime Ransomware 94

SecureList

NOVEMBER 10, 2021

Looking for alternative sources to download a streaming app or an episode of a show, users often discover various types of malware, including Trojans, spyware and backdoors, as well as naughty applications, such as adware. When discussing streaming-related threats, it is crucial to talk about malware and unwanted software.

Phishing 107

Phishing Accountability Malware Adware 107

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

SecureList

OCTOBER 26, 2021

Historically, Lazarus used MATA to attack various industries for cybercrime-like intentions: stealing customer databases and spreading ransomware. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Southeast Asia and Korean Peninsula.

Malware 144

Malware Government Surveillance Spyware 144

SecureList

NOVEMBER 14, 2023

This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. BlackEnergy APT attacks in Ukraine are a prominent example from the last decade, known for destructive actions against media companies, compromising industrial control systems and engaging in cyber-espionage.

Hacking 119

Hacking Energy and Utilities Media Malware 119