Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. ” concludes the report.

Spyware 86

Spyware Accountability Social Engineering Phishing 86

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 76

Spyware Accountability VPN Malware 76

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. Let’s start by looking at the predictions we made for 2021.

Mobile 128

Mobile Surveillance Ransomware Government 128

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. It provides victims with a VPN connection that can be used to browse these resources. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts. Final thoughts.

Malware 139

Malware Ransomware Spyware Encryption 139

Security Affairs

MARCH 27, 2023

Such was related to a worldwide malware operation known as NullMixer, a controversial and widespread malware delivery maneuver based on SEO poisoning and social engineering technique to lure tech-savvy users, including IT personnel. The module also exfiltrates 2FA secrets from Twilio’s Authy local storage.

Malware 81

Malware Social Engineering Encryption Marketing 81

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). Final thoughts.

Malware 138

Malware Spyware Government Social Engineering 138

SecureList

OCTOBER 26, 2021

Historically, Lazarus used MATA to attack various industries for cybercrime-like intentions: stealing customer databases and spreading ransomware. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Southeast Asia and Korean Peninsula. Final thoughts.

Malware 140

Malware Government Surveillance Spyware 140