Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 121

Data breaches VPN Cloud Migration Malware 121

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 136

Spyware Energy and Utilities Malware Engineering 136

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 123

Spyware Surveillance DDOS Identity Theft 123

SiteLock

AUGUST 27, 2021

The consequences of which are not only born by companies who are the primary targets of cybercrime. To help avoid these online risks, it is highly recommended to use a Virtual Private Network (VPN). VPNs are the baseline cybersecurity tool to safeguard internet-enabled devices and a home network.

IoT 98

IoT Spyware VPN Passwords 98

Security Affairs

SEPTEMBER 10, 2023

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital North Korea-linked threat actors target cybersecurity experts with a zero-day Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Nation-state actors (..)

DDOS 127

DDOS VPN Data breaches Cybercrime 127

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Spyware 140

Spyware Manufacturing Small Business Surveillance 140

CyberSecurity Insiders

MARCH 21, 2021

With a VPN like Surfshark to encrypt your online traffic and keep it protected against any security breach, your valuable data isn’t going to get compromised easily anytime soon. Make sure all devices and computers at your office have installed anti-virus, and anti-spyware as these are connected to the network, offering a gateway to hackers.

Small Business 145

Small Business Cyber Attacks VPN Backups 145

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 104

Spyware Accountability VPN Malware 104

Security Affairs

JULY 14, 2024

CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog Evolve Bank data breach impacted over 7.6 Patch it now! million miles on U.S.

Data breaches 116

Data breaches VPN Malware Ransomware 116

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 98

Spyware Cryptocurrency VPN Malware 98

Security Affairs

JANUARY 21, 2024

million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 Patch it now!

Artificial Intelligence 126

Artificial Intelligence Hacking VPN Firewall 126

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Such attacks are likely to comprise an even larger portion of the threat landscape next year.

Spyware 136

Spyware Phishing Cybercrime Energy and Utilities 136

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 128

Data breaches Ransomware Phishing Malware 128

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform.

VPN 109

VPN Ransomware Spyware Hacking 109

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 98

Spyware Data breaches VPN Hacking 98

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Intell on the Criminal Underground – Who’s Who in Cybercrime for ” Presentation – [PDF].

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

NOVEMBER 17, 2019

TA505 Cybercrime targets system integrator companies. Tracking Iran-linked APT33 group via its own VPN networks. WhatsApp flaw CVE-2019-11931 could be exploited to install spyware. Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure. Pierluigi Paganini.

DDOS 73

DDOS Advertising Spyware Ransomware 73

Security Affairs

DECEMBER 5, 2021

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users German BSI agency warns of ransomware attacks over Christmas holidays Cuba ransomware gang hacked 49 US critical infrastructure organizations CISA warns of vulnerabilities in Hitachi Energy products NSO Group spyware used to compromise iPhones of 9 US State Dept officials (..)

Spyware 104

Spyware Ransomware Hacking VPN 104

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. ” The threat actor used multiple tools in the delivery stage, including Traffic Distribution System (TDS), malicious, some of which can be purchased from other threat actors in the cybercrime ecosystem.

Malware 98

Malware Phishing Spyware Cybercrime 98

Identity IQ

MARCH 2, 2023

Keyloggers are used for many different things – from tracking employees’ activity to monitoring children’s internet use – but their proliferation has led to an epidemic of cybercrime affecting millions of people every year. Plus, IdentityIQ plans allow you to add antivirus and VPN protection.

Antivirus 98

Antivirus Passwords Software Identity Theft 98

Security Affairs

OCTOBER 27, 2019

TA505 cybercrime group use SDBbot RAT in recent campaigns. NordVPN, TorGuard, and VikingVPN VPN providers disclose security breaches. Swedish Government grants police the use of spyware against violent crime suspects. Fake UpdraftPlus WordPress Plugins used to backdoor sites. Robots at HIS Group are vulnerable to hack.

Advertising 63

Advertising Spyware Hacking DDOS 63

Security Affairs

NOVEMBER 14, 2021

Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server GravityRAT returns disguised as an end-to-end encrypted chat app Intel and AMD address high severity vulnerabilities in products and drivers New evolving Abcbot DDoS botnet targets Linux systems Retail giant Costco discloses data breach, payment card data exposed (..)

Spyware 55

Spyware Data breaches Ransomware Hacking 55

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND).

Malware 145

Malware Government Spyware Social Engineering 145

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. It provides victims with a VPN connection that can be used to browse these resources. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts.

Malware 145

Malware Ransomware Spyware Encryption 145

SecureList

NOVEMBER 14, 2022

In 2022, the GReAT team tracked several threat actors leveraging SilentBreak’s toolset as well as a commercial Android spyware we named MagicKarakurt. A recent leak has put it in the hands of cybercrime actors and it is very likely that by the end of the year we will see it involved in APT cases too.

Firmware 127

Firmware Surveillance Mobile Telecommunications 127

Security Affairs

MARCH 27, 2023

Lower.exe, a sample of “GCleaner” spyware, historically, this piece of malware was initially faking CCleaner to drop additional malware ( link ). Brg.exe, a common RacconStealer with its command and control server hosted by VDSina, a Russian cloud provider. The module also exfiltrates 2FA secrets from Twilio’s Authy local storage.

Malware 98

Malware Social Engineering Encryption Marketing 98

Security Affairs

AUGUST 11, 2024

CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog Russian cyber spies stole data and emails from UK government systems 0.0.0.0

Spyware 116

Spyware Ransomware Hacking Government 116

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. Let’s start by looking at the predictions we made for 2021.

Mobile 145

Mobile Surveillance Ransomware Government 145

SecureList

OCTOBER 26, 2021

Historically, Lazarus used MATA to attack various industries for cybercrime-like intentions: stealing customer databases and spreading ransomware. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Southeast Asia and Korean Peninsula.

Malware 145

Malware Government Surveillance Spyware 145