Security Affairs

OCTOBER 23, 2023

Teodoro ordered “to refrain from using AI photo generator applications and practice vigilance in sharing information online” At this time, it remains unclear whether the order was issued in response to a specific event or to address potential attacks aimed at exploiting the data collected by these applications.

Identity Theft 117

Identity Theft Social Engineering Data collection Risk 117

SC Magazine

JULY 13, 2021

Speed is the natural enemy of security, and retailers must beware of increased risks of DDoS attacks, ransomware, fraudulent purchases, [and] phishing campaigns impersonating retailers.”. The post Fashion brand Guess hacked, DarkSide ransomware group the likely culprit appeared first on SC Media.

Retail 102

Retail Ransomware Hacking Digital transformation 102

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Secure web- phishing. In the first six months of 2020, CERT-GIB blocked a total of 9 304 phishing web resources, which is an increase of 9 percent compared to the previous year.

Phishing 103

Phishing Ransomware Spyware Banking 103

Security Affairs

NOVEMBER 17, 2018

A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. At the time it is not clear if the hacker belongs to a cyber crime gang, it claims to have stolen a “significant” amounts of data from the company. The ransom demand ( archive.is

Scams 98

Scams Hacking Data collection Advertising 98

Security Affairs

APRIL 6, 2023

The experts pointed out that crooks engaged in phishing activities have started to rely on the popular instant messaging platform more in recent months. On Telegram is possible to find channels that offer: Free phishing kits that can be used to target users of a large number of global and local brands. User personal data for sale.

Phishing 90

Phishing Scams Social Engineering Banking 90

Security Affairs

MAY 23, 2024

However, the researchers determined that one of methods used by the threat actors to regaining access to the target organizations are spear-phishing emails. The experts observed multiple spear-phishing attempts between March and May 2023. However, the exact persistence mechanisms remain unclear due to insufficient forensic data.

Malware 109

Malware Accountability Phishing Data collection 109

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. SecurityAffairs – hacking, Zebrocy).

Malware 105

Malware Phishing Government Data collection 105

Security Affairs

NOVEMBER 16, 2018

To infiltrate critical infrastructure networks hackers will continue to use phishing as one of their main tools, but the focus of attacks might shift to vulnerable network equipment connecting the network to the Internet. Thirteen exchanges were hacked in 2017 and in the first three quarters of 2018, amounting to a total loss of $877 million.

Cybercrime 83

Cybercrime Hacking Banking Phishing 83

Security Affairs

JULY 12, 2021

For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from hundreds of millions of LinkedIn user profiles surfaced on a hacker forum, where it’s currently being sold for an undisclosed sum.

Social Engineering 137

Social Engineering Data collection Media Passwords 137

Security Affairs

MARCH 17, 2021

. “While the initial vector for the infection is not entirely clear, the McAfee ATR team believes with a medium level of confidence that victims were lured to a domain under control of the threat actor, from which they were infected with malware which the threat actor leveraged to perform additional discovery and data collection.”

Malware 98

Malware Data collection Technology Phishing 98

SecureList

AUGUST 8, 2022

The attackers penetrated the enterprise network using carefully crafted phishing emails, some of which use information that is specific to the organization under attack and is not publicly available. Microsoft Word documents attached to the phishing emails contained malicious code that exploits the CVE-2017-11882 vulnerability.

Malware 94

Malware Phishing Passwords Data collection 94

Security Affairs

JULY 30, 2020

The attackers sent out spear-phishing emails using boobytrapped documents leveraging the fake job offer as bait. “The data collected from the target machine could be useful in classifying the value of the target. SecurityAffairs – hacking, North Korea). ” states the report published by the experts.

Advertising 97

Advertising Data collection Malware Phishing 97

Security Affairs

OCTOBER 27, 2022

Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin payload-related alert in the last 30 days. SecurityAffairs – hacking, ransomware). ” reads the report published by Microsoft. ” concludes the report.

Ransomware 96

Ransomware Malware Data collection Encryption 96

Security Affairs

NOVEMBER 15, 2018

Of course, the CBR does not have anything to do with the phishing campaign – the hackers faked the sender’s address. A spear-phishing campaign set up to look like it was carried out by the Central Bank is a relatively widespread vector of attack among cyber criminals; it has been used by groups such as Buhtrap, Anunak , Cobalt , and Lurk.

Banking 99

Banking Computers and Electronics Phishing Cybercrime 99

SecureList

MARCH 29, 2021

Where does your personal data end up?” ” , we mentioned that a cybercriminal could attack their victim by using targeted phishing e-mails to obtain access to the victim’s data. If an employee attempts to log in to this fake resource, this login information will end up in the hands of the phishing scammers.

Identity Theft 100

Identity Theft Phishing Accountability Banking 100

Security Affairs

JULY 1, 2021

While not highly sensitive, the data could still be used by threat actors to stage attacks against US business owners who the threat actors might see as being more affluent and potentially vulnerable to phishing and ransomware attacks. Our teams have investigated a set of alleged LinkedIn data that has been posted for sale.

Data breaches 91

Data breaches Social Engineering Data collection Media 91

Security Affairs

OCTOBER 15, 2018

Group-IB: The online market for counterfeit goods in Russia has reached $1,5 billion, while the number of phishing attacks has surpassed 1,200 daily. Fraudsters use various ways to deceive users: phishing websites, fake mobile apps, accounts and groups on social media. Phishing remains one of the most common online fraud.

Marketing 79

Marketing Phishing Media Engineering 79

Identity IQ

JANUARY 24, 2024

Dormant accounts make you more vulnerable to potential hacks, exposing your personal information. Control Your Data Trail Be mindful of the trail of data you leave behind in order to take charge of your online presence. Many websites and services allow you to opt out of their data collection procedures.

Identity Theft 52

Identity Theft Education Media Accountability 52

Cisco Security

JUNE 15, 2021

For those who would like to host their own integrations, tinker/hack around some code and/or build your own integrations, we continue to post the code to GitHub for educational purposes. Radio frequency (RF) network and device data collected by Bastille Networks are available in SecureX threat response as an integrated source.

Firewall 92

Firewall Data collection Education Malware 92

Security Affairs

OCTOBER 27, 2022

Either way, even if all of the data was essential, that doesn’t make it less sensitive if leaked. Cases like these raise questions about corporate data collection practices. The ramifications of a data leak of such scale are worrying to say the least,” Sasnauskas explained. SecurityAffairs – hacking, Thomson Reuters).

IoT 115

IoT Engineering Passwords Media 115

Security Affairs

OCTOBER 10, 2018

Attacks on bank customers: The decline of Android Trojans and the triumph of phishing. There has been a significant rise in the number of crimes committed using web phishing and fake websites of banks, payment systems, telecoms operators, online stores and famous brands. Using web phishing, criminals have managed to steal $3.7

Cyber Attacks 83

Cyber Attacks Banking Cyber threats Phishing 83

BH Consulting

AUGUST 31, 2023

The company’s data also claims that 64 per cent of companies have experienced social media-related incidents like hacking and fraud. Another risk is social media hacking. The incident shows that not all hackers’ motives are financial or data collection. Sometimes, they want to damage the victim’s reputation.

Media 52

Media Accountability Authentication Passwords 52

Security Affairs

DECEMBER 19, 2018

Attackers carried out a spear-phishing attack using messages with an LNK attachment that would run a series of PowerShell scripts to extract a payload. The Go variant of Zebrocy initially starts collecting info on the compromised system, then sends it to the command and control server.

Malware 89

Malware Advertising Data collection Phishing 89

SecureList

MAY 28, 2024

In other cases, they used data that was stolen before the incident began. Rounding out the top three is targeted phishing. 7 Fulfilling attack objectives In most cases, the attackers launched ransomware in the target organization’s infrastructure ( Impact Data , Encrypted for Impact, T1486 ).

VPN 88

VPN Accountability Passwords Antivirus 88

ForAllSecure

NOVEMBER 18, 2021

IIain Paterson and Justin Macorin join The Hacker Mind podcast to share insights from their SecTor 2021 talk on hacking behavioral biometrics. It’s about challenging our expectations about the people who hack for a living. Let's say phishing campaigns like very compelling phishing campaigns, targeted ones.

Hacking 52

Hacking Authentication Artificial Intelligence Technology 52

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. It emerges that email marketing giant Mailchimp got hacked.

Cryptocurrency 236

Cryptocurrency Cybercrime Computers and Electronics Scams 236

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 128

Threat Reports Phishing Banking Malware 128

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open-sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. in Q2 2022.

Threat Reports 82

Threat Reports Phishing Malware Banking 82

SecureList

OCTOBER 13, 2023

In the case of LLMs, information passed to the bot can be compromised according to several scenarios: Data leak or hack on the provider’s side; Although LLM-based chatbots are operated by tech majors, even they are not immune to hacking or accidental leakage. Account hacking.

Accountability 113

Accountability B2B Risk Hacking 113

Security Affairs

JULY 4, 2022

The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. in Q1 2022.

Threat Reports 80

Threat Reports Phishing Banking Malware 80

Security Affairs

JULY 22, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from April to June, Q2, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 114

Threat Reports Phishing Malware Banking 114

Security Affairs

NOVEMBER 14, 2021

The Threat Report Portugal: Q3 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q3, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 84

Threat Reports Phishing Malware Banking 84

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. Threat Report Portugal Q1 2021: Phishing and malware by numbers. The submissions were classified as either phishing or malware. Phishing and Malware Q1 2021. Threats by Sector.

Threat Reports 86

Threat Reports Phishing Malware Data collection 86

Security Affairs

JANUARY 26, 2021

Threat Report Portugal Q4 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. Threats by Sector.

Threat Reports 112

Threat Reports Phishing Malware Banking 112

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is a novel open sharing database with the ability to collect indicators from multiple sources, developed by Segurança-Informática. The campaigns were classified as either phishing or malware. Phishing and Malware Q1 2020.

Threat Reports 97

Threat Reports Phishing Banking Malware 97

Security Affairs

FEBRUARY 20, 2022

The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q4, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 89

Threat Reports Phishing Banking Malware 89

Security Affairs

MAY 27, 2020

An interesting point is that one day after data collection, on 2020/05/21, most of the samples were removed from the server by the malware operators, but the sample targeting Portugal was kept available for the next days. Figure 6: Metrics collected from the server on May 21st, 2020 with the Portuguese sample kept by crooks.

Malware 66

Malware Banking Advertising Data collection 66