Security Boulevard

AUGUST 6, 2024

Threat Intelligence Report Date: August 6, 2024 Prepared by: David Brunsdon, Threat Intelligence - Security Engineer, HYAS Dynamic DNS (DDNS) is a service that automatically updates the Domain Name System (DNS) in real-time to reflect changes in the IP addresses of a domain.

DNS 69

DNS Malware Social Engineering Software 69

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. Lookout linked BoneSpy and PlainGnome to Gamaredon due to shared IP infrastructure, domain naming conventions, and the use of dynamic DNS services like ddns[.]net, Armageddon , Primitive Bear, and ACTINIUM).

Mobile 100

Mobile Malware Surveillance Social Engineering 100

SecureList

MAY 27, 2022

The attackers study their victims carefully and use the information they find to frame social engineering attacks. The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. When opened, this document eventually downloads a backdoor. Other malware.

Phishing 135

Phishing Spyware Firmware Malware 135

SecureWorld News

MARCH 29, 2024

This ends up executing sketchy code that installs viruses, ransomware, spyware, or adware behind the victim's back. A DNS firewall and a classic antivirus are somewhat underused yet effective security tools that will come in handy. However, that seems to be a misconception because these cyberattacks often overlap.

Cybercrime 109

Cybercrime Advertising Engineering Antivirus 109

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 145

Malware Government Spyware Social Engineering 145

Pen Test Partners

MAY 26, 2025

Our analysis proved theyd been socially engineered using deepfake voice calls and spoofed emails, exonerating the staff member and aiding in Interpols ongoing investigation. Our investigation revealed spyware with call-forwarding and banking credential capture, likely installed via custom firmware on the device.

Banking 64

Banking VPN Ransomware Scams 64

Herjavec Group

AUGUST 26, 2021

1970-1995 — Kevin Mitnick — Beginning in 1970, Kevin Mitnick penetrates some of the most highly-guarded networks in the world, including Nokia and Motorola, using elaborate social engineering schemes, tricking insiders into handing over codes and passwords, and using the codes to access internal computer systems.

Cybercrime 135

Cybercrime Computers and Electronics Hacking Banking 135