SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering 78

Social Engineering Mobile Authentication Engineering 78

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. ” reads the analysis published by Google TAG.

Accountability 131

Accountability Malware Phishing Social Engineering 131

Security Boulevard

JULY 28, 2022

The key observations are: Obfuscated Excel macros used to download and run the Emotet loader. Encrypted Emotet payload embedded in loader’s.rsrc section. Emotet is a Windows-based malware loader operated by the cybercrime group TA542 ( 1 ), also referred to as Mummy Spider ( 2 ). Macro Downloads and Executes Emotet Loader.

Encryption 59

Encryption Malware Phishing Cybercrime 59

CyberSecurity Insiders

FEBRUARY 8, 2022

Microsoft has made it official that it has disabled macros across its office products to block malware cyber attacks. Thence, the user needs to decide and then act on whether they need to go for the download by right-clicking and then selecting the properties from the context menu and unblock the macros feature.

Cyber Attacks 137

Cyber Attacks Malware Identity Theft Cyber Risk 137

Spinone

MARCH 13, 2020

Unfortunately, for hackers coronavirus has meant just another opportunity to spread malware through phishing emails. Coronavirus Phishing Emails Phishing is among the top 5 ways to get ransomware. To initiate a phishing attack, a scammer sends you an email with a malicious link/attachment. Let’s find out.

Phishing 88

Phishing Malware Backups Ransomware 88

Malwarebytes

APRIL 6, 2021

In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Upon analysis, the obfuscated PowerShell downloader initiated a chain of infection leading to a lesser-known malware called Saint Bot. It was seen dropping stealers (i.e. Distribution.

Malware 120

Malware Phishing Passwords Architecture 120

SecureWorld News

OCTOBER 30, 2023

When it comes to impactful types of internet-borne crime, phishing is the name of the game. It serves as a vessel for various strains of malware, including ransomware, and underlies data-stealing campaigns that target large organizations and individuals alike. And for good reason. Tactics matter a lot, too.

Phishing 101

Phishing Scams Passwords Wireless 101

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. We have seen news of ChatGPT leaking user’s information and law enforcement asking for backdoors in encryption routines. This is changing.

Malware 77

Malware Passwords Identity Theft Banking 77

SecureList

FEBRUARY 15, 2021

Agentb malware family. The Kaspersky Anti-Phishing component blocked 434,898,635 attempts at accessing scam sites. The most frequent targets of phishing attacks were online stores (18.12 The contact phone trick was heavily used both in email messages and on phishing pages. Trends of the year. Malicious links.

Phishing 136

Phishing Malware Scams Accountability 136

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:?

Phishing 92

Phishing Cybercrime Ransomware Encryption 92

Security Affairs

AUGUST 21, 2022

The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework. Unlike the previous version of the module, the new one uses four additional executables downloaded by the previous stage (WavemsMp.dll) instead of implementing the stealing functionality inside the DLL.

Malware 97

Malware Spyware Phishing Government 97

Security Affairs

MARCH 25, 2024

The threat actors sent out spam emails with attachments that eventually launched the StrelaStealer malware. The malware StrelaStealer is an email credential stealer that DCSO_CyTec first documented in November 2022. Upon downloading and opening the archive, a JScript file is dropped onto the system. ” concludes the report.

Malware 106

Malware Encryption Manufacturing Phishing 106

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware.

Malware 127

Malware Scams Social Engineering Phishing 127

Security Affairs

APRIL 9, 2024

Fortinet researchers observed a threat actor sending out a phishing email containing malicious Scalable Vector Graphics (SVG) files. The email is crafted to trick recipients into clicking on an attachment, which downloads a ZIP file containing a Batch file obfuscated with the BatCloak tool.

Engineering 98

Engineering Phishing Malware Hacking 98

Hacker Combat

OCTOBER 25, 2021

Google has reported that it disrupted the phishing attacks where threat actors had tried to hijack various YouTube accounts using cookie theft malware. They had the targeted unsuspecting persons with phishing emails that promised phoney collaboration opportunities. The malware has the ability to steal passwords and cookies.

Accountability 99

Accountability Malware Scams Antivirus 99

Hacker Combat

JULY 7, 2022

A new malware is now an important component when it comes to engineering ransomware attacks. The malware, which goes by the name Bumblebee, was recently analyzed by Symantec researchers. An attachment involving quantum has also shed some light on the way cybercriminals use this new malware to deliver ransomware.

Malware 98

Malware Ransomware Phishing Engineering 98

Security Boulevard

MARCH 1, 2023

Attackers are increasingly using OneNote documents to distribute malware, due to the heightened security measures against macro-based attacks and the widespread adoption and popularity of the platform. Key Takeaways: Threat actors are increasingly using Microsoft OneNote documents to deliver malware via phishing emails.

Malware 78

Malware Phishing Threat Detection Encryption 78

Thales Cloud Protection & Licensing

MARCH 18, 2024

QR Code Scams: What You Need to Know About This Phishing Tactic madhav Tue, 03/19/2024 - 06:10 In a world where individuals and organizations alike are increasingly dependent on digital processes, cybercriminals are constantly looking for and developing new ways to exploit technology to take advantage of their targets.

Scams 71

Scams Phishing Identity Theft Risk 71

SiteLock

AUGUST 27, 2021

In this week’s post, we take a look at “in-the-wild” phishing attacks and talk about how to protect against a phishing attack and how to counter them. Phishing Attack Examples. Here are two examples of phishing attacks that were carried out. The iframe and file download. Data URI and phishing page.

Phishing 95

Phishing Antivirus Malware Firewall 95

Malwarebytes

MARCH 1, 2024

A new type of malware is being used by ransomware gangs in their attacks, and its name is PikaBot. Simply put, a modular trojan is a type of malware designed to be flexible and extensible, allowing attackers to add or update its functionalities easily without needing to replace the whole malware.

Malware 75

Malware Ransomware Phishing Encryption 75

Security Affairs

JULY 19, 2020

The four malware families are named Guildma, Javali, Melcoz, and Grandoreiro, experts believe are the result of a Brazilian banking group/operation that is evolving its capabilities targeting banking users abroad. VBS,LNK) or an HTML file which executes Javascript for downloading a malicious file. ” continues Kaspersky.

Banking 105

Banking Malware Phishing Advertising 105

CyberSecurity Insiders

MARCH 28, 2023

The malware is primarily used to steal sensitive information, such as login credentials and financial information, from victims. The Dridex malware typically spreads through spam email campaigns, with the emails containing a malicious attachment or link that, when clicked, will install the malware on the victim's computer.

Banking 78

Banking Malware Backups Education 78

CyberSecurity Insiders

MAY 11, 2023

Intro In February 2022, Microsoft disabled VBA macros on documents due to their frequent use as a malware distribution method. This move prompted malware authors to seek out new ways to distribute their payloads, resulting in an increase in the use of other infection vectors, such as password-encrypted zip files and ISO files.

Malware 98

Malware Social Engineering Engineering Education 98

Identity IQ

APRIL 29, 2021

What is Malware? . Malware is an umbrella term used to describe any malicious software designed to harm, exploit, or extract sensitive data from a system, device, or network. Why do Cybercriminals Use Malware? How does Malware Spread? Types of Malware. Warning Signs Cour computer Is Infected by Malware.

Malware 98

Malware Adware Spyware Advertising 98

Security Affairs

NOVEMBER 19, 2022

The DEV-0569 group carries out malvertising campaigns to spread links to a signed malware downloader posing as software installers or fake updates embedded in spam messages, fake forum pages, and blog comments. The downloader, tracked as BATLOADER , shares similarities with another malware called ZLoader. anydeskos[.]com

Ransomware 134

Ransomware Malware Antivirus Phishing 134

Security Affairs

AUGUST 31, 2022

A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure. Securonix Threat researchers uncovered a persistent Golang-based malware campaign tracked as GO#WEBBFUSCATOR that leveraged the deep field image taken from the James Webb telescope. Pierluigi Paganini.

Malware 88

Malware DNS Antivirus Encryption 88

eSecurity Planet

AUGUST 16, 2021

A phishing campaign that Microsoft security researchers have been tracking for about a year highlights not only the ongoing success of social engineering efforts by hackers to compromise systems, but also the extent to which the bad actors will go to cover their tracks while stealing user credentials. Whitelisting vs. Blacklisting.

Phishing 109

Phishing Social Engineering Passwords Engineering 109

Malwarebytes

FEBRUARY 17, 2023

The tag-team campaign serves up ransomware known as Mortal Kombat, which borrows the name made famous by the video game, and Laplas Clipper malware, a clipboard stealer. The BAT loader kicks off a chain of events that results in the download and execution of the ransomware or the clipper malware, from one of two URLs.

Ransomware 77

Ransomware Malware Cryptocurrency Encryption 77

Malwarebytes

AUGUST 31, 2022

A rather unique approach to spread malware using the popularity of the James Webb telescope images has been identified by the Securonix threat research team. The malware is being spread by a phishing campaign that includes a Microsoft Office attachment. This command will download a file named OxB36F8GEEC634.jpg,

Malware 92

Malware Engineering Architecture Encryption 92

Webroot

FEBRUARY 9, 2024

One trend that has recently caught our attention is the notable spike in malware-infected cracked software, particularly as we enter tax season. These unauthorized versions are frequently loaded with malware, from trojans and keyloggers to ransomware. Our threat analysts are constantly monitor the ebb and flow of various threats.

Scams 90

Scams Software Identity Theft Malware 90

CSO Magazine

DECEMBER 14, 2021

In honor of this week’s theme for Cybersecurity Month , Fight the Phish!, A successful phishing campaign will download just the kind of malware that drives ransomware. we are resharing this video about how to block incoming cybersecurity threats. Is your perimeter defense up to the challenge?

Phishing 91

Phishing Encryption Ransomware Malware 91

SecureList

MARCH 1, 2021

The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Number of attacks on mobile users in 2019 and 2020 ( download ). Last year was notable for both malware and adware, the two very close in terms of capabilities. Number of adware attacks on mobile users in 2019 and 2020 ( download ). apk and coviddetect.apk.

Mobile 132

Mobile Malware Adware Banking 132

Cisco Security

SEPTEMBER 28, 2021

What does phishing mean? All you see is an alarming screen that shouts, “Your files are encrypted!”. What’s phishing? The link downloads harmful software, or the attachment infects your device. Phishing is a simple and popular way for hackers trick and hook you. Spear phishing is a special type.

Phishing 122

Phishing Ransomware Passwords Cryptocurrency 122

eSecurity Planet

OCTOBER 3, 2022

The spear phishing campaigns have targeted engineers and technical support operators, and the cybercriminals have pretended to be IT recruiters. Then they moved the conversation away from the platform to encrypted messaging apps like WhatsApp. The victims were tricked into downloading utilities to complete fake job assessments.

Software 126

Software Social Engineering Engineering Phishing 126

eSecurity Planet

AUGUST 11, 2021

As users have increasingly moved from desktop operating systems to mobile devices as their primary form of computing, cyber attackers have taken notice and malware has followed. Mobile malware statistics. More than 3 million of those attacks represented new types of malware. Types of mobile malware. ransomware?

Mobile 104

Mobile Malware Adware Banking 104

Malwarebytes

AUGUST 3, 2022

We believe that these archive files have been distributed using spear phishing emails. Before initialization, the malware effectively suppresses all error reporting by calling SetErrorMode with 0x8007 as parameter. The malware communicates with its C2 using HTTP requests. Data encryption with HTTP requests. Archive files.

Malware 111

Malware Encryption Antivirus Architecture 111

Security Affairs

APRIL 18, 2021

Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. exe or annualreport.exe.

Malware 111

Malware Ransomware Encryption Phishing 111