SecureList

OCTOBER 21, 2024

Kral In mid-2023, we discovered the Kral downloader which, back then, downloaded the notorious Aurora stealer. This changed in February this year when we discovered a new Kral stealer, which we believe is part of the same malware family as the downloader due to certain code similarities. That file is the Kral downloader.

Passwords 127

Passwords Malware Encryption Cryptocurrency 127

Thales Cloud Protection & Licensing

MAY 7, 2025

Phishing-Resistant MFA: Why FIDO is Essential madhav Thu, 05/08/2025 - 04:47 Phishing attacks are one of the most pervasive and insidious threats, with businesses facing increasingly sophisticated and convincing attacks that exploit human error.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

Security Affairs

JANUARY 5, 2025

The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware. Upon executing the archive, it drops a malicious Windows executable, which eventually downloads and executesthe PLAYFULGHOST payloadfrom a remote server. sys driver.

Malware 132

Malware Encryption Phishing Hacking 132

eSecurity Planet

MARCH 28, 2025

A sophisticated cybercrime service known as “Lucid” is exploiting vulnerabilities in Apples iMessage and Androids Rich Communication Services (RCS), allowing cyberthieves to conduct large-scale phishing attacks with alarming success. Automated mobile farms that deploy phishing messages at scale.

Phishing 57

Phishing Scams Cybercrime Encryption 57

Security Affairs

MAY 5, 2025

The attack chain commences via phishing messages, fake browser updates, and invoice lures through Italys PEC email system. In early 2025, Recorded Future researchers observed a phishing campaign targeting the U.S. MintsLoader is used by several threat groups, notably TAG-124. ” reads the report published by Recorded Future.

Malware 128

Malware Phishing Threat Reports Encryption 128

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns. Attackers also employ encrypted or password-protected files to evade security detection.

Banking 90

Banking Phishing Malware Passwords 90

Security Affairs

APRIL 21, 2025

Check Point Research team reported that Russia-linked cyberespionage group APT29 (aka SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) is behind a sophisticated phishing campaign targeting European diplomatic entities, using a new WINELOADER variant and a previously unknown malware called GRAPELOADER.

Malware 107

Malware Phishing Encryption Hacking 107

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. The RAT supports advanced evasion techniques, including living-off-the-land ( LOTL ) tactics and encrypted command and control (C2) communications. opendnsapi.net), and uses IPFS to retrieve encrypted modules.

Encryption 103

Encryption Ransomware Malware Phishing 103

Troy Hunt

NOVEMBER 13, 2024

I would like to opt-out of here to reduce the SPAM and Phishing emails. But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum. If, like me, you're part of the 99.5%

Data breaches 335

Data breaches Passwords B2B Technology 335

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 144

Phishing Marketing Scams Accountability 144

Security Affairs

MARCH 24, 2025

Initially, the group published screenshots of stolen data as proof of the attack, now the whole archive can be downloaded from the leak page. ” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware 104

Ransomware Hacking Social Engineering Manufacturing 104

Krebs on Security

DECEMBER 1, 2022

ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link.

Phishing 315

Phishing Architecture Passwords Accountability 315

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. Overwrite the current process command line with the decoded JavaScript.

Malware 143

Malware Encryption Architecture Phishing 143

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. Federal Bureau of Investigation (FBI).

Antivirus 331

Antivirus VPN Encryption Malware 331

Malwarebytes

APRIL 6, 2021

In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Upon analysis, the obfuscated PowerShell downloader initiated a chain of infection leading to a lesser-known malware called Saint Bot. The.NET downloader. The bitmap carries encrypted content.

Malware 143

Malware Phishing Passwords Architecture 143

Heimadal Security

NOVEMBER 9, 2022

affiliate is targeting companies with phishing emails, tricking them into installing the Amadey Bot and taking control of their devices. payload is downloaded as a PowerShell script or executable file that runs on the host computer and encrypts files. A LockBit 3.0 The attack’s LockBit 3.0 What Is the Amadey Bot?

Phishing 122

Phishing Encryption Malware Cybersecurity 122

SecureList

MARCH 24, 2022

What are phishing kits? One of the most common tricks scammers use in phishing attacks is to create a fake official page of a famous brand. Even phishing page domain name can often look like the real web address of a certain brand, as cybercriminals include the name of the company or service they are posing as in the URL.

Phishing 143

Phishing Marketing Banking Technology 143

SecureList

JUNE 22, 2023

For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Phishing and a kit Recently we stumbled upon a Business Email Compromise (BEC) case, active since at least Q3 2022. Adopting the ransom note makes the least sense.

Phishing 131

Phishing Encryption Cybercrime Ransomware 131

SecureList

MAY 3, 2021

Banking phishing: new version of an old scheme. Clients of several Dutch banks faced a phishing attack using QR codes. The links in their messages took the victim to a well-designed phishing pages with official emblems, business language and references to relevant laws. Quarterly highlights. Vaccine with cyberthreat.

Phishing 137

Phishing Banking Accountability Computers and Electronics 137

SecureWorld News

JANUARY 16, 2025

Conducting regular training sessions on recognizing phishing emails, avoiding suspicious downloads, and following cybersecurity protocols can build a resilient workforce. Hackers used compromised credentials to gain access to Colonial Pipeline's network, deploying ransomware that encrypted critical systems.

Energy and Utilities 109

Energy and Utilities IoT Artificial Intelligence Backups 109

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. CERT-UA discovered multiple phishing attacks aimed at government organizations between December 15 and December 25. file classified as MASEPIE.

Phishing 142

Phishing Malware Computers and Electronics Internet 142

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 95

Small Business Cybersecurity Scams Passwords 95

Cisco Security

SEPTEMBER 28, 2021

What does phishing mean? All you see is an alarming screen that shouts, “Your files are encrypted!”. What’s phishing? The link downloads harmful software, or the attachment infects your device. Phishing is a simple and popular way for hackers trick and hook you. Spear phishing is a special type.

Phishing 145

Phishing Ransomware Passwords Cryptocurrency 145

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The malware, which received commands via the Dropbox cloud service, was used to download additional payloads. All the active sub-campaigns host the initial downloader on Dropbox.

Energy and Utilities 104

Energy and Utilities Ransomware Malware Government 104

Krebs on Security

JANUARY 30, 2024

” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. On July 28 and again on Aug. According to an Aug.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Security Boulevard

SEPTEMBER 10, 2024

Introduction Following the 2024 ThreatLabz Phishing Report, Zscaler ThreatLabz has been closely tracking domains associated with typosquatting and brand impersonation - common techniques used by threat actors to proliferate phishing campaigns. Among the analyzed phishing domains, 48.4%

Phishing 111

Phishing Accountability Malware Encryption 111

SecureList

DECEMBER 18, 2024

Telegram channel suggests that the hacktivists do not use phishing emails as an initial attack vector. The attackers compromise Jira, Confluence and Microsoft SQL Server services using vulnerabilities that we were unable to identify due to the data storage limitations of the attacked segment. Messages from the C.A.S

Encryption 89

Encryption Passwords Accountability Ransomware 89

IT Security Guru

JANUARY 30, 2025

Common Cyber Attacks On Spread Betting Platforms Phishing Attacks Hackers send fake emails or messages that are made to look official to unsuspecting users. Malware Infections Malware is simply dangerous programs installed on devices through suspicious downloads or links. Advanced Encryption Protocols Encryptions are really powerful.

Cyber Risk 95

Cyber Risk Risk Penetration Testing Accountability 95

eSecurity Planet

APRIL 21, 2025

Researchers at Trustwave SpiderLabs have linked the provider to a surge in dangerous activities from credential brute-forcing and mass vulnerability scanning to the delivery of ransomware, infostealers, and Android-targeted phishing campaigns. Once inside, they deploy a ransomware strain named SuperBlack, similar to LockBit 3.0,

Malware 70

Malware Phishing Ransomware VPN 70

Thales Cloud Protection & Licensing

MAY 27, 2025

63% cited future encryption compromise 61% said key distribution, and 58% are concerned about the future decryption of todays data, including the harvest now, decrypt later threat. 48% of the respondents said they are assessing their current encryption strategies. This concern is amplified given the high reported number of APIs in use.

Threat Reports 62

Threat Reports Data breaches Encryption Phishing 62

SecureList

NOVEMBER 28, 2024

Except for the first-stage loader and the PipeShell plugin, all plugins are downloaded from the C2 and then loaded into memory, leaving no trace on disk. However, P8 contains many built-in functions and redesigns of the communication protocol and encryption algorithm, making it a well-designed and powerful espionage platform.

Malware 118

Malware Government Software Spyware 118

Security Affairs

APRIL 21, 2023

Phishing attacks are a major threat to organizations, they remain a perennial choice of cybercriminals when it comes to hacking their victims. The infographic below outlines the most common types of phishing attacks used against individuals or businesses. The eight most common forms of phishing-based cyberattacks.

Phishing 98

Phishing Social Engineering Security Awareness Passwords 98

Security Affairs

JULY 28, 2024

On July 24, 2024, CrowdStrike experts identified a spear-phishing campaign targeting German customers by exploiting the recent issue with Falcon Sensor updates. The site was used to deploy JavaScript disguised as JQuery to download and deobfuscate the installer. com/crowdstrike/. “The website it[.]com

Passwords 144

Passwords Phishing Malware Encryption 144

SecureWorld News

OCTOBER 30, 2023

When it comes to impactful types of internet-borne crime, phishing is the name of the game. According to Verizon's 2023 Data Breach Investigations Report (DBIR), a whopping 74% of breaches involve a human element, which is exactly what phishing aims to exploit. And for good reason. Tactics matter a lot, too.

Phishing 109

Phishing Scams Passwords Wireless 109

SecureList

FEBRUARY 21, 2025

Technical details Initial attack vector The initial attack vector used by Angry Likho consists of standardized spear-phishing emails with various attachments. Contents of spear-phishing email inviting the victim to join a videoconference The archive includes two malicious LNK files and a legitimate bait file. averageorganicfallfaw[.]shop

Phishing 87

Phishing Encryption Banking Malware 87

Thales Cloud Protection & Licensing

MAY 26, 2025

63% cited future encryption compromise 61% said key distribution, and 58% are concerned about the future decryption of todays data, including the harvest now, decrypt later threat. 48% of the respondents said they are assessing their current encryption strategies. This concern is amplified given the high reported number of APIs in use.

Threat Reports 62

Threat Reports Data breaches Encryption Phishing 62