Download, Information Security and Phishing

4 Malicious apps on Play Store totaled +1M downloads

Security Affairs

NOVEMBER 2, 2022

Four malicious Android apps uploaded by the same developer to Google Play totaled at least one million downloads. The apps are infected with the Android/Trojan.HiddenAds.BTGTHB malware, the apps totaled at least one million downloads. 50,000+ downloads Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices).

Adware

Adware Phishing Mobile Malware

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

Therefore, computer admins are being warned to be aware of phishing emails, malicious downloads, and be wary of other social engineering attacks. The post Information Security News headlines trending on Google appeared first on Cybersecurity Insiders.

Information Security

Information Security Healthcare Social Engineering Ransomware

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. com”, which in turn redirected them to an attacker-owned Dropbox that downloaded the malicious executable WsTaskLoad.exe onto their systems.

Phishing

Phishing Cybercrime Manufacturing Hacking

Combatting Phishing with Enhanced Cybersecurity Awareness Programs

SecureWorld News

OCTOBER 24, 2023

Phishing is all around us. Attackers use a variety of tricks to get their hands on personal data, payment information, and corporate secrets. There, the employee is tricked into entering personal account details or other confidential information or into downloading an attachment that harbors a virus.

Phishing

Phishing Cybersecurity Security Awareness Computers and Electronics

Phishing with hacked sites

SecureList

AUGUST 14, 2023

Examples include automation with phishing kits or Telegram bots. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation. A lack of maintenance and security patches means they are easy to compromise using a known exploit.

Phishing

Phishing Hacking Banking Scams

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

A new phishing scam targets American Express cardholders

Security Affairs

SEPTEMBER 5, 2022

Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American Express customers. The phishing email, marked by Google as safe, was delivered to more than 16,000 users’ addresses. Pierluigi Paganini.

Phishing

Phishing Scams Social Engineering Password Management

A massive phishing campaign using QR codes targets the energy sector

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing

Phishing Energy and Utilities Insurance Manufacturing

TodayZoo phishing kit borrows the code from other kits

Security Affairs

OCTOBER 24, 2021

Microsoft uncovered an extensive series of credential phishing campaigns that employed a custom phishing kit tracked as TodayZoo. Microsoft researchers uncovered a custom phishing kit, dubbed TodayZoo, that was used in an extensive series of credential phishing campaigns. com domain to send the phishing messages.

Phishing

Phishing Passwords Hacking Accountability

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing

Phishing Adware Retail Malware

Beware of the new phishing technique “file archiver in the browser” that exploits zip domains

Security Affairs

MAY 30, 2023

“file archiver in the browser” is a new phishing technique that can be exploited by phishers when victims visit a.ZIP domain. A new phishing technique called “file archiver in the browser” can be used by phishers to “emulate” a file archiver software in a web browser when a victim visits a.ZIP domain.

Phishing

Phishing Software Hacking Cybercrime

A phishing campaign targets Ukrainian military entities with drone manual lures

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin.

Phishing

Phishing Cyber Attacks Malware Internet

Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs

Security Affairs

JULY 9, 2021

Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. Most of the phishing attacks leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. SecurityAffairs – hacking, phishing).

Phishing

Phishing Social Engineering Banking Engineering

MailChimp breached, intruders conducted phishing attacks against crypto customers

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. Trezor WARNING: Elaborate Phishing attack. Trazor also took the phishing domain used by threat actors offline and launched an investigation to determine how many users have been impacted.

Phishing

Phishing Data breaches Cryptocurrency Social Engineering

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

Security Boulevard

MARCH 27, 2022

The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1

Phishing

Phishing Software Hacking Social Engineering

Experts warn of the first known phishing attack against PyPI

Security Affairs

AUGUST 28, 2022

The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The Python Package Index, PyPI, this week warned of an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to the packages in the repository.

Phishing

Phishing Hacking Accountability Cybercrime

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

Chaes is also able to take screenshots of the victim’s machine, and hook and monitor the Chrome web browser to collect user information from infected hosts. The kill chain starts with phishing messages that use a.docx file that once is opened triggers a template injection attack. ” concludes the report.

Phishing

Phishing Malware Cryptocurrency Information Security

Analyzing Phishing attacks that use malicious PDFs

Security Affairs

FEBRUARY 13, 2022

Cybersecurity researchers Zoziel Pinto Freire analyzed the use of weaponized PDFs in phishing attacks. Every day everybody receives many phishing attacks with malicious docs or PDFs. I downloaded this file in my VPS (Kali Linux) and used peepdf to do an analysis of the file structure, and I found 2 URIs in objects 3 and 5.

Phishing

Phishing Banking Hacking Cybersecurity

Your colleague was infected with Coronavirus, this is the latest phishing lure

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. “If a user enables content, malicious macros will be executed to download a malware executable to the computer and launch it.” Pierluigi Paganini.

Phishing

Phishing Advertising Cryptocurrency Malware

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link.

Phishing

Phishing Architecture Passwords Accountability

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The post Phishing attacks using the topic “Azovstal” targets entities in Ukraine appeared first on Security Affairs. To nominate, please visit:? Pierluigi Paganini.

Phishing

Phishing Cybercrime Ransomware Encryption

Russia behind a massive spear-phishing campaign that hit Ukraine

Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year. Details in the application… ». Pierluigi Paganini.

Phishing

Phishing Government Antivirus Passwords

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. net) that appears to belong to a compromised Ukranian armed service member.”

Phishing

Phishing Accountability Government Malware

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. How It Works?

Phishing

Phishing Accountability Hacking Advertising

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

During analysis, we observed that the piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter.” DOPLUGS acts as a downloader and supports four backdoor commands.

Malware

Malware Phishing Government Passwords

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

Now experts from CISA are warning of phishing messages delivering weaponized Microsoft Word documents that contain malicious Visual Basic Application (VBA) macro code. ” The VBA macro uses the certificate database tool CertUtil for the download of remote files from a given Uniform Resource Locator. Pierluigi Paganini.

Phishing

Phishing Malware Advertising Architecture

WhiteShadow downloader leverages Microsoft SQL to retrieve multiple malware

Security Affairs

SEPTEMBER 29, 2019

Researchers at Proofpoint have spotted a piece of downloader , dubbed WhiteShadow, that leverages Microsoft SQL queries to pull and deliver malicious payloads. . In August, malware researchers at Proofpoint spotted a new downloader which is being used to deliver a variety of malware via Microsoft SQL queries. Pierluigi Paganini.

Malware

Malware Advertising Phishing Information Security

New phishing campaign targets bank customers with WSH RAT

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. Within five days, WSH RAT was observed being actively distributed via phishing.

Banking

Banking Phishing Advertising Malware

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Downloaders , intended for the installation of additional malware,and backdoors , granting cybercriminals remote access to victims’ computers, also made it to top-3.

Phishing

Phishing Ransomware Spyware Banking

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing

Phishing Malware Government Small Business

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

MAY 28, 2021

The phishing campaign detected by MSTIC leveraged the Google Firebase platform to provide an ISO file containing the malicious code. Since May 2021, the attackers started dropping a custom.NET first-stage implant, detected as TrojanDownloader:MSIL/BoomBox, that was used for reconnaissance purposes and to downloaded additional payloads.

Phishing

Phishing Threat Detection Telecommunications Malware

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

SmokeLoader acts as a loader for other malware, once it is executed it will inject malicious code into the currently running explorer process (explorer.exe) and downloads another payload to the system. IT shared indicators of compromise for this campaign and is urging to implement proper security policies and protection mechanisms.

Malware

Malware Banking Accountability Phishing

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. The post U.S.

Phishing

Phishing Social Engineering Malware Advertising

Cisco Duo warns telephony supplier data breach exposed MFA SMS logs

Security Affairs

APRIL 15, 2024

The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack. Then they used the access to download a set of MFA SMS message logs belonging to customers’ Duo accounts. date and time of the message, type of message, etc.).”

Data breaches

Data breaches Social Engineering Engineering Authentication

Experts uncovered an advanced phishing campaign delivering the Quasar RAT

Security Affairs

AUGUST 27, 2019

Researchers at Cofense uncovered an advanced phishing campaign delivering Quasar RAT via fake resumes. Experts at security firm Cofense observed an advanced phishing campaign delivering Quasar RAT via fake resumes. The fake resumes distributed in this phishing campaign detected are password-protected Microsoft Word documents.

Phishing

Phishing Passwords Advertising Malware

US Utilities Targeted with LookBack RAT in a new phishing campaign

Security Affairs

SEPTEMBER 24, 2019

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. nceess [. ] Nceess [. ]

Phishing

Phishing Energy and Utilities Advertising Engineering

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e. GhostPulse), and other forms of phishing campaigns. “In recent attacks, the NetSupport RAT has been observed to be downloaded onto a victim’s computer via deceptive websites and fake browser updates.” implacavelvideos[.]com).

Education

Education Government Business Services Software

Attackers impersonate CircleCI platform to compromise GitHub accounts

Security Affairs

SEPTEMBER 25, 2022

GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. Phishing messages claims that a user’s CircleCI session expired and attempt to trick recipients into logging in using GitHub credentials. com circle-cl[.]com

Accountability

Accountability Phishing Authentication Passwords

DEV-0569 group uses Google Ads to distribute Royal Ransomware

Security Affairs

NOVEMBER 19, 2022

The DEV-0569 group carries out malvertising campaigns to spread links to a signed malware downloader posing as software installers or fake updates embedded in spam messages, fake forum pages, and blog comments. The downloader, tracked as BATLOADER , shares similarities with another malware called ZLoader. anydeskos[.]com

Ransomware

Ransomware Malware Antivirus Phishing

IcedID malware campaign targets Zoom users

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. ” concludes the report.

Malware

Malware Phishing Banking Hacking

A new highly evasive technique used to deliver the AsyncRAT Malware

Security Affairs

JANUARY 27, 2022

Researchers from Morphisec spotted a sophisticated phishing campaign delivering the AsyncRAT trojan since September 2021. The phishing messages use an html attachment disguised in the form of an order confirmation receipt (e.g., Upon opening the file, a webpage is displayed and it requests the recipients to save a downloaded ISO file.

Malware

Malware Phishing Hacking Network Security

Cuba ransomware affiliate targets Ukraine, CERT-UA warns

Security Affairs

OCTOBER 24, 2022

On October 21, 2022, the Ukraine CERT-UA uncovered a phishing campaign impersonating the Press Service of the General Staff of the Armed Forces of Ukraine. The phishing messages included a link to a third-party website for downloading a document titled ‘?????_309.pdf’

Ransomware

Ransomware Phishing Hacking Software

Coldriver threat group targets high-ranking officials to obtain credentials

Malwarebytes

JANUARY 22, 2024

These targets are approached in spear phishing attacks. The group uses social engineering techniques to persuade their targets to open documents or download malware. Once a relationship has been established, the target will receive a phishing link or a document containing such a link.

Social Engineering

Social Engineering Government Media DNS

IKEA hit by a cyber attack that uses stolen internal reply-chain emails

Security Affairs

NOVEMBER 27, 2021

Threat actors are targeting IKEA employees in an internal phishing campaign leveraging stolen reply-chain emails. According to BleepingComputer, threat actors are targeting IKEA employees in phishing attacks using stolen reply-chain emails. The company also shared an example of a phishing email sent to its employees.

Cyber Attacks

Cyber Attacks Phishing Malware Hacking

4 Malicious apps on Play Store totaled +1M downloads

Information Security News headlines trending on Google

Trending Sources

FIN7 targeted a large U.S. carmaker phishing attacks

Combatting Phishing with Enhanced Cybersecurity Awareness Programs

Phishing with hacked sites

Russia-linked APT28 used new malware in a recent phishing campaign

A new phishing scam targets American Express cardholders

A massive phishing campaign using QR codes targets the energy sector

TodayZoo phishing kit borrows the code from other kits

China-based Fangxiao group behind a long-running phishing campaign

Beware of the new phishing technique “file archiver in the browser” that exploits zip domains

A phishing campaign targets Ukrainian military entities with drone manual lures

Hackers use a new technique in phishing attacks to disable Macro security warnings in weaponized docs

MailChimp breached, intruders conducted phishing attacks against crypto customers

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems

Experts warn of the first known phishing attack against PyPI

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Analyzing Phishing attacks that use malicious PDFs

Your colleague was infected with Coronavirus, this is the latest phishing lure

ConnectWise Quietly Patches Flaw That Helps Phishers

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Russia behind a massive spear-phishing campaign that hit Ukraine

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

CISA warns of phishing attacks delivering KONNI RAT

WhiteShadow downloader leverages Microsoft SQL to retrieve multiple malware

New phishing campaign targets bank customers with WSH RAT

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Cisco Duo warns telephony supplier data breach exposed MFA SMS logs

Experts uncovered an advanced phishing campaign delivering the Quasar RAT

US Utilities Targeted with LookBack RAT in a new phishing campaign

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Attackers impersonate CircleCI platform to compromise GitHub accounts

DEV-0569 group uses Google Ads to distribute Royal Ransomware

IcedID malware campaign targets Zoom users

A new highly evasive technique used to deliver the AsyncRAT Malware

Cuba ransomware affiliate targets Ukraine, CERT-UA warns

Coldriver threat group targets high-ranking officials to obtain credentials

IKEA hit by a cyber attack that uses stolen internal reply-chain emails

Stay Connected