Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 100

Malware Phishing Spyware Cyber threats 100

Security Affairs

NOVEMBER 2, 2022

Four malicious Android apps uploaded by the same developer to Google Play totaled at least one million downloads. The apps are infected with the Android/Trojan.HiddenAds.BTGTHB malware, the apps totaled at least one million downloads. 50,000+ downloads Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices).

Adware 107

Adware Phishing Mobile Malware 107

CSO Magazine

JULY 25, 2022

Phishing , in which an attacker sends a deceptive email tricks the recipient into giving up information or downloading a file, is a decades-old practice that still is responsible for innumerable IT headaches. The fight against phishing is a frustrating one, and it falls squarely onto IT's shoulders.

Phishing 136

Phishing Passwords Malware 136

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 113

Phishing Software Scams Banking 113

Security Boulevard

MARCH 27, 2024

The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. The post DarkGate Malware Campaign Exploits Patched Microsoft Flaw appeared first on Security Boulevard.

Malware 67

Malware Phishing Marketing Software 67

CyberSecurity Insiders

MAY 5, 2021

Cybersecurity Firm Mandiant has observed that a new malware campaign is on the prowl that started on December 2nd, 2020 targeting over 50 organizations so far. The first campaign started in December last year when the hackers sent phishing emails laced with malicious links to over 247 organizations hailing from US and APAC nations.

Phishing 120

Phishing Malware Education Retail 120

Tech Republic Security

NOVEMBER 8, 2023

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 171

Malware Phishing Software Mobile 171

CSO Magazine

NOVEMBER 21, 2022

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. Luna Moth removes malware portion of phishing callback attack.

Phishing 76

Phishing Malware Social Engineering Retail 76

Schneier on Security

APRIL 6, 2020

Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash. The malware further spread through the network without raising any red flags by stealing admin account credentials authenticating itself on new systems, later used as stepping stones to compromise other devices.

Malware 283

Malware Phishing Authentication Internet 283

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. com”, which in turn redirected them to an attacker-owned Dropbox that downloaded the malicious executable WsTaskLoad.exe onto their systems.

Phishing 109

Phishing Cybercrime Manufacturing Hacking 109

Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware. Please download and read the attached encrypted document carefully.

Phishing 277

Phishing Antivirus Scams Malware 277

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 87

Phishing Software Scams Banking 87

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information.

Phishing 202

Phishing Scams Education Malware 202

Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. That's when Russian security firm Dr. Web found a sample of spyware in Google's app store that impersonated a downloader of graphic design software but in fact had the capability to steal contacts, call logs, and text messages from Android phones.

Malware 295

Malware Spyware Phishing Government 295

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing 118

Phishing Malware Cryptocurrency Information Security 118

The Hacker News

JANUARY 3, 2023

A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT.

Banking 88

Banking Malware Phishing 88

CyberSecurity Insiders

FEBRUARY 22, 2022

Trickbot Malware that started just as a banking malware has now emerged into a sophisticated data stealing tool capable of injecting malware like ransomware or serve as an Emotet downloader. The post Trickbot Malware hits 140,000 victims appeared first on Cybersecurity Insiders.

Malware 122

Malware Social Engineering Banking Phishing 122

The Hacker News

SEPTEMBER 30, 2023

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah.

Malware 100

Malware Phishing 100

Heimadal Security

NOVEMBER 9, 2022

affiliate is targeting companies with phishing emails, tricking them into installing the Amadey Bot and taking control of their devices. payload is downloaded as a PowerShell script or executable file that runs on the host computer and encrypts files. The Amadey Bot malware […]. A LockBit 3.0 The attack’s LockBit 3.0

Phishing 110

Phishing Encryption Malware Cybersecurity 110

Threatpost

MARCH 10, 2021

Spear-phishing emails are spreading the NimzaLoader malware loader, which some say may be used to download Cobalt Strike.

Phishing 93

Phishing Malware 93

Identity IQ

FEBRUARY 14, 2024

What Is Spear Phishing and How to Avoid It IdentityIQ Have you ever clicked a suspicious link or opened an unexpected attachment, only to realize it was a scam? That’s where spear phishing comes in – a particularly cunning form of online deception. What Is Spear Phishing?

Phishing 85

Phishing Identity Theft Social Engineering Scams 85

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware 91

Malware Phishing Banking Hacking 91

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 133

Malware Cybercrime Phishing Ransomware 133

Malwarebytes

SEPTEMBER 11, 2023

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. exe and a bundled script.

Malware 119

Malware Social Engineering Cryptocurrency Cybercrime 119

Hot for Security

JANUARY 29, 2021

The company believes the incident occurred on January 4, 2021, after threat actors managed to trick employees into accessing and downloading malicious software on some retail-store computers. “A few employees in retail stores were successfully scammed by unauthorized individuals and downloaded software onto a store computer.”

Data breaches 133

Data breaches Wireless Retail Malware 133

Graham Cluley

DECEMBER 2, 2021

Finland’s National Cyber Security Centre has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. Read more in my article on the Tripwire State of Security blog.

Malware 137

Malware Phishing Mobile 137

Security Affairs

FEBRUARY 21, 2024

Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system. In the recent campaign, threat actors used a customized PlugX malware that includes a completed backdoor command module, the researchers named it DOPLUGS. DOPLUGS acts as a downloader and supports four backdoor commands.

Malware 118

Malware Phishing Government Passwords 118

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing 119

Phishing Malware Government Small Business 119

Hot for Security

FEBRUARY 3, 2021

Bitdefender Antispam Lab has observed a spike in phishing campaigns impersonating popular delivery services that seek to lure consumers into downloading malicious files on their devices. Overall, nearly 30% of all spam received relating to the delivery service was either a phishing attempt or had malicious attachments.

Phishing 119

Phishing Malware Scams Ransomware 119

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering 73

Social Engineering Mobile Authentication Engineering 73

Malwarebytes

NOVEMBER 1, 2022

In total, four apps are listed, and together they have amassed at least one million downloads. Yet, the developer is still on Google Play dispensing its latest HiddenAds malware. Our analysis of this malware starts with us finding an app named Bluetooth Auto Connect (full app information at the bottom of this article).

Phishing 94

Phishing Malware Mobile Adware 94

Malwarebytes

APRIL 6, 2021

In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Upon analysis, the obfuscated PowerShell downloader initiated a chain of infection leading to a lesser-known malware called Saint Bot. It was seen dropping stealers (i.e. Distribution.

Malware 122

Malware Phishing Passwords Architecture 122

Hot for Security

MARCH 18, 2021

The Cybersecurity & Infrastructure Security Agency (CISA) and the FBI have released a Joint Cybersecurity Advisory on TrickBot warning that a sophisticated group of cyber actors are sending phishing emails claiming to contain proof of traffic violations to lure victims into downloading the insidious malware.

Phishing 119

Phishing Social Engineering Antivirus Malware 119

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware 94

Malware Phishing Banking Hacking 94

Security Affairs

SEPTEMBER 29, 2019

Researchers at Proofpoint have spotted a piece of downloader , dubbed WhiteShadow, that leverages Microsoft SQL queries to pull and deliver malicious payloads. . In August, malware researchers at Proofpoint spotted a new downloader which is being used to deliver a variety of malware via Microsoft SQL queries.

Malware 83

Malware Advertising Phishing Information Security 83

CyberSecurity Insiders

OCTOBER 13, 2022

Researchers from Kaspersky have discovered that those using YoWhatsApp are being targeted with trojan malware named Triada having capabilities of stealing data from mobile phone and indulging in espionage. Usually, such malware is circulated as apps like Snaptube, that promise video downloads from Facebook, YouTube and Instagram all for free.

Malware 115

Malware Mobile Media Encryption 115

Identity IQ

FEBRUARY 7, 2023

What is Phishing? One of the most common techniques used to exploit web users is the phishing scam. This article will cover what phishing is, cybercriminals’ different approaches, and how to prevent yourself from becoming a victim. What is Phishing? How Does Phishing Work? Spear Phishing.

Phishing 98

Phishing Identity Theft Scams Banking 98