SecureWorld News

FEBRUARY 25, 2025

One of the report's most pressing concerns is the role of Generative AI in social engineering attacks. Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. As AI takes a larger role in cybersecurity, governance and ethical AI usage must become a priority.

Cybersecurity 102

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 102

Krebs on Security

FEBRUARY 17, 2021

The government alleges the men reside in North Korea but were frequently stationed by the DPRK in other countries, including China and Russia. In reality, prosecutors say, the programs were malware or downloaded malware after the applications were installed. ” A copy of the indictments is available here (PDF).

Cryptocurrency 353

Cryptocurrency Financial Services Banking Government 353

Schneier on Security

DECEMBER 20, 2022

The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System installers.

Social Engineering 241

Social Engineering Engineering Software Government 241

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. – Government entities. Image: Abnormal Security. For example, the Lockbit 2.0 – Canada. – Australia.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Security Affairs

AUGUST 18, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 129

Malware Social Engineering Ransomware Government 129

Malwarebytes

MARCH 19, 2025

” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same underlying goalto manipulate people into giving away their personal information, orworsetheir hard-earned cash. .” ” “482 Spots Remaining! gov domains).

Scams 94

Scams Government Identity Theft Phishing 94

Penetration Testing

JULY 2, 2025

Fortinet exposes a DCRat campaign impersonating a Colombian government agency, using obfuscated multi-stage infection, steganography, and AMSI bypass to deliver the RAT.

Government 70

Government Phishing Social Engineering Engineering 70

Quick Heal Antivirus

MARCH 21, 2024

Lately, we’ve spotted sneaky malware on Android. The post Beware: Malicious Android Malware Disguised as Government Alerts. In our high-tech world, sneaky cyber threats can pop up anywhere. appeared first on Quick Heal Blog.

Government 115

Government Malware Cyber threats Social Engineering 115

Security Affairs

APRIL 7, 2025

In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data Requests (EDRs) to major online platforms.

Cybercrime 138

Cybercrime Social Engineering Accountability Government 138

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. The group also relied on social engineering efforts in attacks against organizations in the higher education, satellite, and defense sectors through LinkedIn.

Malware 128

Malware Social Engineering Education Government 128

The Hacker News

NOVEMBER 20, 2023

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data.

Social Engineering 134

Social Engineering Banking Government Mobile 134

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information.

Technology 109

Technology Cyber Attacks Government Risk 109

SecureList

NOVEMBER 28, 2024

The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments. Chinese-speaking activity In July 2021, we detected a campaign called ExCone targeting government entities in Russia.

Malware 116

Malware Government Software Spyware 116

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Develop and test ransomware response plans.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

The Hacker News

DECEMBER 1, 2021

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims' bank accounts.

Phishing 145

Phishing Social Engineering Banking Engineering 145

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Organizations face rising risks of AI-driven social engineering and personal device breaches. While fully agentic AI malware remains years away, the industry must prepare now.

Risk 173

Risk Threat Detection Technology Phishing 173

SecureList

NOVEMBER 29, 2024

Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens.

Energy and Utilities 100

Energy and Utilities Ransomware Malware Government 100

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Social engineering attacks Social engineering attacks occur when someone uses a fake persona to gain your trust.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Boulevard

JULY 30, 2021

The post Estonian Hacker Steals 300,000 Government ID Photos appeared first on Security Boulevard. Estonia’s electronic ID system was hacked last week. A suspect is in custody.

Government 140

Government Hacking Social Engineering Engineering 140

SecureWorld News

JUNE 3, 2025

Alarmingly, the database also held sensitive data from banking institutions, healthcare providers, and government portals. Fowler's analysis suggests that the data was harvested using InfoStealer malware, a malicious software designed to extract sensitive information from infected systems.

Malware 68

Malware Identity Theft Passwords Phishing 68

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals disguise messages as urgent notifications from banks, government agencies, or corporate IT teams, tricking users into providing credentials or downloading malware. Mishing is a phishing attack that uses SMS messages instead of emails to deceive victims into revealing sensitive information or clicking malicious links.

Phishing 83

Phishing Mobile Social Engineering Data breaches 83

The Last Watchdog

APRIL 11, 2022

While it’s nice to see law enforcement and governments go after the gangs, that won’t stop the monster that has grown out of control, that we, as an industry, continue to feed. They’re easier to attack and provide moderate consistent payouts with little retribution from law enforcement or governments. Bricks in the wall.

Ransomware 235

Ransomware Social Engineering Passwords Engineering 235

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples. Contact me at ‘[link].

Accountability 98

Accountability Malware Banking Phishing 98

Malwarebytes

MARCH 5, 2024

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. For decades, every multinational corporation, every local travel agency, every dentist, every hospital, every school, government, and city hall practically ran on Windows. There pretty much always has been.

Malware 140

Malware Adware Ransomware Social Engineering 140

Malwarebytes

APRIL 19, 2022

The Lazarus Group , aka APT38, is commonly believed to be run by the North Korean government. Since 2018, one of the Lazarus Group’s tactics has been to disguse AppleJeus malware as cryptocurrency trading platforms for both Windows and Mac. Educate users on social engineering attacks like spearphishing.

Cryptocurrency 136

Cryptocurrency Social Engineering Computers and Electronics Engineering 136

Jane Frankland

MAY 16, 2025

Fraudsters use AI, social engineering, and emotional manipulation to steal not just money, but also trust, time, and peace of mind. Here’s a breakdown of the most widespread and damaging scams today: Impersonation Scams (51% of fraud cases) where fraudsters pose as: Banks, HMRC, DVLA, or government agencies. Couriers (e.g.,

Scams 130

Scams Password Management Passwords Banking 130

Security Boulevard

MARCH 10, 2023

Executive Summary In February 2023, EclecticIQ researchers identified multiple KamiKakaBot malwares which are very likely used to target government entities in ASEAN (Association of Southeast Asian Nations) countries. Dark Pink is an Advanced Persistent Threat (APT) group active in the ASEAN region.

Government 121

Government Malware Encryption Passwords 121

Hacker's King

DECEMBER 17, 2024

The cybersecurity world has been abuzz with news of a new Linux variant of FASTCash, a sophisticated malware targeting the banking sector. This new variant, designed to exploit Linux systems, signals a significant evolution in malware capabilities, highlighting the urgent need for robust defenses.

Banking 52

Banking Social Engineering Malware Phishing 52

Security Boulevard

JANUARY 17, 2022

Ukraine is again under malware attack. The post ‘Russian’ Wiper Malware: ‘Prelude to war’ in Ukraine appeared first on Security Boulevard. And the tactics look strikingly similar to 2017’s NotPetya hack by the Russian GRU.

Malware 144

Malware Hacking Social Engineering Engineering 144

SecureWorld News

APRIL 14, 2025

With these insights, security personnel know which attack vectors to watch more closely, how to orchestrate the defenses, and what new phishing and social engineering trends to warn employees about. There are automated tools that can do the heavy lifting to handle certain aspects of this work, especially for social media monitoring.

Media 82

Media Social Engineering Malware Financial Services 82

Security Affairs

JUNE 29, 2025

House banned WhatsApp on government devices due to security concerns Russia-linked APT28 use Signal chats to target Ukraine official with malware China-linked APT Salt Typhoon targets Canadian Telecom companies U.S.

Data breaches 60

Data breaches Ransomware Social Engineering Telecommunications 60

Malwarebytes

JANUARY 25, 2024

Reconnaissance and social engineering are specific fields where AI can be deployed. But the NCSC does expect AI to play a larger role in the near future when it comes to the development of malware and exploits. Use endpoint security software that can prevent exploits and malware used to deliver ransomware.

Ransomware 101

Ransomware Government Social Engineering Spyware 101

eSecurity Planet

NOVEMBER 7, 2022

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. The sophisticated malware was hidden in malicious Word file attachments. However, the same also goes for antivirus software and other anti-malware solutions.

Antivirus 118

Antivirus Software Malware Security Awareness 118

Security Boulevard

MARCH 20, 2025

Amost a dozen state-sponsored threat groups from Russia, China, and North Korea have been exploiting a security flaw in WIndows in attacks on governments and critical infrastructure that date back to 2017. According to Trend Micro's VDI unit, Microsoft has no plans to patch the vulnerability.

Government 100

Government Social Engineering Engineering Malware 100

Malwarebytes

NOVEMBER 20, 2023

CISA and the FBI consider Scattered Spider to be experts that use multiple social engineering techniques, especially phishing, push bombing, and SIM swap attacks, to obtain credentials, install remote access tools, and bypass multi-factor authentication (MFA). Prevent intrusions. Detect intrusions. Don’t get attacked twice.

Ransomware 110

Ransomware Government Social Engineering Backups 110

Security Boulevard

MARCH 20, 2025

As organizations work to establish AI governance frameworks, many are taking a cautious approach, restricting access to certain AI applications as they refine policies around data protection.U.S. powered cyberthreat protection: Detect and block AI-generated phishing campaigns, adversarial exploits, and AI-driven malware in real time.AI-powered

Social Engineering 76

Social Engineering Phishing Risk Insurance 76

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Social Engineering 174

Social Engineering Cyber Attacks Scams Phishing 174