Hacking, Information Security, Malware and Phishing

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Endpoint Security : Install endpoint security solutions to fortify defenses against malware attacks.

Phishing

Phishing Ransomware Security Awareness Authentication

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

Therefore, computer admins are being warned to be aware of phishing emails, malicious downloads, and be wary of other social engineering attacks. According to sources, a hack has exposed data of over 780,000 children who were patients of Brightline.

Information Security

Information Security Healthcare Social Engineering Ransomware

Hacked Subway UK marketing system used in TrickBot phishing campaign

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. SecurityAffairs – hacking, Subway UK).

Marketing

Marketing Phishing Hacking Data breaches

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Cybereason Nocturnus security researchers have identified an active campaign focused on the users of a large e-commerce platform in Latin America. SecurityAffairs – hacking, malware). .

Phishing

Phishing Malware Cryptocurrency Information Security

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing

Phishing Scams Education Passwords

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to the gang behind the Qakbot malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) 61,9% of the victims are in the US, 15.8% in Germany, and 5.9%

Ransomware

Ransomware Hacking Healthcare Retail

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. ” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, FIN7)

Phishing

Phishing Cybercrime Manufacturing Hacking

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing

Phishing Malware Government Small Business

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. sensitive information and critical infrastructure. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.”

Hacking

Hacking Identity Theft Social Engineering Accountability

Gmail users from US most targeted by email-based phishing and malware

Security Affairs

FEBRUARY 13, 2021

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. SecurityAffairs – hacking, Gmail). ” continues the report. .”

Phishing

Phishing Malware Accountability Risk

IcedID malware campaign targets Zoom users

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware

Malware Phishing Banking Hacking

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

FEBRUARY 16, 2021

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost.

Phishing

Phishing Cybercrime Mobile Internet

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Below are the job descriptions used to recruit the hackers.

Accountability

Accountability Malware Phishing Social Engineering

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing

Phishing Adware Retail Malware

Xenomorph malware is back after months of hiatus and expands the list of targets

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware

Malware Banking Phishing Engineering

Facebook ads used to steal 615000+ credentials in a phishing campaign

Security Affairs

JANUARY 1, 2021

Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. The landing pages are phishing pages that impersonate legitimate companies. ” continues the post.

Phishing

Phishing Scams Accountability Malware

WikiLoader malware-as-a-service targets Italian organizations

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware

Malware Phishing Banking Hacking

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing

Phishing Accountability Hacking Scams

A phishing campaign targets Ukrainian military entities with drone manual lures

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin.

Phishing

Phishing Cyber Attacks Malware Internet

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. — Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021.

Phishing

Phishing Banking Passwords Firewall

Activision Hack Exposes Employee Data and 'Call of Duty' Information

SecureWorld News

FEBRUARY 23, 2023

The news was first reported by cybersecurity and malware research group vx-underground, which posted screenshots of data purportedly stolen from the company. Also worth noting that the Threat Actor(s) did attempt to phish other employees. Other employees did not fall for the phish.

Hacking

Hacking Phishing Data breaches Information Security

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

Security Affairs

DECEMBER 25, 2021

The phishing messages use weaponized Word or Excel attachments to install the Dridex banking Trojan. “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads a phishing message shared by Bleeping Computer.

Phishing

Phishing Passwords Banking Malware

LogoKit, a new phishing kit that dynamically creates phishing forms

Security Affairs

JANUARY 28, 2021

Researchers from RiskIQ have discovered a new phishing kit dubbed LogoKit that dynamically compose phishing content. Researchers from RiskIQ discovered a new phishing kit that outstands for its ability to dynamically create phishing messages to target specific users. SecurityAffairs – hacking, Phishing).

Phishing

Phishing Cryptocurrency Passwords Hacking

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

Cuba ransomware has been actively distributed through the Hancitor malware , a commodity malware that partnered with ransomware gangs to help them gain initial access to target networks. As a loader, it has been used to download other malware families, such as Ficker stealer and NetSupport RAT , to compromised hosts.

Ransomware

Ransomware Hacking Malware Encryption

China-linked BlackTech APT uses new Flagpro malware in recent attacks

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. ” reads the analysis published by NTT Security.

Malware

Malware Phishing Passwords Media

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system. In the recent campaign, threat actors used a customized PlugX malware that includes a completed backdoor command module, the researchers named it DOPLUGS. ” reads the report published by Trend Micro.

Malware

Malware Phishing Government Passwords

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches

Data breaches Phishing Ransomware Malware

ScrubCrypt used to drop VenomRAT along with many malicious plugins

Security Affairs

APRIL 9, 2024

Fortinet researchers observed a threat actor sending out a phishing email containing malicious Scalable Vector Graphics (SVG) files. The campaign is notable for its utilization of the BatCloak malware obfuscation engine and ScrubCrypt to distribute the malware through obfuscated batch scripts.

Engineering

Engineering Phishing Malware Hacking

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter.

Malware

Malware Phishing Spyware Cybercrime

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. SecurityAffairs – hacking, Asylum Ambuscade). Pierluigi Paganini.

Phishing

Phishing Accountability Government Malware

Crooks use HTML smuggling to spread QBot malware via SVG files

Security Affairs

DECEMBER 14, 2022

Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a phishing campaign distributing the QBot malware using a new technique that leverages Scalable Vector Graphics (SVG) images embedded in HTML email attachments. Pierluigi Paganini.

Malware

Malware Phishing Passwords Hacking

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. SecurityAffairs – hacking, Ukraine). The post Phishing attacks using the topic “Azovstal” targets entities in Ukraine appeared first on Security Affairs.

Phishing

Phishing Cybercrime Ransomware Encryption

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Many of the detections were due to malicious attachments and previously unseen threats, showcasing the importance of using innovative security measures YARA Rules Impact YARA rules were pivotal in detecting millions of malicious attempts spotlighting statistical patterns and malware family indicators.

Phishing

Phishing Identity Theft Scams Malware

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. SecurityAffairs – hacking, Log4Shell). Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

NOVEMBER 22, 2022

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking

Hacking Government Phishing Malware

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

FEBRUARY 4, 2022

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. ” states Microsoft.

Phishing

Phishing Authentication Cyber threats Education

Threat actors target the Ukrainian gov with IcedID malware

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. SecurityAffairs – hacking, Ukraine).

Malware

Malware Phishing Banking Government

Attackers abuse open redirects in Snapchat and Amex in phishing attacks

Security Affairs

AUGUST 7, 2022

Threat actors abuse open redirects on Snapchat and American Express to launch phishing attacks against Microsoft 365 users. Attackers abused open redirects on the websites of Snapchat and American Express as part of a phishing campaign targeting Microsoft 365 users. SecurityAffairs – hacking, open redirects). com open redirect.

Phishing

Phishing Architecture Hacking Accountability

Threat actors leverage Microsoft Teams to spread malware

Security Affairs

FEBRUARY 17, 2022

Once an attacker obtained Microsoft 365 credentials, for example from a previous phishing campaign or data breach, that can access Teams and other Office applications. Once the attackers have gained access to an organization, they can determine defense solutions that are installed and use the proper malware to bypass existing protections. .

Malware

Malware Phishing Accountability Data breaches

Daixin Team group claimed the hack of North Texas Municipal Water District

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The threat actors obtained the VPN credentials through phishing attacks. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server.

Hacking

Hacking VPN Ransomware Cybercrime

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

MAY 28, 2021

Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. The phishing campaign detected by MSTIC leveraged the Google Firebase platform to provide an ISO file containing the malicious code. SecurityAffairs – hacking, Nobelium). ” continues the report.

Phishing

Phishing Threat Detection Telecommunications Malware

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Russia-linked APT28 used new malware in a recent phishing campaign

Trending Sources

Information Security News headlines trending on Google

Hacked Subway UK marketing system used in TrickBot phishing campaign

Carbanak malware returned in ransomware attacks

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Phishing, the campaigns that are targeting Italy

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

FIN7 targeted a large U.S. carmaker phishing attacks

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

U.S. authorities charged an Iranian national for long-running hacking campaign

Gmail users from US most targeted by email-based phishing and malware

IcedID malware campaign targets Zoom users

Hackers abusing the Ngrok platform phishing attacks

YouTube creators’ accounts hijacked with cookie-stealing malware

China-based Fangxiao group behind a long-running phishing campaign

Xenomorph malware is back after months of hiatus and expands the list of targets

Facebook ads used to steal 615000+ credentials in a phishing campaign

WikiLoader malware-as-a-service targets Italian organizations

Cybercriminals Use Azure Front Door in Phishing Attacks

A phishing campaign targets Ukrainian military entities with drone manual lures

HTML Smuggling technique used in phishing and malspam campaigns

Activision Hack Exposes Employee Data and 'Call of Duty' Information

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

LogoKit, a new phishing kit that dynamically creates phishing forms

Cuba ransomware gang hacked 49 US critical infrastructure organizations

China-linked BlackTech APT uses new Flagpro malware in recent attacks

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

ScrubCrypt used to drop VenomRAT along with many malicious plugins

New TA886 group targets companies with custom Screenshotter malware

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Crooks use HTML smuggling to spread QBot malware via SVG files

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Unmasking 2024’s Email Security Landscape

Grandoreiro banking malware targets Mexico and Spain

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Threat actors target the Ukrainian gov with IcedID malware

Attackers abuse open redirects in Snapchat and Amex in phishing attacks

Threat actors leverage Microsoft Teams to spread malware

Daixin Team group claimed the hack of North Texas Municipal Water District

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Stay Connected