Hacking, Information, Malware and Phishing

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing

Phishing Cybercrime Malware Advertising

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing

Phishing Passwords Internet Internet

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist.

Malware

Malware Cryptocurrency Software Scams

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking

Hacking Social Engineering Phishing Scams

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking

Hacking Malware Ransomware Government

2020 Oscar Nominees Used to Spread Malware

Adam Levin

FEBRUARY 7, 2020

Online scammers are using the 2020 Oscars to spread malware. A recent study released by Kaspersky Labs uncovered several hacking and phishing campaigns promising their targets free and early access to Best Picture nominees for this year’s Academy Awards.

Malware

Malware Adware Phishing Hacking

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Endpoint Security : Install endpoint security solutions to fortify defenses against malware attacks. Email Filtering : Implement email filtering solutions such as spam filters to block malicious messages.

Phishing

Phishing Ransomware Security Awareness Authentication

Hacked Subway UK marketing system used in TrickBot phishing campaign

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. SecurityAffairs – hacking, Subway UK).

Marketing

Marketing Phishing Hacking Data breaches

US offers a $10 million reward for information on four Iranian nationals

Security Affairs

APRIL 24, 2024

The individuals launched spear-phishing and malware attacks. Iranian cyber actors persist in targeting the United States through various malicious cyber activities, including ransomware attacks on critical infrastructure and spear phishing campaigns against individuals, companies, and government entities.

Government

Government Phishing Social Engineering Hacking

IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government

Heimadal Security

APRIL 18, 2022

A warning about a new wave of social engineering cyberattacks that distribute the IcedID malware and employ Zimbra exploits for sensitive data theft purposes has been recently issued by the Computer Emergency Response Team of Ukraine (CERT-UA).

Government

Government Social Engineering Malware Hacking

Activision Hack Exposes Employee Data and 'Call of Duty' Information

SecureWorld News

FEBRUARY 23, 2023

In a breach that's making headlines, hackers managed to steal data from the company, including sensitive employee information and upcoming game content. The news was first reported by cybersecurity and malware research group vx-underground, which posted screenshots of data purportedly stolen from the company.

Hacking

Hacking Phishing Data breaches Information Security

Nitrogen shelling malware from hacked sites

Malwarebytes

JANUARY 31, 2024

Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. The threat actors seem to have a preference for hosting their payloads on compromised WordPress sites, many of which are already hacked with malicious PHP shell scripts.

Malware

Malware Hacking System Administration Ransomware

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing

Phishing Scams Education Passwords

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing

Phishing Malware Cryptocurrency Information Security

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. ” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, FIN7)

Phishing

Phishing Cybercrime Manufacturing Hacking

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. sensitive information and critical infrastructure. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.”

Hacking

Hacking Identity Theft Social Engineering Accountability

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

The Last Watchdog

DECEMBER 20, 2021

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Malware

Malware Phishing Technology Ransomware

IcedID malware campaign targets Zoom users

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware

Malware Phishing Banking Hacking

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

Therefore, computer admins are being warned to be aware of phishing emails, malicious downloads, and be wary of other social engineering attacks. According to sources, a hack has exposed data of over 780,000 children who were patients of Brightline.

Information Security

Information Security Healthcare Social Engineering Ransomware

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

The Hacker News

APRIL 17, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information.

Social Engineering

Social Engineering Malware Government Hacking

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams

Scams Hacking Malware Mobile

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing

Phishing Malware Government Small Business

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Some of the victims’ ransom payments were sent by both Conti and Black Basta groups to the gang behind the Qakbot malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) 61,9% of the victims are in the US, 15.8% in Germany, and 5.9%

Ransomware

Ransomware Hacking Healthcare Retail

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

FEBRUARY 16, 2021

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost.

Phishing

Phishing Cybercrime Mobile Internet

Mobile Malware Uses Deepfakes, Social Engineering to Bypass Biometric Authentication

SecureWorld News

FEBRUARY 15, 2024

A sophisticated form of mobile malware dubbed "GoldPickaxe" has been uncovered, which collects facial recognition data to produce deepfake videos, enabling hackers to bypass biometric authentication protections on banking apps. The malware has been active since 2023, specifically targeting victims in Vietnam and Thailand.

Social Engineering

Social Engineering Mobile Authentication Engineering

A New Ransomware Was Linked to FIN8 Hacking Group

Heimadal Security

JANUARY 19, 2022

FIN8 is a financially motivated malicious actor who has been observed attacking financial institutions for numerous years, notably by deploying POS malware capable of stealing credit card information. The post A New Ransomware Was Linked to FIN8 Hacking Group appeared first on Heimdal Security Blog.

Hacking

Hacking Ransomware Healthcare Phishing

Gmail users from US most targeted by email-based phishing and malware

Security Affairs

FEBRUARY 13, 2021

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. SecurityAffairs – hacking, Gmail). ” continues the report. .”

Phishing

Phishing Malware Accountability Risk

Xenomorph malware is back after months of hiatus and expands the list of targets

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware

Malware Banking Phishing Engineering

Dell Data Breach Affects 49 Million Customers

Identity IQ

MAY 10, 2024

Dell Data Breach Affects 49 Million Customers IdentityIQ Dell Data Breach Affects 49 Million Customers Dell recently announced its investigation into a data breach exposing the personal information of more than 49 million customers. Scammers can use names and physical addresses to mail phishing letters with harmful packages.

Data breaches

Data breaches Phishing Scams Risk

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Hacking Malware Encryption

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Below are the job descriptions used to recruit the hackers.

Accountability

Accountability Malware Phishing Social Engineering

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing

Phishing Adware Retail Malware

Hackers targeting aviation industry with sophisticated malware from years

CyberSecurity Insiders

FEBRUARY 18, 2022

According to a research conducted by Proofpoint, cybersecurity researchers have been targeting the servers operating in aerospace and defense sector with a Trojan malware and the hacking group behind the incident has been dubbed as TA2541.

Malware

Malware Phishing Hacking Cybersecurity

Daixin Team group claimed the hack of North Texas Municipal Water District

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The threat actors obtained the VPN credentials through phishing attacks. The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022.

Hacking

Hacking VPN Ransomware Cybercrime

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

Security Affairs

DECEMBER 25, 2021

The phishing messages use weaponized Word or Excel attachments to install the Dridex banking Trojan. “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads a phishing message shared by Bleeping Computer.

Phishing

Phishing Passwords Banking Malware

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

Security Boulevard

MARCH 30, 2022

Introduction: Hacking forums often double up as underground marketplaces where cybercriminals buy, rent, and sell all kinds of malicious illegal products, including software, trojans, stealers, exploits, and leaked credentials. It has the capability to steal history, passwords, autofill information, and downloads. Stealer code.

Malware

Malware Hacking Antivirus Passwords

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. SecurityAffairs – hacking, Log4Shell). Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter.

Malware

Malware Phishing Spyware Cybercrime

WikiLoader malware-as-a-service targets Italian organizations

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware

Malware Phishing Banking Hacking

Facebook ads used to steal 615000+ credentials in a phishing campaign

Security Affairs

JANUARY 1, 2021

Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Threat actors are using Facebook ads to redirect users to Github accounts hosting phishing pages used to steal victims’ login credentials. The landing pages are phishing pages that impersonate legitimate companies.

Phishing

Phishing Scams Accountability Malware

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing

Phishing Accountability Hacking Scams

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

FEBRUARY 4, 2022

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. ” states Microsoft.

Phishing

Phishing Authentication Education Cyber threats

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Karma Catches Up to Global Phishing Service 16Shop

Webinars

Trending Sources

Calendar Meeting Links Used to Spread Mac Malware

Webinars

Russia-linked APT28 used new malware in a recent phishing campaign

When Low-Tech Hacks Cause High-Impact Breaches

U.S. Hacks QakBot, Quietly Removes Botnet Infections

2020 Oscar Nominees Used to Spread Malware

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Hacked Subway UK marketing system used in TrickBot phishing campaign

US offers a $10 million reward for information on four Iranian nationals

IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government

Activision Hack Exposes Employee Data and 'Call of Duty' Information

Nitrogen shelling malware from hacked sites

Phishing, the campaigns that are targeting Italy

Phishing campaign targets LATAM e-commerce users with Chaes Malware

FIN7 targeted a large U.S. carmaker phishing attacks

U.S. authorities charged an Iranian national for long-running hacking campaign

Carbanak malware returned in ransomware attacks

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

IcedID malware campaign targets Zoom users

Information Security News headlines trending on Google

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

The Olympics: a timeline of scams, hacks, and malware

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Hackers abusing the Ngrok platform phishing attacks

Mobile Malware Uses Deepfakes, Social Engineering to Bypass Biometric Authentication

A New Ransomware Was Linked to FIN8 Hacking Group

Gmail users from US most targeted by email-based phishing and malware

Xenomorph malware is back after months of hiatus and expands the list of targets

Dell Data Breach Affects 49 Million Customers

Cuba ransomware gang hacked 49 US critical infrastructure organizations

YouTube creators’ accounts hijacked with cookie-stealing malware

China-based Fangxiao group behind a long-running phishing campaign

Hackers targeting aviation industry with sophisticated malware from years

Daixin Team group claimed the hack of North Texas Municipal Water District

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

Analysis of BlackGuard – a new info stealer malware being sold in a Russian hacking forum

Grandoreiro banking malware targets Mexico and Spain

New TA886 group targets companies with custom Screenshotter malware

WikiLoader malware-as-a-service targets Italian organizations

Facebook ads used to steal 615000+ credentials in a phishing campaign

Cybercriminals Use Azure Front Door in Phishing Attacks

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Stay Connected