Security Affairs

JANUARY 16, 2025

Researchers discovered a 13,000-device MikroTik botnet exploiting DNS flaws to spoof 20,000 domains and deliver malware. Infoblox researchers discovered a botnet of 13,000 MikroTik devices that exploits DNS misconfigurations to bypass email protections, spoof approximately 20,000 domains, and deliver malware.

DNS 139

DNS Malware Firmware Authentication 139

Adam Levin

FEBRUARY 7, 2020

Online scammers are using the 2020 Oscars to spread malware. A recent study released by Kaspersky Labs uncovered several hacking and phishing campaigns promising their targets free and early access to Best Picture nominees for this year’s Academy Awards.

Malware 309

Malware Adware Phishing Hacking 309

Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 126

Malware Ransomware Encryption Phishing 126

Security Affairs

OCTOBER 30, 2024

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and redirects them to the attacker’s phone number.

Banking 133

Banking Malware Accountability Phishing 133

Security Affairs

MAY 28, 2025

The malware includes tools for password theft and stealthy access.” ” The malware is designed for password theft and stealthy access, aiming to steal credentials, crypto wallets, and sell system access for financial gain. . This build-your-own-malware approach makes these attacks more efficient, stealthy, and adaptable.

Antivirus 121

Antivirus Malware Banking Passwords 121

Security Affairs

APRIL 21, 2025

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. ” About a year after its last WINELOADER campaign, the Russia-linked threat actor launched new phishing attacks posing as the European Ministry of Foreign Affairs, inviting targets to fake wine tasting events. .”

Malware 107

Malware Phishing Encryption Hacking 107

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 332

Hacking Social Engineering Phishing Scams 332

Security Affairs

JANUARY 20, 2025

Researchers linked the threat actor DoNot Teamto a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. In this case, the group is leveraging OneSignal to deliver phishing links through notifications.

Malware 116

Malware Cyber Attacks Mobile Phishing 116

Security Affairs

MAY 18, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A.NET-Based Info-Stealer Interlock ransomware evolving under the radar Technical Analysis of TransferLoader Sophisticated NPM Attack Leveraging Unicode Steganography and Google Calendar C2 Horabot Unleashed: (..)

Malware 106

Malware Encryption Phishing Hacking 106

Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware 87

Malware Phishing Telecommunications Antivirus 87

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 315

Hacking Malware Ransomware Government 315

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist.

Malware 334

Malware Cryptocurrency Software Phishing 334

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks.

Accountability 361

Accountability Hacking Authentication Marketing 361

Security Affairs

MARCH 31, 2025

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Threat actors are exploiting DNS techniques to enhance phishing attacks, using MX records to dynamically serve spoofed login pages. “We discovered cyber campaigns that used the phishing kits as early as January 2020.

DNS 87

DNS Phishing Banking Hacking 87

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing 299

Phishing Cybercrime Malware Advertising 299

Security Affairs

MAY 29, 2025

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a hacked site. Google warns that China-linked APT41 used TOUGHPROGRESS malware with Google Calendar as C2, targeting various government entities via a compromised website. ” reads the report published by Google.

Malware 118

Malware Government Encryption Hacking 118

Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam. In this case, the attackers used Google Play as a trusted source," says Kaspersky researcher Alexey Firsh.

Malware 260

Malware Spyware Phishing Government 260

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 242

Phishing Passwords Hacking Internet 242

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Attackers arent hacking in theyre logging in.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

Security Affairs

APRIL 14, 2025

The operators of the Phishing-as-a-Service (PhaaS) platform Tycoon2FA have rolled out significant updates to enhance its evasion capabilities. Tycoon2FA, a phishing kit discovered in 2023 by cybersecurity firm Sekoia, was recently updated to improve its evasion capabilities. ” reported Trustwave.

Phishing 82

Phishing Hacking Cybersecurity Cybercrime 82

SecureWorld News

FEBRUARY 26, 2025

Dubai-based exchange Bybit was targeted in a malware-driven attack that resulted in the theft of approximately $1.46 The Bybit theft resulted from malware-driven manipulation of cold wallet transactions, exploiting multi-signature vulnerabilities," Soroko said. billion in crypto assets.

Hacking 84

Hacking Cryptocurrency Cyber threats Malware 84

SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The development marks a significant escalation in COLDRIVER's cyber espionage activities, which have traditionally focused on credential phishing.

Malware 87

Malware Social Engineering Engineering Government 87

Security Affairs

APRIL 20, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malicious NPM Packages Targeting PayPal Users New Malware Variant Identified: ResolverRAT Enters the Maze Nice chatting with you: what connects cheap Android smartphones, WhatsApp and cryptocurrency theft?

Malware 80

Malware Cryptocurrency Encryption Phishing 80

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. The malware targeted Android and was relatively rudimentary.

Malware 138

Malware Social Engineering Engineering Hacking 138

Security Affairs

JANUARY 10, 2025

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. ” The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website.”

Phishing 114

Phishing Scams Malware Authentication 114

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Some of those hacked accounts already had hundreds of other legitimate ads running, and one of them was for a popular Taiwanese electronics company.

Advertising 136

Advertising Accountability Phishing Scams 136

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Security Affairs

JULY 31, 2024

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT.

Phishing 136

Phishing Malware Accountability Hacking 136

Security Affairs

NOVEMBER 11, 2024

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Upon opening the file, the RCE vulnerability CVE-2017-0199 is exploited.

Phishing 131

Phishing Malware Banking Encryption 131

Security Affairs

MARCH 24, 2025

“Cloaks attack strategy involves acquiring network access through Initial Access Brokers (IABs) or social engineering methods such as phishing, malvertising, exploit kits, and drive-by downloads disguised as legitimate updates like Microsoft Windows installers.” .” reads a report published by Halcyon.

Ransomware 104

Ransomware Hacking Social Engineering Manufacturing 104

Security Affairs

JANUARY 12, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 60

Malware Scams Phishing Encryption 60

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware 122

Malware Advertising Antivirus Cybercrime 122

Security Affairs

DECEMBER 8, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 71

Malware Spyware Phishing Hacking 71

Security Affairs

SEPTEMBER 24, 2024

HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligence services and used to deliver the AsyncRAT malware.

Artificial Intelligence 135

Artificial Intelligence Phishing Malware Encryption 135

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. from fake websites (phishing sites) disguised as websites of real securities companies.” from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services 121

Financial Services Passwords Antivirus Accountability 121

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. The automation of malware development is another worrying trend, as it lowers the barrier to entry for cybercrime.

Artificial Intelligence 135

Artificial Intelligence Phishing Media Cyber threats 135

Krebs on Security

FEBRUARY 3, 2022

The trouble is, there’s little to stop criminals from leveraging newly registered or hacked LinkedIn business accounts to create their own ad campaigns using Slinks. This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. Urlscan also found this phishing scam from Jan.

Phishing 359

Phishing Marketing Scams Accountability 359