The Hacker News

FEBRUARY 6, 2025

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).

Malware 110

Malware Phishing Security Intelligence Hacking 110

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing 98

Phishing Media Hacking Education 98

Security Affairs

MAY 13, 2020

Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan. SecurityAffairs – COVID-19, hacking). Pierluigi Paganini.

Phishing 133

Phishing Advertising Banking Security Intelligence 133

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking 86

Hacking Security Intelligence Accountability Advertising 86

Security Affairs

MAY 13, 2021

Threat actors conducted a spear-phishing campaign using messages that were specifically designed to be of interest to the targeted organizations. pic.twitter.com/aeMfUUoVvf — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. SecurityAffairs – hacking, Microsoft). ” concludes Microsoft.

Security Intelligence 122

Security Intelligence Phishing Malware Hacking 122

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware 104

Malware Security Intelligence Banking Phishing 104

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. Pierluigi Paganini.

Security Intelligence 121

Security Intelligence Advertising Phishing Malware 121

Webroot

DECEMBER 11, 2020

As it turns out, it’s easier to hack our trust than our computers. Standard phishing tactics – Phishing techniques include website spoofing emails appearing to come from an official source asking you to reset your password or confirm personal data. After clicking the link and entering the info, your security is compromised.

Hacking 71

Hacking Social Engineering Phishing Engineering 71

Security Affairs

OCTOBER 25, 2021

The recent large scale campaign uncovered by Microsoft aimed at the service providers was uncovered by Microsoft researchers, in order to avoid detection, threat actors repetitively changed tactics and used a broad range of hacking tools and malware. SecurityAffairs – hacking, cyber security). Pierluigi Paganini.

Telecommunications 131

Telecommunications Technology Hacking Malware 131

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance 111

Cyber Insurance Social Engineering Scams Insurance 111

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 126

Malware Phishing DNS Cybercrime 126

Malwarebytes

AUGUST 16, 2021

Synology NAS devices are under attack from StealthWorker PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday Thief pulls off colossal, $600m crypto-robbery…and gives the money back If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam Twitter says it out loud: removing anonymity will not stop online abuse Microsoft’s (..)

Social Engineering 111

Social Engineering Scams VPN Phishing 111

Security Affairs

OCTOBER 6, 2020

“Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. SecurityAffairs – hacking, CISA). Pierluigi Paganini.

Government 143

Government Banking Advertising Malware 143

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. SecurityAffairs – hacking, BISMUTH). Experts also speculate that Bismuth hackers are exploring new ways of generating revenue from compromising systems.

Cryptocurrency 137

Cryptocurrency Antivirus Government Manufacturing 137

Security Affairs

MAY 8, 2021

link] pic.twitter.com/HTqYsUlCSn — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021. To make the emails appear legitimate, the attackers used fake replies, an increasingly common technique in phishing emails. pic.twitter.com/oZaqAv3FYa — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021.

Scams 124

Scams Manufacturing Security Intelligence Internet 124

Security Affairs

APRIL 18, 2020

pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020. This week’s campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message from a non-profit offering free COVID-19 test.

Malware 144

Malware Advertising Security Intelligence Phishing 144

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. ” The attack chain starts with spear-phishing messages containing a malicious link that leads the potential victims to an LNK file. Pierluigi Paganini.

Antivirus 106

Antivirus Malware Advertising Security Intelligence 106

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. A surprising 91.5

Encryption 145

Encryption Malware Ransomware Firewall 145

Security Boulevard

JUNE 18, 2022

Chief Hacking Officer: Yevi, where are you at with London bank hack?”. Chief Hacking Officer: What? You committed that hack two weeks ago!”. Security kinda tough get inside.”. Chief Hacking Officer: When you should have never committed this hack.”. Hackers Also Have Financial Reporting And Quotas :).

Hacking 84

Hacking CISO Cybersecurity Banking 84

Lenny Zeltser

MAY 3, 2019

Campaign attackers have been highly effective at fooling victims into revealing their logon credentials to copycat websites (phishing). Attackers stole campaign participants’ access credentials. They’ve also tricked people into granting malicious applications access to email and other sensitive resources. government.

Cybersecurity 111

Cybersecurity Social Engineering Authentication Software 111

Jane Frankland

AUGUST 18, 2020

Whilst this is concerning, when talking to executives outside of security, like I did on a recent masterclass with Nowcomm , it’s vital they understand of the following: 1. These days, hacking as a service is cheap. Security intelligence comes with a high pay off. All attacks are not sophisticated. million.

Cyber Risk 100

Cyber Risk Risk Cybersecurity Technology 100

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

Security Affairs

AUGUST 15, 2022

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. Pierluigi Paganini.

Phishing 102

Phishing Accountability Hacking Surveillance 102