Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software.

Identity Theft 125

Identity Theft Passwords Malware Banking 125

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Architecture IoT Ransomware 63

Security Affairs

AUGUST 4, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 140

Malware Spyware Media Phishing 140

Security Affairs

MARCH 27, 2025

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. ” reads the alert published by Malwarebytes.

Malware 68

Malware Data collection Advertising Media 68

Security Affairs

APRIL 23, 2025

New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. These points can be converted to $TENEO tokens.

Cryptocurrency 115

Cryptocurrency Malware Media Hacking 115

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. The media routinely report incidents and leaks of data that end up publicly accessible on the dark web. Malware-as-a-service: a greater number of cookie-cutter attacks, more complex tools.

Media 139

Media Social Engineering Ransomware Hacking 139

Security Affairs

NOVEMBER 1, 2024

LightSpy can steal files from multiple popular applications like Telegram, QQ, and WeChat, as well as personal documents and media stored on the device. Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0 Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0

Spyware 142

Spyware Media Malware Hacking 142

Security Affairs

NOVEMBER 5, 2024

” UNC5537 used stolen credentials obtained via infostealer malware. Independent news outlet 404 Media also confirmed Krebs’s findings 404 Media in September 2024. This led to extensive data theft, with the attackers later attempting to extort victims and sell stolen data on criminal forums.

Unstructured Data 121

Unstructured Data Media Cybercrime Hacking 121

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Contact is usually made through social media, by phone or in person. Antivirus protection Software that protects against viruses and malware.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Krebs on Security

APRIL 20, 2023

Researchers at ESET say this job offer from a phony HSBC recruiter on LinkedIn was North Korean malware masquerading as a PDF file. Mandiant found the compromised 3CX software would download malware that sought out new instructions by consulting encrypted icon files hosted on GitHub. Image: Mandiant.

Malware 329

Malware Software Technology Accountability 329

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

Security Affairs

APRIL 25, 2025

The attackers used multiple hacking tools and malware, including ThreatNeedle , Agamemnon downloader, wAgent , SIGNBT, and COPPERHEDGE. We found that the malware was running in the memory of a legitimateSyncHost.exeprocess, and was created as a subprocess of Cross EX, legitimate software developed in South Korea.”

Malware 93

Malware Software Encryption Hacking 93

Security Affairs

JUNE 27, 2022

The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. The script will download and run the.NET bootloader “MSCommondll.exe,” which in turn will download and run the malware DarkCrystal RAT.

Telecommunications 141

Telecommunications Malware Media Passwords 141

Security Affairs

APRIL 8, 2025

Its value stems from WhatsApp’s massive user base and the potential for covert access to private chats, media, and device-level control. In February, Meta announced that it had discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite).

Spyware 116

Spyware Media Hacking Surveillance 116

Security Affairs

JANUARY 27, 2025

The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework. The Apple Core Media framework supports multimedia tasks like playback, recording, and manipulation of audio and video on iOS and macOS devices. “A malicious application may be able to elevate privileges.

Spyware 120

Spyware Surveillance Media Hacking 120

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. ” reads the analysis published by NTT Security.

Malware 144

Malware Phishing Passwords Media 144

Security Affairs

DECEMBER 10, 2020

Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings. Microsoft warned of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing their settings and inject ads into search results pages.

Malware 144

Malware Advertising Media Engineering 144

Security Affairs

FEBRUARY 2, 2025

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite).

Spyware 109

Spyware Hacking Surveillance Malware 109

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. “ SpyLoan apps exploit official app stores like Google Play, deceptive branding, and social media ads to appear credible. The researchers reported the apps to Google who notified the developers that their apps violate Google Play policies.

Social Engineering 129

Social Engineering Media Mobile Scams 129

Joseph Steinberg

APRIL 21, 2022

Data that must remain private simply cannot be readable by unauthorized parties – and that rule applies both when the relevant information is at rest on an internal server, in the cloud, or on some backup media, as well as when it is in transit over any form of network or other means of communication.

Encryption 362

Encryption Cybersecurity Artificial Intelligence Backups 362

Security Affairs

FEBRUARY 2, 2025

The Saim Raza group run multiple marketplaces that advertised and facilitated the sale of hacking and fraud tools, including malware, phishing kits and email extractors. Employees inadvertently exposed their ties through social media. The HeartSender group has sold phishing tools to criminals since 2020, causing over $3 million in U.S.

Cybercrime 109

Cybercrime Advertising Phishing Hacking 109

Security Affairs

APRIL 7, 2025

In case a criminal obtains private information, such as IP addresses, phone numbers, and domiciles, it may be exploited to initiate fraudulent schemes, blackmail, or doxing operations. The lack of a robust verification process, combined with the trust placed in authorities, increases the risk to users’ digital security and privacy.

Cybercrime 139

Cybercrime Social Engineering Accountability Government 139

Security Affairs

AUGUST 6, 2022

Greek intelligence admitted it had spied on a journalist, while citizens ask the government to reveal the use of surveillance malware. The head of the Greek intelligence told a parliamentary committee that they had spied on a journalist with surveillance malware , Reuters reported citing two sources present. ” reported Reuters.

Surveillance 126

Surveillance Malware Spyware Government 126

Security Affairs

DECEMBER 31, 2021

Researchers devised a series of attacks against SSDs that could allow to implant malware in a location that is not monitored by security solutions. Korean researchers devised a series of attacks against solid-state drives (SSDs) that could allow to implant malware in specific memory locations bypassing security solutions.

Malware 145

Malware Firmware Manufacturing Media 145

Security Affairs

DECEMBER 7, 2024

The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post. Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware 124

Ransomware Hacking Accountability Cyber Attacks 124

Security Affairs

SEPTEMBER 29, 2022

A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux.

Malware 124

Malware DDOS Architecture Financial Services 124

Security Affairs

NOVEMBER 10, 2024

Mazda Connect flaws allow to hack some Mazda vehicles Veeam Backup & Replication exploit reused in new Frag ransomware attack Texas oilfield supplier Newpark Resources suffered a ransomware attack Palo Alto Networks warns of potential RCE in PAN-OS management interface iPhones in a law enforcement forensics lab mysteriously rebooted losing their (..)

Ransomware 116

Ransomware Cybercrime Phishing Banking 116

Security Affairs

MAY 20, 2024

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. The campaign shows how attackers exploit trusted internet services to carry out cyberattacks that steal personal information. This tactic allows them to avoid detection.

Malware 124

Malware Banking Advertising Software 124

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 98

Malware Education Accountability Media 98

Security Affairs

DECEMBER 5, 2022

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries.

Mobile 108

Mobile Malware Banking Retail 108

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The Taiwanese vendor published a security advisory to warn its customers of the ongoing attacks and is urging them to install the latest Malware Remover version and scan their devices for indicators of compromise.

Ransomware 144

Ransomware Backups Media Malware 144

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 141

Banking Accountability Malware Mobile 141

Security Affairs

NOVEMBER 2, 2022

The social media accounts were used to spread a link to a Telegram channel created to distribute the seemingly harmless VPN application. In their attacks, they use cunning and unexpected methods: SandStrike, attacking users via VPN service, where victims tried to find protection and security, is an excellent example.

Spyware 118

Spyware Malware VPN Accountability 118

Security Affairs

MARCH 19, 2025

In February, Meta announced that it had discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). There are no official reports about the spyware campaign, but media reports that threat actors may have used a specially crafted PDF file as bait.

Spyware 95

Spyware Hacking Surveillance Media 95

Security Affairs

OCTOBER 31, 2022

In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding a ransom in cryptocurrency to restore them, the Wannacry ransomware. The infection chain. Twitter @Slvlombardo.

Malware 111

Malware Computers and Electronics Encryption Ransomware 111

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. center, linked to Konni malware used by APT37, and nidlogon[.]com, One of C2 domains, st0746[.]net,

Spyware 78

Spyware Surveillance Encryption Malware 78