Information Security, Malware and Phishing

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing

Phishing Malware Computers and Electronics Internet

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

Therefore, computer admins are being warned to be aware of phishing emails, malicious downloads, and be wary of other social engineering attacks. Primary analysis made by the technology giant stated that the malware was being distributed via browser extensions and fake ads running on compromised business accounts.

Information Security

Information Security Healthcare Social Engineering Ransomware

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Endpoint Security : Install endpoint security solutions to fortify defenses against malware attacks. Reference the provided resources for establishing DMARC authentication.

Phishing

Phishing Ransomware Security Awareness Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware

Malware Banking Accountability Phishing

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Cybereason Nocturnus security researchers have identified an active campaign focused on the users of a large e-commerce platform in Latin America. SecurityAffairs – hacking, malware). .

Phishing

Phishing Malware Cryptocurrency Information Security

Phishing, the campaigns that are targeting Italy

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing

Phishing Scams Education Passwords

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing

Phishing Malware Government Small Business

This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers

Security Boulevard

AUGUST 26, 2022

This week in malware we discovered and analyzed 450 packages flagged as malicious, suspicious, or dependency confusion attacks. Also, this week a phishing email campaign targeted PyPI maintainers in attempts to compromise accounts and inject malware into the registry’s packages.

Phishing

Phishing Malware Accountability Information Security

Gmail users from US most targeted by email-based phishing and malware

Security Affairs

FEBRUARY 13, 2021

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. ” reads the study published by Google. ” continues the report. .”

Phishing

Phishing Malware Accountability Risk

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

FEBRUARY 16, 2021

Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost.

Phishing

Phishing Cybercrime Mobile Internet

IcedID malware campaign targets Zoom users

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware

Malware Phishing Banking Hacking

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S.

Phishing

Phishing Cybercrime Manufacturing Hacking

China-based Fangxiao group behind a long-running phishing campaign

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. SecurityAffairs – hacking, phishing).

Phishing

Phishing Adware Retail Malware

Xenomorph malware is back after months of hiatus and expands the list of targets

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware

Malware Banking Phishing Engineering

YouTube creators’ accounts hijacked with cookie-stealing malware

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. Follow me on Twitter: @securityaffairs and Facebook.

Accountability

Accountability Malware Phishing Social Engineering

WikiLoader malware-as-a-service targets Italian organizations

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware

Malware Phishing Banking Hacking

Facebook ads used to steal 615000+ credentials in a phishing campaign

Security Affairs

JANUARY 1, 2021

Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. The landing pages are phishing pages that impersonate legitimate companies. ” continues the post.

Phishing

Phishing Scams Accountability Malware

Hacked Subway UK marketing system used in TrickBot phishing campaign

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. ” confirmed the company. Pierluigi Paganini.

Marketing

Marketing Phishing Hacking Data breaches

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing

Phishing Accountability Hacking Scams

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. — Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021.

Phishing

Phishing Banking Passwords Firewall

A phishing campaign targets Ukrainian military entities with drone manual lures

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin.

Phishing

Phishing Cyber Attacks Malware Internet

LogoKit, a new phishing kit that dynamically creates phishing forms

Security Affairs

JANUARY 28, 2021

Researchers from RiskIQ have discovered a new phishing kit dubbed LogoKit that dynamically compose phishing content. Researchers from RiskIQ discovered a new phishing kit that outstands for its ability to dynamically create phishing messages to target specific users. SecurityAffairs – hacking, Phishing).

Phishing

Phishing Cryptocurrency Passwords Hacking

China-linked BlackTech APT uses new Flagpro malware in recent attacks

Security Affairs

DECEMBER 29, 2021

China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked BlackTech cyberespionage group targeted Japanese companies using new malware tracked as ‘Flagpro’. ” reads the analysis published by NTT Security.

Malware

Malware Phishing Passwords Media

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. net) that appears to belong to a compromised Ukranian armed service member.”

Phishing

Phishing Accountability Government Malware

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

Security Affairs

DECEMBER 25, 2021

The phishing messages use weaponized Word or Excel attachments to install the Dridex banking Trojan. “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads a phishing message shared by Bleeping Computer.

Phishing

Phishing Passwords Banking Malware

Crooks use HTML smuggling to spread QBot malware via SVG files

Security Affairs

DECEMBER 14, 2022

Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a phishing campaign distributing the QBot malware using a new technique that leverages Scalable Vector Graphics (SVG) images embedded in HTML email attachments. Pierluigi Paganini.

Malware

Malware Phishing Passwords Hacking

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

Threat actors target the Ukrainian gov with IcedID malware

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. Patch 1 and 8.8.x x before 8.8.7

Malware

Malware Phishing Banking Government

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Many of the detections were due to malicious attachments and previously unseen threats, showcasing the importance of using innovative security measures YARA Rules Impact YARA rules were pivotal in detecting millions of malicious attempts spotlighting statistical patterns and malware family indicators.

Phishing

Phishing Identity Theft Scams Malware

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

NOVEMBER 22, 2022

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

Security Affairs

APRIL 11, 2020

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. Pierluigi Paganini.

Phishing

Phishing Advertising Healthcare Cyber Attacks

New TA886 group targets companies with custom Screenshotter malware

Security Affairs

FEBRUARY 10, 2023

A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. Experts, for example, observed phishing emails using Microsoft Publisher (.pub) ” reads the post published by Proofpoint.

Malware

Malware Phishing Spyware Cybercrime

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The post Phishing attacks using the topic “Azovstal” targets entities in Ukraine appeared first on Security Affairs. To nominate, please visit:? Pierluigi Paganini.

Phishing

Phishing Cybercrime Ransomware Encryption

Attackers abuse open redirects in Snapchat and Amex in phishing attacks

Security Affairs

AUGUST 7, 2022

Threat actors abuse open redirects on Snapchat and American Express to launch phishing attacks against Microsoft 365 users. Attackers abused open redirects on the websites of Snapchat and American Express as part of a phishing campaign targeting Microsoft 365 users. com open redirect. Pierluigi Paganini.

Phishing

Phishing Architecture Hacking Accountability

Your colleague was infected with Coronavirus, this is the latest phishing lure

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. “If a user enables content, malicious macros will be executed to download a malware executable to the computer and launch it.” Pierluigi Paganini.

Phishing

Phishing Advertising Cryptocurrency Malware

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Security Affairs

FEBRUARY 4, 2022

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. ” states Microsoft.

Phishing

Phishing Authentication Education Cyber threats

Attackers use website contact forms to spread BazarLoader malware

Security Affairs

MARCH 12, 2022

Threat actors are spreading the BazarLoader malware via website contact forms to evade detection, researchers warn. Researchers from cybersecurity firm Abnormal Security observed threat actors spreading the BazarLoader/BazarBackdoor malware via website contact forms. ” reads the analysis published by Abnormal Security.

Malware

Malware Phishing Ransomware Banking

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The malware has evolved over the years, it is able to log keystrokes, steal files, capture screenshots, collect information about the infected system, steal credentials from major browsers (i.e. The malware has been active since at least 2014, it was undetected for more than 3 years and was used in highly targeted attacks.

Phishing

Phishing Malware Advertising Architecture

Threat actors leverage Microsoft Teams to spread malware

Security Affairs

FEBRUARY 17, 2022

Once an attacker obtained Microsoft 365 credentials, for example from a previous phishing campaign or data breach, that can access Teams and other Office applications. Once the attackers have gained access to an organization, they can determine defense solutions that are installed and use the proper malware to bypass existing protections. .

Malware

Malware Phishing Accountability Data breaches

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware.

Malware

Malware Phishing Government Data collection

Oscorp, a new Android malware targets Italian users

Security Affairs

JANUARY 28, 2021

Researchers at the Italian CERT warns of new Android malware dubbed Oscorp that abuses accessibility services for malicious purposes. Researchers from security firm AddressIntel spotted a new Android malware dubbed Oscorp , its name comes from the title of the login page of its command-and-control server. Uninstall app.

Malware

Malware Phishing InfoSec Cryptocurrency

ICANN Launches Service to Help With WHOIS Lookups

Krebs on Security

DECEMBER 6, 2023

Meanwhile, security experts argue that even in cases where online abusers provide intentionally misleading or false information in WHOIS records, that information is still extremely useful in mapping the extent of their malware, phishing and scamming operations.

Phishing

Phishing Internet Internet Scams

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Upon opening the reports, the infection process starts leading to the deployment of malware on the victim’s system. In the recent campaign, threat actors used a customized PlugX malware that includes a completed backdoor command module, the researchers named it DOPLUGS. ” reads the report published by Trend Micro.

Malware

Malware Phishing Government Passwords

Russia-linked APT28 used new malware in a recent phishing campaign

Information Security News headlines trending on Google

Webinars

Trending Sources

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Webinars

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Phishing, the campaigns that are targeting Italy

Carbanak malware returned in ransomware attacks

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers

Gmail users from US most targeted by email-based phishing and malware

Hackers abusing the Ngrok platform phishing attacks

IcedID malware campaign targets Zoom users

FIN7 targeted a large U.S. carmaker phishing attacks

China-based Fangxiao group behind a long-running phishing campaign

Xenomorph malware is back after months of hiatus and expands the list of targets

YouTube creators’ accounts hijacked with cookie-stealing malware

WikiLoader malware-as-a-service targets Italian organizations

Facebook ads used to steal 615000+ credentials in a phishing campaign

Hacked Subway UK marketing system used in TrickBot phishing campaign

Cybercriminals Use Azure Front Door in Phishing Attacks

HTML Smuggling technique used in phishing and malspam campaigns

A phishing campaign targets Ukrainian military entities with drone manual lures

LogoKit, a new phishing kit that dynamically creates phishing forms

China-linked BlackTech APT uses new Flagpro malware in recent attacks

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline

Crooks use HTML smuggling to spread QBot malware via SVG files

Grandoreiro banking malware targets Mexico and Spain

Threat actors target the Ukrainian gov with IcedID malware

Unmasking 2024’s Email Security Landscape

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

New TA886 group targets companies with custom Screenshotter malware

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Attackers abuse open redirects in Snapchat and Amex in phishing attacks

Your colleague was infected with Coronavirus, this is the latest phishing lure

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Attackers use website contact forms to spread BazarLoader malware

CISA warns of phishing attacks delivering KONNI RAT

Threat actors leverage Microsoft Teams to spread malware

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Oscorp, a new Android malware targets Italian users

ICANN Launches Service to Help With WHOIS Lookups

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Stay Connected