Krebs on Security

MAY 26, 2023

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta , which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.

Phishing 245

Phishing Malware 245

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist.

Malware 253

Malware Cryptocurrency Software Scams 253

Bleeping Computer

OCTOBER 3, 2023

Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails and adhere to stricter spam thresholds [.]

Phishing 111

Phishing Malware Authentication 111

Digital Shadows

NOVEMBER 10, 2022

The post Dark Web Recruitment: Malware, Phishing, and Carding first appeared on Digital Shadows. In our first blog in this series, we covered how ransomware groups go about their recruitment, with their large teams.

Phishing 113

Phishing Malware Ransomware 113

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing 112

Phishing Malware Computers and Electronics Internet 112

The Hacker News

NOVEMBER 20, 2023

Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging the now-defunct QakBot trojan.

Phishing 102

Phishing Malware 102

The Hacker News

JANUARY 19, 2024

The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter.

Phishing 75

Phishing Malware 75

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 185

Phishing Passwords Internet Internet 185

The Hacker News

MARCH 27, 2024

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024.

Banking 114

Banking Phishing Malware 114

Bleeping Computer

MARCH 14, 2024

Google will roll out a Safe Browsing update later this month that will provide real-time malware and phishing protection to all Chrome users, without compromising their browsing privacy. [.]

Phishing 122

Phishing Malware 122

Security Boulevard

MAY 6, 2021

In fact, even while MDM adoption rose 50%, quarterly exposure to phishing between 2019 and 2020 jumped by 125%, according to the Lookout Financial Services Threat Report. That’s certainly noteworthy, but the 400% increase in malware and app exposure is.

Financial Services 141

Financial Services Phishing Malware Mobile 141

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US This is noteworthy because.US is overseen by the U.S.

Phishing 219

Phishing Telecommunications Government DNS 219

Penetration Testing

NOVEMBER 20, 2023

In the ever-shifting landscape of cyber threats, a new player has emerged with a sophisticated phishing campaign spreading the DarkGate malware.

Phishing 72

Phishing Penetration Testing Malware Cyber threats 72

The Hacker News

MARCH 11, 2024

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.

Banking 113

Banking Phishing Malware 113

Bleeping Computer

SEPTEMBER 9, 2022

The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [.].

Phishing 107

Phishing Malware 107

Tech Republic Security

APRIL 17, 2023

New cloud-focused credential harvester available on encrypted messaging service Telegram is part of a trend of Python scrapers making it easier to bait multiple phishing hooks. The post Credential harvesting malware appears on deep web appeared first on TechRepublic.

Malware 169

Malware Phishing Encryption Mobile 169

The Hacker News

APRIL 8, 2024

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023.

Malware 114

Malware Phishing 114

CyberSecurity Insiders

MAY 5, 2021

Cybersecurity Firm Mandiant has observed that a new malware campaign is on the prowl that started on December 2nd, 2020 targeting over 50 organizations so far. The first campaign started in December last year when the hackers sent phishing emails laced with malicious links to over 247 organizations hailing from US and APAC nations.

Phishing 120

Phishing Malware Education Retail 120

Security Boulevard

MARCH 13, 2024

As messaging apps like Telegram gain popularity, cybercriminals are increasingly finding they are an attractive vector for phishing attacks. The post Phishing Threats Rise as Malicious Actors Target Messaging Platforms appeared first on Security Boulevard.

Phishing 127

Phishing Social Engineering Engineering Mobile 127

The Hacker News

NOVEMBER 12, 2021

Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans (RATs), and ransomware payloads.

Phishing 141

Phishing Malware Banking Ransomware 141

Tech Republic Security

FEBRUARY 1, 2023

A new phishing campaign abuses OneNote documents to infect computers with the infamous AsyncRAT malware, targeting users in the U.K., The post OneNote documents spread malware in several countries appeared first on TechRepublic. Canada and the U.S.

Malware 152

Malware Phishing Ransomware 152

Security Boulevard

DECEMBER 8, 2023

Newly discovered cracked applications being distributed by unauthorized websites are delivering Trojan-Proxy malware to macOS users who are looking for free or cheap versions of the software tools they want. The malware can be used by bad actors for a range of malicious activities, including hacking into systems or running phishing campaigns.

Software 136

Software Malware Phishing Hacking 136

Heimadal Security

MAY 18, 2021

In a spear-phishing campaign, Truist Financial Corporation has been impersonated by cybercriminals trying to spread malware that seemed to look like remote access trojan (RAT), a program used by hackers to take complete control of the victim’s computer to perform malicious activities. Truist Financial Corp. Truist Financial Corp.

Banking 134

Banking Phishing Malware Cybersecurity 134

Bleeping Computer

MAY 29, 2021

Microsoft states that a Russian hacking group used four new malware families in recent phishing attacks impersonating the United States Agency for International Development (USAID). [.].

Phishing 138

Phishing Malware Hacking 138

Bleeping Computer

JUNE 7, 2022

A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware. [.].

Phishing 119

Phishing Malware 119

Heimadal Security

FEBRUARY 8, 2022

Medusa malware was noticed to target multiple geographic regions. More Details on Medusa Malware A new report from the ThreatFabric researchers came out revealing insights into the latest methods employed by this banking Trojan. Medusa malware, also known as TangleBot, has been leveraged in North America and […].

Phishing 116

Phishing Malware Banking Cybersecurity 116

Penetration Testing

MARCH 12, 2024

A recently uncovered phishing campaign demonstrates a concerning level of sophistication in its efforts to infiltrate systems and deploy an array of powerful Remote Access Trojans (RATs).

Phishing 131

Phishing Penetration Testing Malware 131

CSO Magazine

NOVEMBER 21, 2022

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. Luna Moth removes malware portion of phishing callback attack.

Phishing 76

Phishing Malware Social Engineering Retail 76

Security Boulevard

FEBRUARY 9, 2024

C-level executives and others in managerial positions are by far the top targets of increasingly popular phishing attacks that involve malicious QR codes. According to researchers with Abnormal Security, members of the C-suite in the fourth quarter of 2023 were 42 times more likely to receive a QR code phishing – or “quishing” – attack.

Phishing 125

Phishing Mobile Malware Cybersecurity 125

Bleeping Computer

APRIL 4, 2022

A new WhatsApp phishing campaign impersonating WhatsApp's voice message feature has been discovered, attempting to spread information-stealing malware to at least 27,655 email addresses. [.].

Phishing 98

Phishing Malware 98

Bleeping Computer

MAY 4, 2021

A global-scale phishing campaign targeted worldwide organizations across a large array of industries with never-before-seen malware strains delivered via specially-tailored lures. [.].

Phishing 115

Phishing Malware 115

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 91

Malware Phishing Spyware Cyber threats 91

Security Boulevard

MARCH 27, 2024

The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. The post DarkGate Malware Campaign Exploits Patched Microsoft Flaw appeared first on Security Boulevard.

Malware 68

Malware Phishing Marketing Software 68

Bleeping Computer

APRIL 23, 2021

An ongoing phishing campaign is impersonating Michael Page consultants to push Ursnif data-stealing malware capable of harvesting credentials and sensitive data from infected computers. [.].

Phishing 113

Phishing Malware 113

Bleeping Computer

NOVEMBER 10, 2022

A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware. [.].

Phishing 95

Phishing Malware 95

The Hacker News

MARCH 27, 2024

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2).

Malware 112

Malware Phishing Government 112

Malwarebytes

FEBRUARY 13, 2024

In this post, we explore a particular phishing scam targeting corporate users via the AnyDesk remote software and how ThreatDown can prevent the misuse of such programs by cybercriminals. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 114

Phishing Software Scams Banking 114