Tech Republic Security

DECEMBER 12, 2023

Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. Get the details.

Social Engineering 204

Social Engineering Engineering Malware Big data 204

Schneier on Security

APRIL 22, 2024

Interesting social-engineering attack vector : McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg.

Malware 340

Malware Social Engineering Engineering Software 340

The Hacker News

MAY 30, 2025

A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages.

Social Engineering 111

Social Engineering Malware Encryption Engineering 111

Penetration Testing

DECEMBER 10, 2024

The attacks, attributed to... The post UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base appeared first on Cybersecurity News.

Social Engineering 100

Social Engineering Engineering Phishing Cybersecurity 100

Security Boulevard

JUNE 17, 2025

One of the most effective—and dangerous—threats school districts face today doesn’t start with malware. It’s called social engineering, and it’s now one of the most. The post What Is Social Engineering? The post What Is Social Engineering? It starts with a carefully timed and crafted message.

Social Engineering 59

Social Engineering Engineering Firewall Malware 59

eSecurity Planet

OCTOBER 22, 2024

These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. Cybercriminals employ social engineering techniques to trick you into believing you must resolve fictitious technical issues.

Scams 123

Scams Malware Phishing Social Engineering 123

Security Affairs

APRIL 21, 2025

Cleafy researchers discovered a new malware-as-a-service (MaaS) called SuperCard X targeting Android devices with NFC relay attacks for fraudulent cash-outs. Analysis of the SuperCard X campaign in Italy revealed custom malware builds tailored for regional use.

Malware 109

Malware Social Engineering Banking Engineering 109

Security Affairs

OCTOBER 29, 2024

Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “ Civil Defense.”

Malware 122

Malware Social Engineering Software Mobile 122

Krebs on Security

NOVEMBER 9, 2024

“This is social engineering at the highest level and there will be failed attempts at times. “In terms of overall social engineering attacks, the more you have a relationship with someone the more they’re going to trust you,” Donahue said. Don’t be discouraged. dot-gov emails get hacked.

Hacking 294

Hacking Accountability Government Social Engineering 294

SecureWorld News

MAY 9, 2025

Google's Threat Intelligence Group (GTIG) has identified a new malware strain, dubbed "LOSTKEYS," attributed to the Russian state-sponsored hacking group COLDRIVER. The introduction of LOSTKEYS signifies a strategic shift towards deploying malware for direct data exfiltration. Cedric Leighton , CNN Military Analyst; U.S.

Malware 83

Malware Social Engineering Government Engineering 83

Security Affairs

AUGUST 18, 2024

Mad Liberator employs social engineering techniques to gain access to the victim’s environment, specifically targeting organizations using remote access tools like Anydesk. However, the social-engineering tactics the group used in the case described above are noteworthy – but they are not unique.

Social Engineering 145

Social Engineering Engineering Ransomware Cybercrime 145

SecureList

MAY 28, 2025

Once these permissions are granted, the malware gains extensive capabilities that allow its operators to steal the user’s banking data and credentials, as well as perform remote actions and control the device without the user’s knowledge. Join us in this blogpost as we take a closer look at the malware’s evolution over time.

Banking 107

Banking Malware Energy and Utilities Encryption 107

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 74

Malware Social Engineering Antivirus Engineering 74

Tech Republic Security

AUGUST 23, 2024

A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.

Social Engineering 209

Social Engineering Malware Engineering Banking 209

Schneier on Security

DECEMBER 7, 2020

Clever tactic : This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital skimming (also known as Magecart) attacks.

Media 328

Media Malware Social Engineering Engineering 328

The Hacker News

JUNE 6, 2025

Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. based telecom provider Spectrum.

Social Engineering 107

Social Engineering Engineering Malware Cybersecurity 107

Penetration Testing

JUNE 18, 2025

Elastic uncovers a sophisticated ClickFix campaign deploying the GHOSTPULSE loader to deliver ARECHCLIENT2 malware, leveraging social engineering for credential theft and remote access.

Social Engineering 59

Social Engineering Malware Engineering Phishing 59

Krebs on Security

JANUARY 7, 2025

Each participant in the call has a specific role, including: -The Caller: The person speaking and trying to social engineer the target. A tutorial shared by Stotle titled “Social Engineering Script” includes a number of tips for scam callers that can help establish trust or a rapport with their prey.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 109

Malware Cybersecurity Cyber threats Threat Detection 109

Penetration Testing

MAY 25, 2025

Threat actors have ramped up a new social engineering campaign, dubbed “ClickFix,” where fake CAPTCHA prompts embedded in The post Deceptive CAPTCHA: ClickFix Campaign Uses Clipboard Injection to Deliver Malware appeared first on Daily CyberSecurity.

Social Engineering 66

Social Engineering Malware Engineering Cybersecurity 66

Tech Republic Security

FEBRUARY 15, 2024

Whether an infection is the result of a disgruntled employee, hardware vulnerability, software-based threat, social engineering penetration, robotic attack or human error, all organizations must be prepared to immediately respond effectively to such an issue if the corresponding damage is to be minimized.

Malware 177

Malware Social Engineering Engineering Software 177

Tech Republic Security

MAY 13, 2025

By downloading what they believe is an AI-generated video, victims have installed malware that can steal their data or offer attackers remote access to infected devices.

Malware 124

Malware Artificial Intelligence Social Engineering Engineering 124

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. “This actor used our models to debug malware, for coding assistance in creating a basic scraper for Instagram, and to translate LinkedIn profiles into Persian.

Malware 138

Malware Social Engineering Engineering Hacking 138

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. The malware, which cybersecurity company Cleafy calls SuperCard X, uses a feature now found in most Android phones: near-field communication (NFC).

Malware 92

Malware Banking Software Social Engineering 92

Penetration Testing

MAY 26, 2025

A deceptively crafted fake Google Meet page has surfaced on compromised WordPress sites, tricking unsuspecting visitors into manually The post Fake Google Meet Page Tricks Users into Running Malware appeared first on Daily CyberSecurity.

Malware 107

Malware Cybersecurity Social Engineering Engineering 107

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. FBI warns Silent Ransom Group has targeted U.S. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S.

Social Engineering 115

Social Engineering Antivirus Phishing Authentication 115

SecureWorld News

JANUARY 7, 2025

Be mindful of the dangers of poisoned gifts (malware), and stay vigilant against these sweet but dangerous schemes. Outrunning the Fox: Avoiding Social Engineering Traps The clever fox lures the unsuspecting Gingerbread Man into a false sense of security, ultimately capturing him. Are your defenses ready to withstand a "Jack"?

Cybersecurity 113

Cybersecurity Social Engineering Phishing Engineering 113

Penetration Testing

JUNE 22, 2025

Red Canary uncovers Mocha Manakin, a new threat group using "paste and run" social engineering to deploy NodeInitRAT, a custom NodeJS RAT with potential ransomware links.

Social Engineering 82

Social Engineering Engineering Ransomware Malware 82

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 119

Encryption Password Management Cryptocurrency Social Engineering 119

Schneier on Security

APRIL 2, 2024

In theory, the code could allow for just about anything, including stealing encryption keys or installing malware. Installing it was a multi-year process that seems to have involved social engineering the lone unpaid engineer in charge of the utility. It was an incredibly complex backdoor.

Social Engineering 355

Social Engineering Engineering Software Encryption 355

Security Affairs

APRIL 17, 2025

to deliver info-stealing malware via fake crypto trading sites like Binance and TradingView. increasingly used in malware campaigns since October 2024, including an ongoing crypto-themed malvertising attack as of April 2025. to deploy malware, shifting from traditional scripts like Python or PHP. Microsoft has observed Node.js

Social Engineering 118

Social Engineering Malware Cryptocurrency Engineering 118

Penetration Testing

MAY 23, 2025

Trend Micro reveals a growing threat on TikTok, where AI-generated videos deceive users into running malicious PowerShell commands The post AI-Generated Malware: TikTok Videos Push Infostealers with PowerShell Commands appeared first on Daily CyberSecurity.

Malware 101

Malware Cybersecurity Social Engineering Artificial Intelligence 101

eSecurity Planet

MARCH 14, 2025

A recent phishing campaign has raised alarms among cybersecurity professionals after it impersonated Booking.com to deliver a suite of credential-stealing malware. This command, executed via mshta.exe, downloads and launches various malware families, such as XWorm, Lumma Stealer, VenomRAT, AsyncRAT, Danabot, and NetSupport RAT.

Phishing 62

Phishing Malware Social Engineering Authentication 62

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 332

Hacking Social Engineering Phishing Scams 332

SecureWorld News

APRIL 22, 2025

Once control is granted, the attacker can secretly install malware, including infostealers and remote access trojans (RATs), onto the victim's machine. The malware then exfiltrates sensitive data, including cryptocurrency wallet credentials, personal information, and private keys.

Cryptocurrency 86

Cryptocurrency Social Engineering Cybercrime Engineering 86

Penetration Testing

APRIL 17, 2024

McAfee Labs researchers have uncovered a dangerous new variant of the Redline Stealer malware that uses clever obfuscation tactics and aggressive social engineering to trick victims and evade detection.

Penetration Testing 143

Penetration Testing Malware Social Engineering Engineering 143

Krebs on Security

AUGUST 19, 2021

Apparently now that includes emailing employees directly and asking them to unleash the malware inside their employer’s network in exchange for a percentage of any ransom amount paid by the victim company. Image: Abnormal Security. For example, the Lockbit 2.0 “Would you like to earn millions of dollars?

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363