Security Boulevard

JANUARY 20, 2025

How cars became the worst product category for privacy Session Covers the extensive data collection (and subsequent sharing with car manufacturers and their affiliates) enabled by modern vehicles; they can collect way beyond location data. Successful exploitation requires social engineering users into manipulating a specially crafted file.

Surveillance

SecureList

NOVEMBER 29, 2024

As is the case with most hacktivist groups, Head Mare maintains a public account on the X social network, which it uses to post information about some of its victims. Head Mare post on X Head Mare has targeted a variety of industries, including government, energy, transportation, manufacturing and entertainment.

Energy and Utilities

IT Security Guru

NOVEMBER 18, 2024

More complex, generated passwords are better, but this inspires bad actors to turn to social engineering to wheedle the secrets out of the human user rather than spend time and resources trying to crack the code. The weak point of all passwords is that the secret, once revealed, is useless as a defence.

Passwords

SecureList

MAY 28, 2025

The threat actors behind Zanubis continue to refine its code adding features, switching between encryption algorithms, shifting targets, and tweaking social engineering techniques to accelerate infection rates. Upon startup, the malware would collect key information from the infected device.

Banking

Security Boulevard

JULY 18, 2025

All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. The post Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’ appeared first on Security Boulevard.

Manufacturing

SecureList

NOVEMBER 28, 2024

Most of the infections were still at financial institutions in Vietnam, with one victim active in the manufacturing industry. For example, new persistence mechanisms were detected and we found that the loading mechanism of the final payload, the P8 beacon, also changed. In terms of victimology, there was little change.

Malware

Jane Frankland

JANUARY 12, 2025

These groups are also shifting toward more human-centric exploits , like social engineering and insider assistance. Regulations will require device manufacturers and cloud providers to uphold security-by-design principles, ensuring that potential vulnerabilities are mitigated during the development stage.

Cybersecurity

Security Boulevard

MARCH 20, 2025

In the 2025 AI Security Report, ThreatLabz delves into evolving risks of AI, including:Shadow AI and data leakage: Key questions enterprises should consider to control unauthorized use of AI tools that may expose sensitive data.AI-generated

Social Engineering

Digital Shadows

NOVEMBER 26, 2024

The US, manufacturing sector, and professional, scientific, and technical services (PSTS) sector are primary targets amidst an overall increase in ransomware attacks. This underscores the importance of having additional compensating controls and educating employees on the risks associated with phishing and other social engineering attacks.

Cyber Attacks

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year. By August 2024, RansomHub had breached at least 210 victims across various critical U.S.

Malware

SecureWorld News

MAY 29, 2025

These new social engineering tactics don't rely on mass emails. A staunch supporter of Ukraine, Crosetto has often been the subject of vicious attacks from senior Russian politicians, including former Russian President Dmitri Medvedev," Col. Leighton added.

Scams

Troy Hunt

MAY 5, 2025

Here's how it worked: I was socially engineered into visiting a phishing page that pretended to belong to Mailchimp who I use to send newsletters for this blog. Ubiquiti is my favourite manufacturer of networking equipment, and logging onto their system gives you an enormous amount of visibility into my home network.

Passwords

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component. Talk more soon.

Social Engineering

Joseph Steinberg

FEBRUARY 11, 2021

Perhaps even scarier is the possibility that, if you share a photo of your vaccine card, a criminal may use the information to social engineer you (or a family member, co-worker, etc.)

Media

Malwarebytes

DECEMBER 19, 2024

Social engineering is a core part of these schemes and the tricks we see are sometimes very clever. exe C:WindowsSYSTEM32systeminfo.exe C:Windowssystem32cmd.exe C:Windowssystem32cmd.exe /c "wmic computersystem get manufacturer" The information is then sent back to a command and control server ( peter-secrets-diana-yukon[.]trycloudflare[.]com

Social Engineering

The Hacker News

JANUARY 26, 2021

An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information.

Phishing

Malwarebytes

OCTOBER 27, 2023

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier.

Social Engineering

Security Affairs

OCTOBER 19, 2023

During the reporting period, key findings include: DDoS and ransomware rank the highest among the prime threats, with social engineering, data related threats, information manipulation, supply chain, and malware following.

Social Engineering

CyberSecurity Insiders

AUGUST 18, 2021

Analysis found that hackers can start eavesdropping on real time camera feeds through the said flaw detected on the Kalay software platform that is used by many OEMs, who are into the manufacturing of IP cameras, Baby cams, Pet monitoring cameras, digital video recorders and much more. ThroughTek has issued a fix of 3.1.10

IoT

Security Boulevard

JUNE 17, 2022

In this new instance of the campaign, the threat actor has targeted users in US-based organizations in specific verticals including software security, US military, security solution providers, healthcare / pharmaceutical, and the manufacturing supply chain. Key points. Email analysis. Figure 1 shows an example of the email sent to the victim.

Phishing

Javvad Malik

FEBRUARY 27, 2023

To build lightning protection systems at the time of manufacturing costs less than 1% of the total capital expenses while improving the cost-effectiveness and reliability of a wind turbine substantially. Unpatched software, poor credentials or lack of MFA, misconfigured software, or social engineering.

Insurance

Digital Shadows

OCTOBER 23, 2024

Key Points In October 2024, ReliaQuest responded to an intrusion affecting a manufacturing sector customer. The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. We identified “Scattered Spider” to be behind the incident. What Happened?

Social Engineering

Malwarebytes

APRIL 7, 2024

Not surprisingly, small businesses in the professional services sector feel significantly more concerned about cybersecurity threats than those in manufacturing or services, but the poll explains that they also feel more prepared to handle them. Services businesses are right to be concerned.

Small Business

Thales Cloud Protection & Licensing

DECEMBER 16, 2021

Deepfakes, mis and disinformation threaten to disrupt the social tissue of modern democracies by damaging the trust people place on institutions, each other and science. Social engineering and phishing attacks are the most common vector. The situation is no different in other continents. Ransomware cases increase.

Social Engineering

SecureWorld News

SEPTEMBER 30, 2024

including government, manufacturing, transportation, and law enforcement. The cybercriminals behind Storm-050 employ advanced social engineering techniques, including phishing emails to trick victims into granting access to internal systems. Increase employee training on recognizing phishing and other social engineering attacks.

Ransomware

CyberSecurity Insiders

APRIL 5, 2023

According to a study conducted by se-curity firm Mandiant, the group has been in operation since 2018 and has now been tasked with carrying out both espionage and financially motivated attacks such as credential harvesting and social engineering.

Hacking

SecureWorld News

FEBRUARY 17, 2022

Security researchers from Proofpoint have tracked an APT that has targeted the aviation, aerospace, transportation, manufacturing, and defense industries dating back to 2017, and are calling it TA2541. It's an advanced persistent threat (APT) that has troubled the transportation sector for years. Phishing in the transportation sector.

Social Engineering

Security Affairs

AUGUST 14, 2020

The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. Since January 2020, the North Korea-linked Lazarus APT has successfully compromised dozens of organizations in Israel and other countries.

Cyber Attacks

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. And SYS01 stealer at heart relies on a social engineering campaign, so it’s important to train users about the tricks adversaries use so they know how to spot them.”

Government

Appknox

JUNE 23, 2022

Thus, these Australian attacks significantly contribute to the rising trend in socially engineered attacks. Cryptocurrency and NFT attacks are rising as decentralized finance, and digital art assets become sophisticated socially engineered threats. Common Trends Among the Australian Mobile Threats.

Social Engineering

Digital Shadows

JANUARY 14, 2025

The sectors targeted by ransomware groups have also remained consistent: Professional services and technical services (PSTS) and manufacturing companies are primary targets because of their economic importance, low tolerance for operational downtime, and higher willingness to pay ransoms.

Ransomware

CyberSecurity Insiders

JANUARY 26, 2023

A cyber attack that appears to be a ransomware attack conducted through social engineering tactics has reportedly made hackers steal the source code of the game developer. Third is the news that belongs to a Canadian car spare parts manufacturer named Exco Technologies.

Cyber Attacks

CyberSecurity Insiders

MAY 15, 2023

Currently, it appears that the attackers are primarily focusing on companies in manufacturing, wealth management, insurance, and pharmaceuticals sectors. Hopefully, this service will help mitigate the risks associated with the malicious attack, such as phishing and other social engineering attacks.

Ransomware

The Last Watchdog

JULY 13, 2023

Bantick “As the MOVEit hack has proved, the bad actors are always looking for new ways to attack with tactics ranging from third party supplier attacks to more sophisticated social engineering and phishing attack techniques.

Cyber Risk

Thales Cloud Protection & Licensing

DECEMBER 4, 2023

The report also highlights that ransomware attacks are becoming more targeted, with attackers focusing on high-value targets with particular emphasis on the Industrial and Manufacturing sectors. The report notes that these attacks can have significant implications for democratic processes, social cohesion, and national security.

Social Engineering

The Last Watchdog

DECEMBER 3, 2018

Satya Gupta, CTO and Co-founder, Virsec: Gupta.

Hacking

eSecurity Planet

SEPTEMBER 14, 2022

As a matter of fact, the most-reported crime in the 2021 Internet Crime Report report was phishing , a social engineering scam wherein the victim receives a deceptive message from someone in an attempt to get the victim to reveal personal information or account credentials or to trick them into downloading malware. Social Tactics.

Social Engineering