Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing 75

Phishing Media Hacking Education 75

Webroot

APRIL 21, 2021

Although cybercriminal activity throughout 2020 was as innovative as ever, some of the most noteworthy threat activity we saw came from the old familiar players, namely ransomware, business email compromise (BEC) and phishing. COVID-19 definitely affected phishing in very visible ways. phishing URLs targeting Netflix jumped 646%.

Threat Reports 103

Threat Reports Phishing Ransomware Backups 103

The Hacker News

SEPTEMBER 17, 2021

A targeted phishing campaign aimed at the aviation industry for two years may be spearheaded by a threat actor operating out of Nigeria, highlighting how attackers can carry out small-scale cyber offensives for extended periods of time while staying under the radar.

Malware 118

Malware Security Intelligence Phishing 118

Threatpost

AUGUST 13, 2018

Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.

Mobile 44

Mobile Phishing Security Intelligence Government 44

Malwarebytes

JANUARY 26, 2022

This is only the beginning of a potentially very nasty scaling of the security ladders. Any phish is bad, but here we have the scammers driving their way into the network and grabbing as many permissions as they can manage. According to Microsoft Security Intelligence, the campaign has “targeted hundreds of organisations”.

Phishing 115

Phishing Security Intelligence Scams Passwords 115

Malwarebytes

AUGUST 16, 2021

Synology NAS devices are under attack from StealthWorker PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday Thief pulls off colossal, $600m crypto-robbery…and gives the money back If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam Twitter says it out loud: removing anonymity will not stop online abuse Microsoft’s (..)

Social Engineering 95

Social Engineering Scams VPN Phishing 95

SC Magazine

MAY 14, 2021

Microsoft Security Intelligence earlier this week tweeted out that it has been tracking a campaign of remote access trojans (RATs) targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT. Photo by Joe Raedle/Getty Images).

Phishing 126

Phishing Scams Security Awareness Security Intelligence 126

Security Affairs

MAY 13, 2021

Threat actors conducted a spear-phishing campaign using messages that were specifically designed to be of interest to the targeted organizations. pic.twitter.com/aeMfUUoVvf — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. “Microsoft 365 Defender detects the multiple components of this attack.

Security Intelligence 77

Security Intelligence Phishing Malware Hacking 77

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance 97

Cyber Insurance Social Engineering Scams Insurance 97

Heimadal Security

MAY 13, 2021

The tech giant has warned that the aviation and travel industry is seeing a notable increase in RAT (Remote Access Trojan) cyberattack efforts through phishing emails. A thread of information was posted by the Microsoft Security Intelligence team on their official Twitter page.

Security Intelligence 55

Security Intelligence Phishing Malware Cybersecurity 55

Security Affairs

MAY 13, 2020

Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan.

Phishing 91

Phishing Advertising Banking Security Intelligence 91

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware 76

Malware Security Intelligence Banking Phishing 76

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails.

Security Intelligence 84

Security Intelligence Advertising Phishing Malware 84

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 96

Malware Phishing DNS Cybercrime 96

Threatpost

MAY 22, 2020

documents to spread the weaponized NetSupport RAT in a spear-phishing campaign. Attackers used malicious Excel 4.0

Phishing 103

Phishing Security Intelligence 103

Security Affairs

OCTOBER 25, 2021

Microsoft is sharing information about the latest activity observed from the threat actor NOBELIUM, which has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 25, 2021.

Telecommunications 107

Telecommunications Technology Hacking Malware 107

Webroot

JUNE 2, 2022

MDR services offer threat detection and response capabilities by augmenting cybersecurity tools with human security intelligence. Leveraging this human security expertise, MDR integrates, synthesizes and contextualizes security and other event information to hunt for, understand and respond to security incidents.

Threat Detection 101

Threat Detection Cyber Insurance Small Business Insurance 101

Malwarebytes

SEPTEMBER 30, 2021

Yesterday, security intelligence firm, Intel 147, revealed it had noticed an uptick of activity in threat actors providing access to services in Telegram that circumvent two-factor authentication (2FA) methods. Two-factor authentication is a great way to protect your online accounts, and we always recommend you turn it on.

Social Engineering 92

Social Engineering Banking Authentication Passwords 92

Security Affairs

OCTOBER 6, 2020

“Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. ” reads that alert published by CISA.

Government 134

Government Banking Advertising Malware 134

Security Affairs

MAY 8, 2021

link] pic.twitter.com/HTqYsUlCSn — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021. To make the emails appear legitimate, the attackers used fake replies, an increasingly common technique in phishing emails. pic.twitter.com/oZaqAv3FYa — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021.

Scams 93

Scams Manufacturing Security Intelligence Internet 93

CyberSecurity Insiders

JANUARY 25, 2022

. ” The report’s findings are gathered using CSC’s newly launched DomainSec SM platform , which makes the connections between newly registered, dropped, and existing domain names, online brands, and fraud (phishing). At CSC, we believe domain security intelligence is power.

Artificial Intelligence 52

Artificial Intelligence Phishing Technology DNS 52

Webroot

DECEMBER 11, 2020

Standard phishing tactics – Phishing techniques include website spoofing emails appearing to come from an official source asking you to reset your password or confirm personal data. After clicking the link and entering the info, your security is compromised. Compelling story (pretexting) – This includes urgently asking for help.

Hacking 47

Hacking Social Engineering Engineering Phishing 47

Security Affairs

APRIL 18, 2020

pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020. This week’s campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message from a non-profit offering free COVID-19 test.

Malware 113

Malware Advertising Security Intelligence Phishing 113

Thales Cloud Protection & Licensing

OCTOBER 3, 2019

Not all employees are familiar with phishing and other digital threats, for instance. DarkMatter confirmed as much in its Cyber Security Report: June 2019 when it found that approximately 90 percent of UAE-based enterprises exhibited outdated software, credential problems in the form of weak/exposed passwords and insecure protocols.

Telecommunications 93

Telecommunications Encryption Software Banking 93

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020.

Cryptocurrency 94

Cryptocurrency Antivirus Manufacturing Government 94

Thales Cloud Protection & Licensing

MARCH 27, 2019

For IT security, March can quickly become maddening. Employees are the first line of defense when it comes to averting phishing attempts and distracted employees are off their game. In addition to traversing websites that don’t meet company security standards, watching the latest action takes employees’ eyes off the ball.

Digital transformation 61

Digital transformation Encryption IoT Threat Reports 61

Webroot

DECEMBER 14, 2020

In 2021, many businesses will continue to operate remotely as a result of the pandemic and there must be an emphasis on training employees on security best practices, how to identify modern threats such as phishing, and where company data is being accessed and stored. security analyst, Carbonite + Webroot. Tyler Moffitt, Sr.

Cybersecurity 74

Cybersecurity Engineering Phishing Social Engineering 74

Krebs on Security

MARCH 2, 2020

An individual thought to be involved has earned accolades from the likes of Apple , Dell , and Microsoft for helping to find and fix security vulnerabilities in their products. In 2018, security intelligence firm HYAS discovered a malware network communicating with systems inside of a French national power company.

DNS 258

DNS Penetration Testing Malware Hacking 258

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. ” The attack chain starts with spear-phishing messages containing a malicious link that leads the potential victims to an LNK file.

Antivirus 72

Antivirus Malware Advertising Security Intelligence 72

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. A surprising 91.5

Encryption 136

Encryption Malware Ransomware Firewall 136

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. Over the past decade, cyber security solutions have evolved into specific categories of solutions.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component.

Social Engineering 166

Social Engineering Engineering Phishing Banking 166

Spinone

NOVEMBER 6, 2017

Risk Level Assessment It’s crucial for a business to contextualize internal cyber security intelligence with external threat data to determine real security risks and their impact on business. Data has to be continually analyzed and this is where modern technology and AI comes in.

Artificial Intelligence 40

Artificial Intelligence Cybersecurity Technology Big data 40

Jane Frankland

AUGUST 18, 2020

That could be through common hacking techniques like phishing, bait and switch, cookie theft, deep fake , password cracking , social engineering , and so on. Security intelligence comes with a high pay off. Hackers are creative, adaptive, resourceful, and business-like. million.

Cyber Risk 100

Cyber Risk Risk Cybersecurity Technology 100

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

Webroot

JANUARY 7, 2022

“In 2022, the widespread growth of mobile access will increase the prevalence of mobile malware, given all of the behavior tracking capabilities,” says Grayson Milbourne, security intelligence director, Carbonite + Webroot, OpenText companies.

Cybercrime 105

Cybercrime Phishing Ransomware Cryptocurrency 105

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020.

Hacking 68

Hacking Security Intelligence Accountability Advertising 68