Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware 108

Malware Software Cryptocurrency Financial Services 108

Security Affairs

JUNE 18, 2020

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Pierluigi Paganini.

Banking 137

Banking Malware Advertising Financial Services 137

Security Affairs

DECEMBER 25, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency 142

Cryptocurrency Malware Hacking Phishing 142

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Malware 143

Malware Phishing Antivirus Hacking 143

Malwarebytes

DECEMBER 5, 2022

It's been active since 2009 and is responsible for many high profile attacks. In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. Lazarus Group. Second wave. Be careful.

Cryptocurrency 94

Cryptocurrency Malware Scams Cybercrime 94

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime 103

Cybercrime Phishing Banking Telecommunications 103

CyberSecurity Insiders

MAY 6, 2021

Report released by the firm says that the discovered flaw is actually an amalgamation of 5 different flaws that are present on the Dell BIOS Utility Driver called DBUtil and has been in place since 2009.

DDOS 113

DDOS Phishing Malware Cybersecurity 113

Security Affairs

FEBRUARY 25, 2021

The attack chain starts with COVID19-themed spear-phishing messages that contain either a malicious Word attachment or a link to one hosted on company servers. . “Once the malicious document is opened, the malware is dropped and proceeds to the next stage of the deployment process.

Malware 128

Malware Cryptocurrency Password Management Encryption 128

Security Affairs

SEPTEMBER 15, 2018

Experts noticed the group since around mid-2016 when it was using PlugX, ChChes, Quasar and RedLeaves malware in targeted attacks. In July 2018, FireEye observed a series of new attacks of the group leveraging spear-phishing emails using weaponized Word documents that attempt to deliver the UPPERCUT backdoor, also tracked as ANEL.

Media 107

Media Advertising Malware Phishing 107

SecureWorld News

FEBRUARY 14, 2023

According to a blog post by Group-IB , the company detected and blocked malicious phishing emails originating from Tonto Team that were targeting its employees. The threat actor has been targeting government, military, energy, financial, educational, healthcare, and technology sector companies since 2009.

Phishing 115

Phishing Cybersecurity Threat Detection Healthcare 115

Security Affairs

JULY 6, 2020

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Researchers provided details for each of the campaigns they have analyzed.

Retail 135

Retail Advertising Malware Hacking 135

Security Affairs

OCTOBER 5, 2018

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Advertising 110

Advertising Manufacturing Healthcare Malware 110

Security Affairs

MAY 27, 2019

The APT10 group has added two new malware loaders to its arsenal and used in attacks aimed at government and private organizations in Southeast Asia. The recent attacks were uncovered by experts at enSilo, they also noticed that the APT group used modified versions of known malware. ” reads the analysis published by enSilo.

Advertising 109

Advertising Malware Government Hacking 109

Security Affairs

JANUARY 27, 2022

North Korea-linked Lazarus APT group uses Windows Update client to deliver malware on Windows systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The use of Github as a C2 aims at evading detection.

Malware 98

Malware Hacking Phishing Ransomware 98

Security Affairs

NOVEMBER 5, 2019

In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group , then it published online the data dump called “ Lost in Translation.” The DarkUniverse has been active at least from 2009 until 2017. dll malware module provides keylogging functionality.

Malware 73

Malware Advertising Accountability Phishing 73

SecureList

OCTOBER 7, 2022

Using LOLBINS, common legitimate pentesting tools, and fileless malware; misleading security researchers by placing false flags—these and other anti-forensic tricks often make threat attribution a matter of luck. The malware spreads through spear-phishing emails with a malicious Microsoft Office document as attachment.

Malware 145

Malware Computers and Electronics Telecommunications Encryption 145

Malwarebytes

JULY 14, 2022

Securing that many endpoints can get really complex, really fast, especially when you consider that the common wisdom that Macs don’t get malware simply isn’t true: in fact, the number of malware detections on Mac jumped 200% year-on-year in 2021. And it’s not just malware you have to worry about with your Mac endpoints.

DNS 122

DNS Adware Malware Antivirus 122

Security Affairs

OCTOBER 3, 2018

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. Experts believe APT threat actors carried out spear-phishing attacks against the bank, malicious messages used Windows executable.

Banking 111

Banking Retail Advertising Malware 111

Security Affairs

MARCH 24, 2021

Founded in 2009, FBS is an international online forex broker with more than 400,000 partners and 16 million traders spanning over 190 countries. Scams, Phishing and Malware. Leaked contact information may be used to launch scam, phishing and malware attacks against FBS users. Who is FBS.

Passwords 136

Passwords Accountability Media Identity Theft 136

Security Affairs

APRIL 20, 2021

BMP) image files in a recent spear-phishing campaign targeting entities in South Korea. . Experts from Malwarebytes have uncovered a spear-phishing attack conducted by a North Korea-linked Lazarus APT group that obfuscated a malicious code within a bitmap (.BMP) North Korea-linked Lazarus APT group is abusing bitmap (.BMP)

Phishing 100

Phishing Hacking Cryptocurrency Malware 100

Malwarebytes

AUGUST 29, 2023

During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers (SSNs) of current and former OHC employees (from 2009 to 2023). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.

Ransomware 93

Ransomware Data breaches Passwords Phishing 93

SecureList

FEBRUARY 1, 2022

Number of data leaks from medical organizations, 2009–2020. With the active development of telehealth, medicine will only become a more commonly used bait, just as the digitalization of banks has turned banking phishing into one of the most popularly used types of phishing. Source: HIPAA Journal.

Phishing 145

Phishing Healthcare IoT Authentication 145

Security Affairs

JUNE 27, 2019

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. ” continues the report.

Identity Theft 108

Identity Theft Hacking Advertising System Administration 108

Security Affairs

DECEMBER 21, 2018

” Experts noticed the group since around mid-2016 when it was using PlugX, ChChes, Quasar and RedLeaves malware in targeted attacks. In July 2018, FireEye observed a series of new attacks of the group leveraging spear-phishing emails using weaponized Word documents that attempt to deliver the UPPERCUT backdoor, also tracked as ANEL.

Computers and Electronics 108

Computers and Electronics Identity Theft Technology Manufacturing 108

Security Boulevard

MAY 3, 2021

Millions in the UK Targeted by Malware via a DHL Scam Text Message. That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Andriod devices. . That link would attempt to install spyware called Flubot, malware designed to steal online banking data from Andriod devices. .

Ransomware 124

Ransomware Passwords Scams Government 124

Security Affairs

JULY 31, 2020

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Cyber Attacks 130

Cyber Attacks Hacking Advertising Government 130

Malwarebytes

JANUARY 27, 2022

Lazarus Group is one of the most sophisticated North Korean APTs that has been active since 2009. In this campaign, Lazarus conducted spear phishing attacks weaponized with malicious documents that use their known job opportunities theme. The malware performs a series of injections and achieves startup persistence in the target system.

Malware 112

Malware Accountability Encryption Phishing 112

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption 102

Encryption Government Advertising Cyber Attacks 102

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. “The malware hides at every step by mimicking common software (protection related, sound software , DVD video creation tools).”

Encryption 72

Encryption Passwords Malware Software 72

Malwarebytes

APRIL 12, 2023

The Guardian, which operates one of the most visited websites in the world, described the incident as a “highly sophisticated cyberattack involving unauthorised third-party access to parts of our network”, most likely triggered by a successful phishing attempt. In 2022, LockBit was used in 31% of known attacks globally, 3.5

Ransomware 89

Ransomware Education Accountability Backups 89

eSecurity Planet

JUNE 17, 2021

Vendors continue to develop new features to address an existing number of security risks for databases: Data corruption or loss Inappropriate access Malware, phishing, and other cyberattacks Security vulnerabilities or configuration problems Denial of service attacks. Also Read: With So Many Eyeballs, Is Open Source Security Better?

Firewall 122

Firewall Encryption Computers and Electronics Software 122

eSecurity Planet

AUGUST 13, 2021

But constant breaches of organizations large and small, and a trail of victims to ransomware and phishing opened a massive opportunity. Over the years, it has built up a wide range of security products, including firewalls, intrusion prevention systems (IPS), UTM, malware protection and cloud protection. Founded: 2009.

Cybersecurity 145

Cybersecurity Firewall Marketing Encryption 145

BH Consulting

NOVEMBER 15, 2022

Even small details like using financial hooks as part of a phishing awareness campaign can come across as poor taste at a time of rising consumer prices, she said. It’s a message that organisers Irisscert have promoted since the very first IRISSCON back in 2009. Avast’s CISO – Jaya Baloo.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

ForAllSecure

OCTOBER 5, 2021

I'm Robert Vamosi and in this episode I'm digging deeper into those IoT botnets, and I'm going to talk to two researchers who are looking at creative ways to defend against IoT malware, and a key piece of that puzzle is finding and stopping what's known as command and control server, or the CnCS behind those botnets. We still have malware.

IoT 52

IoT DDOS Malware Internet 52

eSecurity Planet

MAY 27, 2021

The Trend Micro Vision One solution offers various features from machine learning and behavioral analysis to sandbox integration and phishing protection. Since 2009, Okta has been a thought leader in the access, authentication, and authorization space. Also read our Top Endpoint Detection & Response (EDR) Solutions.

Network Security 118

Network Security Firewall Software Technology 118

Krebs on Security

JANUARY 11, 2022

Over the past ten years, his contact information has been used to register numerous phishing domains intended to siphon credentials from people trying to transact on various dark web marketplaces. That last domain was originally registered in 2009 to a Mikhail P. DomainTools.com [an advertiser on this site] reports mixfb@yandex.ru

DDOS 328

DDOS Accountability Cybercrime Ransomware 328

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Brian Krebs | @briankrebs. — Dave Kennedy (@HackingDave) July 15, 2020.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139