SiteLock

AUGUST 27, 2021

In its annual Data Breach Investigations Report , published at the beginning of 2013, Verizon revealed that businesses with fewer than 100 employees made up the single largest group of victims of data breaches. Perhaps the single biggest and most dangerous change in threats came in the world of malware delivery.

Cybercrime 87

Cybercrime Small Business Antivirus Malware 87

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. ” read the advisory published by CERT-UA. . ” read the advisory published by CERT-UA.

Malware 138

Malware Banking Accountability Phishing 138

Security Affairs

AUGUST 21, 2018

Kaspersky Labs detected a sophisticated piece of banking malware dubbed Dark Tequila that was used to target customers of several Mexican banks. Security experts from Kaspersky Labs have spotted a sophisticated strain of banking malware dubbed Dark Tequila that was used to target customers of several Mexican financial institutions.

Banking 70

Banking Malware Advertising Phishing 70

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. The attackers first disable protections for running macro scripts in Outlook then deploy the code to send phishing messages to the victim’s contacts. SecurityAffairs – Gamaredon, malware).

Malware 141

Malware Phishing Advertising Government 141

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. “This new variant is named WSH Remote Access Tool (RAT) by the malware’s author and was released on June 2, 2019. . ” continues the post.

Banking 110

Banking Phishing Advertising Malware 110

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned.

DNS 300

DNS Penetration Testing Malware Hacking 300

Krebs on Security

SEPTEMBER 6, 2021

The Web site in 2015 for the “Manipulaters Team,” a group of Pakistani hackers behind the dark web identity “Saim Raza,” who sells spam and malware tools and services. Regarding phishing, whenever we receive complaint, we remove the services immediately. ” The IT network of The Manipulaters, circa 2013.

Software 299

Software Phishing Cybercrime Accountability 299

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware 107

Malware Computers and Electronics Adware Spyware 107

Security Affairs

MAY 16, 2021

Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco Talos warn that the Pakistan-linked APT group Transparent Tribe expanded its Windows malware arsenal. ” read the analysis published Cisco Talos. ” continues the report.

Malware 141

Malware Phishing Hacking Information Security 141

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” ua,” the campaign aims at infecting the target systems with malware.

Phishing 138

Phishing Government Hacking Malware 138

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks.

Hacking 221

Hacking Passwords Internet Internet 221

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 123

Malware Phishing DNS Cybercrime 123

Security Affairs

AUGUST 21, 2024

During the recent campaign, the threat actor distributed a variant of the open-source XenoRAT malware, dubbed ‘MoonPeak,’ which is a remote access trojan (RAT) actively developed by the group. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MoonPeak malware)

Malware 133

Malware Phishing Hacking Information Security 133

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The availability of such kind of data could expose hotel guests to a wide range of malicious activities, including identity theft, phishing attacks, scams, malware attacks, and reservation takeover. According to the experts.

Identity Theft 133

Identity Theft Scams Phishing Malware 133

Security Affairs

AUGUST 14, 2020

The CactusPete cyber-espionage group has been active since at least 2013, it has been mainly focused on military, diplomatic, and infrastructure targets in Asia and Eastern Europe. Since the malware contains mostly information gathering functionality, most likely they hack into organizations to gain access to the victims’ sensitive data.

Malware 132

Malware Advertising Phishing Hacking 132

Security Affairs

APRIL 6, 2021

China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast Asia, India, and the U.S. at least since 2013.

Government 118

Government Malware Phishing Education 118

Security Affairs

OCTOBER 1, 2024

The Kimsuky APT group breached Diehl Defence through a sophisticated phishing campaign, reported the German newspaper Der Spiegel. By clicking on a malicious PDF, victims would unknowingly download malware, allowing the hackers to spy on their systems.” The cyber attack was discovered by Google-owned cybersecurity firm Mandiant.

Manufacturing 133

Manufacturing Hacking Cyber Attacks Malware 133

Security Affairs

FEBRUARY 7, 2020

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011 targeting journalists and activists in the Middle East, as well as organizations in the United States, and entities in the U.K., Israel, Iraq, and Saudi Arabia. .

Phishing 117

Phishing Advertising Malware Media 117

Security Affairs

MARCH 17, 2020

The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount. The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks.

Cybercrime 134

Cybercrime Malware Advertising Phishing 134

Security Affairs

FEBRUARY 10, 2020

The attackers aimed at stealing confidential documents from government systems after having infected them with malware. The attackers exploit the CVE-2014-6352 and CVE-2017-0199 Office vulnerabilities to drop and execute the malware on the victim’s computer. ” reads the alert issued by MyCERT.

Government 145

Government Advertising Malware Hacking 145

Security Affairs

JANUARY 18, 2022

Trend Micro researchers spotted an elusive threat actor, called Earth Lusca, that targets organizations worldwide via spear-phishing and watering hole attacks. . The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. Both clusters served as a C&C server.

Cryptocurrency 136

Cryptocurrency Media Social Engineering Phishing 136

Krebs on Security

JANUARY 22, 2019

Now if an attacker launches a malware campaign using these domains, it will be harder to pinpoint who/what is carrying out the attack since the domains would all appear to be just regular domains with no observable pattern other than the fact that they all use cloud DNS. 13, 2018 bomb threat hoax.

DNS 269

DNS Internet Internet Computers and Electronics 269

Security Affairs

AUGUST 28, 2020

The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Israel, Iraq, and Saudi Arabia.

Phishing 145

Phishing Accountability Advertising Media 145

Security Affairs

JUNE 30, 2023

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. In Many, Volexity observed Charming Kitten attempting to distribute POWERSTAR via spear-phishing messages with an LNK file inside a password-protected RAR file. ” continues the report.

Phishing 98

Phishing Malware Passwords Media 98

Security Affairs

AUGUST 23, 2020

At that time, the researchers tracked the sources IP in Pakistan, the attacks were part of a wider operation that relies on multi vector such as watering hole websites and phishing email campaigns delivering custom RATs dubbed Crimson and Peppy. These RATs are capable of exfiltrate information, take screenshot, and record webcam streams.

Malware 145

Malware Media Advertising Surveillance 145

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT.

Malware 98

Malware Phishing VPN Accountability 98

Security Affairs

AUGUST 16, 2022

Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm , Actinium , Armageddon , Primitive Bear , and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns.

Malware 100

Malware Phishing Hacking Government 100

Security Affairs

NOVEMBER 19, 2021

The TA406 cyber espionage group was first spotted by Kaspersky researchers in 2013. TA406 doesn’t usually employ malware in its campaigns, however, researchers tracked two campaigns that were attempting to distribute information-stealer malware.

Cryptocurrency 102

Cryptocurrency Malware Government Education 102

Security Affairs

FEBRUARY 6, 2022

Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government 98

Government Phishing Malware Hacking 98

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. attacks conducted by UAC-0035 group (aka InvisiMole) on state organizations of Ukraine.

Spyware 98

Spyware DNS Phishing Government 98

CyberSecurity Insiders

AUGUST 26, 2022

Ransomware is a cyberattack that uses malware – software created to infiltrate a computer system and damage or disrupt it. An AIDS researcher named Joseph Popp put malware on floppy discs and handed them out to over 20,000 people at a conference. The malware demanded over $500 from each person who inserted the floppy disk.

Ransomware 123

Ransomware Software Education Malware 123

Security Affairs

JULY 2, 2019

Malware is currently delivered from: 'hxxps://customermgmt.net/page/macrocosm' #cybersecurity #infosec — USCYBERCOM Malware Alert (@CNMF_VirusAlert) July 2, 2019. It was highly speculated that spear phishes were involved, but not a lot of information around the initial vectors was published.”

Energy and Utilities 109

Energy and Utilities Malware Advertising InfoSec 109

Security Affairs

JUNE 4, 2020

The Cycldek group was first spotted in September 2013, in past campaigns it mainly targeted entities in Southeast Asia using different malware variants, such as PlugX and HttpTunnel. In 2014, experts noticed an intensification in the activity of the group that appeared interested in the dispute over the South China Sea.

Malware 118

Malware Media Advertising Phishing 118

eSecurity Planet

OCTOBER 8, 2021

CVE-2013-1493. March 2013. CVE-2013-0431. February 2013. “Thus, we recommend organizations adopt defense-in-depth strategies to detect and respond to these attacks via anti-malware, EDR and deception technologies ,” he said. Used by Ransomware Family. Patch Available from Vendor. Patch Available Since.

Ransomware 105

Ransomware Risk Backups Software 105

Security Affairs

DECEMBER 18, 2019

Threat actors launched spear-phishing attacks using emails with malicious attachments often disguised as PDF files. Attackers used a new variant of the Separ credential-stealing malware, a malicious code that was first spotted by Sonicwall in 2013. ” concludes the analysis.

Manufacturing 95

Manufacturing Advertising Malware Phishing 95

Security Affairs

OCTOBER 28, 2018

Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack. The investigation revealed that the malware-based attack was powered by GCHQ and code-named Operation Socialist.

Hacking 110

Hacking Spyware Telecommunications Malware 110