Krebs on Security

JUNE 8, 2021

CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008 , 2012 , 2016 and 2019. .” Microsoft also patched five critical bugs — flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users.

Backups 342

Backups Ransomware Cyber threats Phishing 342

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. The attack chain observed by the experts can vary significantly, but in most cases, threat actors used phishing messages with malicious attachments or malicious links. ” continues the report.

Malware 98

Malware Antivirus Manufacturing Healthcare 98

Security Affairs

JUNE 17, 2019

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. Within five days, WSH RAT was observed being actively distributed via phishing.

Banking 110

Banking Phishing Advertising Malware 110

Security Affairs

JULY 9, 2021

Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. Most of the phishing attacks leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. SecurityAffairs – hacking, phishing).

Phishing 98

Phishing Social Engineering Banking Engineering 98

The Last Watchdog

JUNE 21, 2020

The infamous Locky ransomware was first spotted in the wild in February 2016. CryptXXX, another major family discovered in April 2016 and later rebranded as UltraCrypter, relied on exploit kits that used software vulnerabilities to infiltrate systems. The first viable Mac ransomware called KeRanger was spotted in the spring of 2016.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

MAY 3, 2024

The threat actors used the botnet harvest credentials, collect NTLMv2 digests, proxy network traffic, and host spear-phishing landing pages and custom tools. The Moobot botnet has been active since at least 2016, it also includes other routers and virtual private servers (VPS). ” reported Trend Micro.

Phishing 124

Phishing Cryptocurrency Internet Internet 124

Joseph Steinberg

MAY 12, 2021

And, just before the COVID-19 pandemic hit the United States, the Department of Homeland Security alerted information security professionals that a ransomware attack delivered via phishing emails had adversely impacted operations at one of the country’s natural gas processors. Nor were those isolated incidents.

Energy and Utilities 219

Energy and Utilities Ransomware Artificial Intelligence Cyber Attacks 219

Security Affairs

JUNE 3, 2024

Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and credential-harvesting web pages. The group was involved also in the string of attacks that targeted 2016 Presidential election. The campaigns targeted at least thirteen separate nations.

Malware 141

Malware Phishing Surveillance Internet 141

The Falcon's View

AUGUST 29, 2017

For those unfamiliar with Fogg's work, he started out doing research on Persuasive Technology back in the 90s, which has become the basis for most modern uses of technology to influence people (for example, use of Facebook user data to influence the 2016 US Presidential Election). Well, low-and-behold, it already exists!

Information Security 45

Information Security InfoSec Social Engineering Security Awareness 45

Security Affairs

FEBRUARY 8, 2021

Since 2016 , Microsoft has been alerting users of nation-state activity, now the IT giant added the same service to the Defender for Office 365 dashboard. The new security alert will notify companies when their employees are being targeted by state-sponsored attacks. . It automatically investigates and remediates attacks.

System Administration 140

System Administration Hacking Cyber threats Accountability 140

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing 145

Phishing Accountability Advertising DNS 145

Security Affairs

SEPTEMBER 4, 2020

They could: XSS Phishing Bypass domain security Steal sensitive user data, cookies, etc.” ” An attacker could exploit the issue to target visitors of the website with phishing and cross-site scripting attacks. . . “This would allow them to post malicious content which would be mistaken for a valid site.

Advertising 143

Advertising Phishing Hacking Technology 143

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. ” concludes the report.

Malware 121

Malware Phishing Government Data collection 121

Security Affairs

DECEMBER 2, 2021

The name EMMA is an acronym for European Money Mule Action operation, the first EMMA operation led by Europol took place in 2016. The money mules have a crucial role in criminal organizations to launder money for a wide array of illegal activities, such as online scams, sim-swapping, e-commerce fraud, and phishing.

Banking 138

Banking Scams Phishing Media 138

Security Affairs

OCTOBER 21, 2021

Phishing techniques use social engineering to trick victims into taking an action that helps an attacker compromise your network or access your sensitive information assets. Fraudulent emails purporting to be from authoritative company sources are the main phishing attacks that employees fall victim to. Stolen Credentials.

IoT 138

IoT Phishing Passwords Scams 138

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. According to the Google Threat Horizons report, the state-sponsored hackers sent fake job offers to employees at the security companies. . ” reads the Google Threat Horizons report.

Malware 143

Malware Phishing Antivirus Hacking 143

Security Affairs

MARCH 19, 2021

On Wednesday, the two US agencies published an advisory to warn organizations of a new wave of attacks conducted by cybercrime actors that are leveraging a traffic infringement phishing scheme to trick victims into installing the TrickBot malware. ” reads the advisory. ” continues the report.

Phishing 117

Phishing Cybercrime Malware Ransomware 117

Security Affairs

MARCH 2, 2024

According to DoJ, from at least in or about 2016 through or about April 2021, Nasab and other co-conspirators carried out a coordinated multi-year campaign to breach computers worldwide. Nasab and other conspirators used spear phishing and other hacking techniques to infect more than 200,000 victim devices.

Hacking 137

Hacking Identity Theft Social Engineering Accountability 137

Security Affairs

OCTOBER 8, 2021

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . . SecurityAffairs – hacking, spear-phishing).

Phishing 108

Phishing Government Hacking Accountability 108

Security Affairs

OCTOBER 3, 2023

Our researchers found that the letters are dated between 2016 and 2021. Risk of plate cloning While the leaked parking permits are no longer valid, malicious actors could use the exposed data for identity theft and to craft spear phishing attacks. Researchers contacted MTC, and public access to the data was closed.

Identity Theft 129

Identity Theft Scams Risk Phishing 129

Security Affairs

APRIL 22, 2024

The group was involved also in the string of attacks that targeted 2016 Presidential election. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Government 142

Government Education Phishing Malware 142

Security Affairs

MAY 16, 2021

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. ” continues the report.

Malware 141

Malware Phishing Hacking Information Security 141

Security Affairs

JULY 11, 2020

The Russian criminal was arrested in Prague in October 2016 in an international joint operation with the FBI. Nikulin used data stolen from Linkedin to launch spear-phishing attacks against employees at other companies, including Dropbox. Source: US Defense Watch.com. The jury verdict was passed on last week in a California court.

Hacking 116

Hacking Cybercrime Advertising Data breaches 116

Security Affairs

JANUARY 7, 2021

” The VBA self-decoding technique is not a novelty, the threat actor is using it since 2016. “The primary initial infection vector used by APT37 is spear phishing, in which the actor sends an email to a target that is weaponized with a malicious document. ” concludes the report.

Government 135

Government Phishing Encryption Malware 135

Security Affairs

MARCH 13, 2020

According to VinCSS experts, the APT group employed spear-phishing messages using a RAR file attachment purporting including information about the Coronavirus outbreak from the Vietnamese Prime Minister. In this article we will analyze the method an attacker uses to infect a user’s computer.”

Malware 143

Malware Cybercrime Advertising Phishing 143

Security Affairs

OCTOBER 1, 2019

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. “Potential victims should also be on the lookout for targeted phishing and other scams. ” continues the experts.

Identity Theft 105

Identity Theft Scams Advertising Risk 105

Security Affairs

AUGUST 13, 2020

The group has been linked to several major cyber attacks, including the 2014 Sony Pictures hack , several SWIFT banking attacks since 2016, and the 2017 WannaCry ransomware infection. Recently Kaspersky experts reported that Lazarus APT Group has used a new multi-platform malware framework, dubbed MATA , to target entities worldwide.

Cyber Attacks 145

Cyber Attacks Manufacturing Hacking Advertising 145

Security Affairs

DECEMBER 4, 2021

The Hancitor downloader has been active since at least 2016 for dropping Pony and Vawtrak. The Hancitor malware is distributed through phishing emails, or using compromised credentials, exploiting Microsoft Exchange vulnerabilities, or legitimate Remote Desktop Protocol (RDP) tools to gain initial access to a victim’s network.

Ransomware 145

Ransomware Hacking Malware Encryption 145

Security Affairs

OCTOBER 27, 2023

The group was involved also in the string of attacks that targeted 2016 Presidential election. Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Government 138

Government Accountability Phishing Hacking 138

Security Affairs

AUGUST 13, 2020

The group was involved also in the string of attacks that targeted 2016 Presidential election. Most of APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Malware 143

Malware Advertising IoT Government 143

Security Affairs

SEPTEMBER 21, 2019

Employee Training on Phishing and Digital Security. One in 99 emails is a phishing attack , a fraudulent email designed to look legitimate so an employee will click on a malicious link inside or reply with privileged information. Most phishing happens over email. Hackers Target Mobile Devices.

Cybersecurity 104

Cybersecurity Data breaches Artificial Intelligence Phishing 104

Security Affairs

JANUARY 12, 2022

The alert provides information about tactics, techniques, and procedures (TTPs) associated with Russia-Linked threat actors, along with recommendations on incident response and mitigations. Russia-linked cyber-espionage groups have used common tactics, such as spear-phishing, and brute force attacks. Pierluigi Paganini.

Malware 143

Malware Cyber threats Government Hacking 143

Security Affairs

AUGUST 21, 2022

” The infection chain begins with a spear-phishing message written in Spanish that includes a link that points to a website that further downloads a malicious ZIP archive on the victim’s machine. . ” reads the post published by Zscaler.

Banking 107

Banking Malware Antivirus Phishing 107

Security Affairs

NOVEMBER 28, 2019

The attackers carried out spear-phishing campaigns using weaponized Word, Excel or PDF documents as attachments. The phishing messages are well-written, attackers used typosquatted domains used to impersonate real companies. .

Cybercrime 131

Cybercrime Malware Advertising Phishing 131

SC Magazine

FEBRUARY 22, 2021

Major breaches, from the 2016 Election Hacks to the SolarWinds incidents, successfully target email data from both personal and work accounts and they manage to bypass every type of security that the best defenders throw at them. Some of the best ideas in information security in recent years are conceptually inside-out.

Accountability 144

Accountability Firewall Phishing Technology 144

Security Affairs

SEPTEMBER 1, 2019

Security experts at Cofense uncovered a malspam campaign the leverages Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via executables camouflaged as PDF documents. TrickBot is a popular banking Trojan that has been around since October 2016, its authors has continuously upgraded it by implementing new features.

Banking 107

Banking Advertising Phishing Mobile 107

Security Affairs

DECEMBER 25, 2020

The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. The experts were not able to determine the initial infection vector in both attacks, they speculate the attackers launched spear-phishing attacks against their victims or used watering hole attacks.

Cryptocurrency 142

Cryptocurrency Malware Hacking Phishing 142