Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. ” reads the ENISA Threat Landscape Report 2018. Exploit Kits have lost their importance in the cyberthreat landscape.

Cyber threats 108

Cyber threats IoT Social Engineering Advertising 108

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 360

Phishing VPN Social Engineering Media 360

Krebs on Security

JULY 20, 2021

Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Severa created and then leased out to others some of the nastiest cybercrime engines in history — including the Storm worm , and the Waledac and Kelihos spam botnets. A native of St.

Antivirus 329

Antivirus Cybercrime Identity Theft Scams 329

Krebs on Security

NOVEMBER 21, 2024

A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. com and ouryahoo-okta[.]com.

Identity Theft 224

Identity Theft Phishing Cryptocurrency Accountability 224

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware 124

Malware Phishing DNS Cybercrime 124

Security Affairs

APRIL 15, 2020

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. The growing demand for phishing kits is also reflected in its price that skyrocketed last year by 149 percent and exceeded $300 per item.

Phishing 136

Phishing Marketing Advertising Cyber threats 136

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 98

Cybercrime Malware Phishing Internet 98

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. In 2018 the direct financial losses from these attacks amounted to almost $20 million. Attacks on Crypto.

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. As far back as 2018, Interisle found.US

Phishing 304

Phishing Telecommunications Malware Scams 304

CyberSecurity Insiders

JANUARY 3, 2023

Already some have used the OpenAI platform to have ChatGPT write phishing emails and insert malicious links. The emails don’t have the usual spelling, grammar, and syntax errors that today’s phishing messages composed by non-native-English speakers tend to contain – errors that serve as a tip-off to recipients.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing 111

Phishing Banking Advertising Accountability 111

Krebs on Security

MAY 24, 2019

billion in 2018. According to the FBI, BEC scams are the most costly form of cybercrime today. Armed with a single link to a First American document, BEC scammers would have an endless supply of very convincing phishing templates to use. In August 2018, financial industry giant Fiserv Inc.

Insurance 279

Insurance Banking Identity Theft Scams 279

Security Affairs

JULY 6, 2021

The alleged perpetrator, who turned out to be a citizen of Morocco, was arrested in May by the Moroccan police based on the data about his cybercrimes that was provided by Group-IB. Almost each of the scripts contained in the phishing kit had its creator’s nickname, Dr HeX, and contact email address.

Cybercrime 104

Cybercrime Phishing Banking Telecommunications 104

Krebs on Security

SEPTEMBER 6, 2021

In May 2015, KrebsOnSecurity briefly profiled “ The Manipulaters ,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. One of several current Fudtools sites run by The Manipulaters.

Software 272

Software Phishing Cybercrime Accountability 272

Malwarebytes

JUNE 8, 2021

Sometimes, it’s used even if an attack being discussed is a basic phish, or maybe some very generic malware. A Latvian woman has been charged for their alleged role in a transnational cybercrime organisation. As touched on above, the group hired experts in a variety of cybercrime fields. What happened this week, you ask?

Cybercrime 118

Cybercrime Malware Banking Phishing 118

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years.

Cybercrime 143

Cybercrime Banking Malware Ransomware 143

Security Affairs

SEPTEMBER 1, 2018

Security experts from Netscout’s ASERT uncovered a new campaign carried out by the Cobalt cybercrime group. The attacks were detected on August 13, 2018, experts revealed that the hackers targeted also the NS Bank in Russia and Carpatica/Patria in Romania. The phishing message includes two malicious links.

Cybercrime 77

Cybercrime Banking Phishing Advertising 77

The Last Watchdog

JUNE 9, 2022

And, let’s be honest , the deceptive writing phishing assaults and other cyber threats today employ are skilled enough to fool even the most trained, internet-savvy experts. According to the Federal Trade Commission (FTC), seniors lost $500 each on computer tech assistance scams in 2018. Ever present threats. Debt relief scams.

Identity Theft 274

Identity Theft Scams Insurance Internet 274

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 97

Artificial Intelligence Government Banking Advertising 97

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking 237

Hacking Phishing Risk Accountability 237

Security Affairs

OCTOBER 23, 2018

The latest version of the Azorult was delivered through the RIG exploit kit as well as other sources, previous variants were mainly distributed via weaponized Office documents as attachment of phishing messages. Later it was involved in many malspam attacks, but only in July 2018, the authors released a substantially updated variant. .

Marketing 105

Marketing Cybercrime Cryptocurrency Advertising 105

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. aka BIRDDOG)’ It is a backdoor that was used by the FIN7 group since at least 2018, it also connects to a C2 IP address 45[.]67[.]229[.]148 ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybercrime 109

Cybercrime Ransomware Antivirus Malware 109

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. The figure that most of all capture our attention is that victims of cybercrime activities lost $3.5 SecurityAffairs – IC3, cybercrime). Billion in 2019. million. .

Internet 143

Internet Internet Scams Cybercrime 143

Krebs on Security

SEPTEMBER 30, 2024

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, the government alleges. In December 2018, a then 21-year-0ld Troy Woody Jr.

Cryptocurrency 286

Cryptocurrency Government Internet Internet 286

The Last Watchdog

JUNE 21, 2020

RaaS rollout 2015 – 2018. The GandCrab RaaS that appeared in early 2018 was one of the last high-profile threats targeting individuals on a large scale. It vanished from the radar in June 2018, when the ransomware plague took another sharp turn. Targeting enterprises Late 2018 – present day.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7. The attack chain began with a Microsoft Word document (.doc)

Cybercrime 144

Cybercrime Retail Phishing Hacking 144

SecureWorld News

MAY 2, 2022

Another day, another dollar, another phishing scam that'll make you holler. Department of Justice (DOJ) recently announced the conviction of a California man who stole more than $23 million from the Department of Defense (DOD) through a complex phishing scam. On October 10, 2018, the DOD transferred $23.5

Phishing 81

Phishing Computers and Electronics Banking Scams 81

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak was involved in FIN7 criminal activities from approximately November 2016 through November 2018.

Cybercrime 131

Cybercrime Hacking Software Phishing 131

Krebs on Security

DECEMBER 13, 2021

18, 2021, when an employee on a Windows computer opened a booby-trapped Microsoft Excel document in a phishing email that had been sent two days earlier. During my 2018 talk, I tried to emphasize the primary importance of being able to respond quickly to intrusions. Now this is in itself isn’t bad. hospitals and healthcare providers.”

Healthcare 302

Healthcare Ransomware Antivirus Hacking 302

Security Affairs

MARCH 14, 2024

“The phishing campaign employed open redirect URLs from Google Ad technologies to distribute fake Microsoft software installers (.MSI) The attack chain analyzed by the ZDI starts with a phishing message using PDF attachment with a specially crafted link. MSI) installers. ” reads the analysis published by Trend Micro.

Phishing 132

Phishing Malware Software Internet 132

Security Affairs

JUNE 24, 2020

The CryptoCore group, aks Crypto-gang, “Dangerous Password”, and “Leery Turtle” has been active since 2018. “While the group’s key infiltration vector to the exchange is usually through spear-phishing against the corporate network, the executives’ personal email accounts are the first to be targeted.”

Cryptocurrency 115

Cryptocurrency Phishing Accountability Passwords 115

Security Affairs

JANUARY 2, 2020

” Crooks set up websites that look like related to the official movie, the websites are designed to deliver the malware or for phishing purposes. 2018 2019 Change Attacks detected 257,580 285,103 +10% Number of unique files 16,395 11,499 -30% Users targeted 50,196 37,772 -25%. Pierluigi Paganini.

Phishing 107

Phishing Malware Advertising Media 107

Security Affairs

JULY 14, 2024

DarkGate RAT is written in Borland Delphi and is available in the cybercrime ecosystem as a malware-as-a-service (MaaS) model. DarkGate has been active since at least 2018, it supports various features, including process injection, the download and execution file, information stealing, shell command execution, and keylogging abilities.

Malware 133

Malware Cybercrime Software Phishing 133

Security Affairs

OCTOBER 18, 2020

Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK. ” The attack chain starts when the victims enable the macro embedded in an Excel spreadsheet that came with the phishing e-mails. . ” reads the analysis published by FireEye.

Ransomware 141

Ransomware Malware Telecommunications Advertising 141

Security Affairs

NOVEMBER 15, 2018

Of course, the CBR does not have anything to do with the phishing campaign – the hackers faked the sender’s address. According to Group-IB’s report published in September 2018, Silence gang members presumably were or are legally employed as pentesters and reverse engineers. SSL certificates were not used for DKIM verification.

Banking 111

Banking Computers and Electronics Phishing Cybercrime 111

Security Affairs

MARCH 22, 2019

Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak ) used new malware in a recent hacking campaign. The group that has been active since late 2015 targeted businesses worldwide to steal payment card information. ” reads the analysis published by Flashpoint.

Malware 109

Malware Identity Theft Cybercrime Hacking 109

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. Phishing: In 2021, 8.2% of users were hit by phishing. of all phishing schemes in 2021, compared to the 11.1%

Banking 124

Banking Phishing Cryptocurrency Malware 124