Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

SecureWorld News

MARCH 29, 2024

This ends up executing sketchy code that installs viruses, ransomware, spyware, or adware behind the victim's back. A stepping stone to impactful cybercrime This tactic has tangible real-world implications. In November 2022, cybercriminals somehow acquired the right to run ads on Google for the popular open-source graphics editor GIMP.

Cybercrime 108

Cybercrime Advertising Engineering Antivirus 108

Security Affairs

MAY 29, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

InfoSec 136

InfoSec Spyware DDOS Firewall 136

Security Affairs

AUGUST 4, 2024

US sued TikTok and ByteDance for violating children’s privacy laws Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware Investors sued CrowdStrike over false claims about its Falcon platform Avtech camera vulnerability actively exploited in the wild, CISA warns Over 20,000 internet-exposed VMware ESXi instances (..)

Spyware 124

Spyware Phishing Malware Ransomware 124

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

DECEMBER 2, 2023

Researchers devised an attack technique to extract ChatGPT training data Fortune-telling website WeMystic exposes 13M+ user records Expert warns of Turtle macOS ransomware US govt sanctioned North Korea-linked APT Kimsuky Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022 Apple addressed 2 new (..)

Ransomware 126

Ransomware Hacking Spyware Cybercrime 126

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). The researchers are tracking the spyware since March 2020, starting in 2023, multiple security experts [ 1 , 2 ] started monitoring its activity.

Surveillance 98

Surveillance Malware Spyware Accountability 98

Security Affairs

AUGUST 28, 2022

Leaked documents online show the purchase (and documentation of) an $8,000,000 iOS Remote Code Execution 0day exploit pic.twitter.com/lhmc8QdfGv — vx-underground (@vxunderground) August 24, 2022. The leaked documentation demonstrates that the company offers services for remote data extraction from Android and iOS devices.

Surveillance 141

Surveillance Spyware Mobile Hacking 141

Malwarebytes

MAY 16, 2022

Almost all forms of business suffered—even illegal ones like cybercrime. Adware, spyware, and worms all displayed an enormous bounce back in 2021, climbing 200%, and detections of email threats showed a considerable “Covid bounce” too. The post How COVID-19 fuelled a surge in malware appeared first on Malwarebytes Labs.

Malware 97

Malware Adware Cryptocurrency Cybercrime 97

Security Affairs

MAY 17, 2022

Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices.

Spyware 98

Spyware Cryptocurrency VPN Malware 98

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. The experts first spotted the attacks attributed to this threat actor in October 2022, they believe that the group is financially motivated. ” reads the post published by Proofpoint.

Malware 98

Malware Phishing Spyware Cybercrime 98

Security Affairs

JULY 24, 2022

is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M

Spyware 108

Spyware Surveillance Malware Insurance 108

Security Affairs

JANUARY 30, 2022

QNAP force-installs update against the recent wave of DeadBolt ransomware infections US FCC bans China Unicom Americas telecom over national security risks NCSC warns UK entities of potential destructive cyberattacks from Russia Finnish diplomats’ devices infected with Pegasus spyware Zerodium offers $400,000 for Microsoft Outlook RCE zero-day exploits (..)

Ransomware 98

Ransomware Data breaches Spyware Cybercrime 98

BH Consulting

NOVEMBER 15, 2022

Cybersecurity conferences aren’t usually places where you expect to feel better about the world, but IRISSCON 2022 struck a surprisingly hopeful tone. He argued that security works when it costs €100,000 for spyware to hack into a politician’s iPhone. The post IRISSCON 2022 roundup: a new hope appeared first on BH Consulting.

Social Engineering 59

Social Engineering Insurance Ransomware CISO 59

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps.

Ransomware 98

Ransomware Spyware Surveillance Hacking 98

Security Affairs

MAY 26, 2022

If applied to a higher-impact threat—such as a credential harvester or spyware—this PowerShell behavior could help malware gain an initial foothold and go undetected before performing more overtly malicious activity, like exfiltrating data from a user’s browser sessions.” ” reads the analysis published by the experts.

Malware 142

Malware Spyware Threat Detection Engineering 142

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Analysis of forecasts for 2022. Also of note in 2022 are campaigns impersonating well-known software brands like Notepad++.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Security Affairs

JULY 4, 2023

The Ankarex platform was launched in May 2022 and has about 1,700 subscribers. Furthermore, due to the simplicity of SMS spyware, it can be difficult to detect, as it only requires permission to send and view SMS messages.” The threat actor advertises the Smishing-as-a-Service platform on Telegram.

Banking 98

Banking Phishing Social Engineering Authentication 98

Security Affairs

DECEMBER 3, 2022

Google fixed the ninth actively exploited Chrome zeroday this year A new Linux flaw can be chained with other two bugs to gain full root privileges Attack of drones: airborne cybersecurity nightmare Cuba Ransomware received over $60M in Ransom payments as of August 2022 Android Keyboard Apps with 2 Million downloads can remotely hack your device New (..)

Spyware 98

Spyware Data breaches VPN Hacking 98

Security Affairs

JANUARY 23, 2022

from the Lympo NTF platform.

VPN 111

VPN Ransomware Spyware Hacking 111

Security Affairs

MARCH 4, 2023

stolen credit/debit cards Pegasus spyware used to spy on a Polish mayor Hundreds of thousands of websites hacked as part of redirection campaign MQsTTang, a new backdoor used by Mustang Panda APT against European entities Trusted Platform Module (TPM) 2.0 FiXS, a new ATM malware that is targeting Mexican banks BidenCash leaks 2.1M

Data breaches 98

Data breaches Ransomware Spyware Hacking 98

SecureList

NOVEMBER 14, 2022

But first, let’s examine how they fared with the predictions for 2022. What we predicted in 2022. Although 2022 did not feature any mobile intrusion story on the scale of the Pegasus scandal, a number of 0-days have still been exploited in the wild by threat actors. Mobile devices exposed to wide attacks. Source: Meta.

Firmware 129

Firmware Surveillance Mobile Telecommunications 129

The Last Watchdog

JULY 18, 2023

July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error. This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla.,

Hacking 100

Hacking DDOS Small Business Spyware 100

Malwarebytes

MAY 10, 2022

On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. This legislation will be presented tomorrow, May 11, 2022 and would also apply to communications services that are end-to-end (E2E) encrypted. It is also a step back when it comes to cybersecurity. They become targets for cybercriminals.

Encryption 99

Encryption Surveillance Artificial Intelligence Spyware 99

SecureWorld News

JULY 27, 2023

Some highlights include: Stealers are primarily sold on cybercrime forums. Newcomer Meta (11%), Vidar (10%), Cryptbot, and AZORult are additional information stealers used in 2022. Their logs are sold on instant messaging platforms such as Telegram and Discord.

Malware 93

Malware Social Engineering Passwords Accountability 93

Security Affairs

FEBRUARY 21, 2023

The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. tamper protection, anti-spyware capabilities, real-time behavioral monitoring, real-time on-access (file) protection, and real-time process scanning).

Insurance 98

Insurance Ransomware Cyber Insurance Malware 98

SecureList

NOVEMBER 14, 2023

In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. To sum up, although we did not see the same volume as we had in 2022, clearly there were some significant attacks. Verdict: prediction fulfilled ✅ 8.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureWorld News

AUGUST 8, 2022

Cybercriminals often use malware to gain access to a computer or mobile device to deploy viruses, worms, Trojans, ransomware, spyware, and rootkits. Based on information from trusted third parties, TrickBot's infrastructure is still active in July 2022. Mitigations for top malware strains.

Malware 98

Malware Banking Penetration Testing Healthcare 98

IT Security Guru

FEBRUARY 13, 2023

study tested the security of 13 of the UK’s most popular online banking sites between September and November 2022. Financially motivated cybercrime, using malware and phishing , is growing at a rapid pace. A recent Which?

Banking 81

Banking Cybersecurity Antivirus Phishing 81

SecureList

AUGUST 30, 2023

A year later, in March 2022, we discovered that the same security program had been exploited to propagate similar downloader malware to several victims in South Korea. In July 2022, Lazarus successfully breached a defense contractor in Africa. Using a number of vulnerabilities in iOS, the attachment is executed and installs spyware.

Malware 98

Malware Spyware Government Cryptocurrency 98

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware 98

Malware Government Phishing Social Engineering 98

Security Affairs

MARCH 27, 2023

The final download link is presented on BlogSpot This particular modus operandi matches a particular threat Kaspersky researchers spotted in September 2022 ( link ): NullMixer. Lower.exe, a sample of “GCleaner” spyware, historically, this piece of malware was initially faking CCleaner to drop additional malware ( link ).

Malware 98

Malware Social Engineering Encryption Marketing 98

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. Here are the developments we think we could be seeing in 2022. More supply chain attacks.

Mobile 145

Mobile Surveillance Ransomware Government 145

Security Affairs

SEPTEMBER 17, 2023

TikTok fined €345M by Irish DPC for violating children’s privacy Iranian Peach Sandstorm group behind recent password spray attacks Dariy Pankov, the NLBrute malware author, pleads guilty Dangerous permissions detected in top Android health apps Caesars Entertainment paid a ransom to avoid stolen data leaks Free Download Manager backdoored to serve (..)

Spyware 120

Spyware DDOS Cybercrime Ransomware 120

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 126

Cybercrime Spyware Data breaches Antivirus 126