CyberSecurity Insiders

JANUARY 3, 2023

Technology’s rapid and relentless progress promises to continue apace in 2023, to everyone’s benefit – including cybercriminals’. Already some have used the OpenAI platform to have ChatGPT write phishing emails and insert malicious links. By Brad Liggett, Technical Director, Americas for Cybersixgill.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

SecureList

JUNE 26, 2023

In this report, we have analyzed the key threats to small and medium-sized companies in 2022 and 2023, and provided advice on how to stay safe. Malware attacks Between January 1 and May 18, 2023, 2,392 SMB employees encountered malware or unwanted software disguised as business applications, with 2,478 unique files distributed this way.

Cybercrime 128

Cybercrime Phishing Banking Malware 128

Bleeping Computer

JANUARY 1, 2024

In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. [.]

Cybercrime 92

Cybercrime Cryptocurrency Scams Phishing 92

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 138

Phishing Banking Mobile Scams 138

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. A graphic depicting how 0ktapus leveraged one victim to attack another. According to an Aug.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 309

Phishing Telecommunications Malware Scams 309

Malwarebytes

FEBRUARY 6, 2024

The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 137

Ransomware Cybercrime Malware Social Engineering 137

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. In May 2023, the U.S. authorities. One of the new Fin7 domains identified by Silent Push is cybercloudsec[.]com

Phishing 294

Phishing Cybercrime Malware Software 294

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus. Image: Amitai Cohen twitter.com/amitaico. com and ouryahoo-okta[.]com. Click to enlarge.

Identity Theft 228

Identity Theft Phishing Cryptocurrency Accountability 228

Security Affairs

JANUARY 25, 2024

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include references to case studies that were reported on by RedSense throughout the year.

Ransomware 134

Ransomware Cybercrime Malware Data breaches 134

SecureList

NOVEMBER 9, 2022

What cyberthreats for business will be the greatest in 2023? The ongoing geopolitical storm brings not only classical cyberthreats for business, but also unpredictable risks and ‘black swans’ The main problem for 2023 will be supply-chain stability and cybersecurity. Vladimir Dashchenko , Security Evangelist, Kaspersky.

Cybersecurity 145

Cybersecurity Cyber Insurance Cybercrime IoT 145

SecureList

NOVEMBER 28, 2022

Although the main types of threats (phishing, scams, malware, etc.) Below, we present a number of key ideas about what the consumer-oriented threat landscape will look like in 2023, and describe how users could be lured into cybertraps with fake content and third-party apps. 2023 promises a wealth of new releases.

Education 143

Education Phishing Scams Social Engineering 143

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. “I do not think this is all they earned.

Phishing 144

Phishing Cybercrime Advertising Hacking 144

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 87

Phishing Identity Theft Cryptocurrency Cybercrime 87

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. com”, which is a free online scanner.

Phishing 138

Phishing Cybercrime Manufacturing Hacking 138

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 143

Phishing Marketing Scams Accountability 143

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. Familiarize yourself with common phishing hallmarks and promptly report any suspicious activity.

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The technique was first disclosed in Poland in July 2023 and later observed in Czechia and other countries like Hungary and Georgia. SMS campaigns sent phishing links indiscriminately to Czech phone numbers.

Phishing 138

Phishing Mobile Banking Social Engineering 138

Anton on Security

APRIL 20, 2023

The famous Mandiant 2023 M-Trends (NOT G-Trends, mind you…) report is out, and here are some of the things that I found to be surprising and NOT surprising :-) Mandiant M-Trends 2023 Detection by Source SURPRISING “Mandiant experts note a decrease in the percentage of global intrusions involving ransomware between 2021 and 2022.

Social Engineering 130

Social Engineering Ransomware Cybercrime Cyber Attacks 130

Security Affairs

MARCH 14, 2023

Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks.

Phishing 98

Phishing Cybercrime Authentication Advertising 98

CyberSecurity Insiders

JANUARY 25, 2023

By Immanuel Chavoya, Emerging Threat Expert, SonicWall 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. In 2023, we should expect continued change as emerging tech and geopolitical conflicts meet to create an even more complicated and risky threat landscape.

Cyber threats 127

Cyber threats Cybercrime Malware Healthcare 127

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Mobile 346

Mobile Phishing Authentication Advertising 346

Security Affairs

JULY 31, 2024

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT.

Phishing 140

Phishing Malware Accountability Hacking 140

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 145

Ransomware CISO Software Cybercrime 145

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 294

Hacking Malware Ransomware Government 294

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware. Just to name a few.

Phishing 141

Phishing Scams Education Passwords 141

Tech Republic Security

JUNE 29, 2023

A new report from Kaspersky reveals the top cyber threats for SMBs in 2023. The post Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023 appeared first on TechRepublic. Read more about it and how to protect organizations from it.

Cyber threats 158

Cyber threats Scams Phishing Cybercrime 158

Security Affairs

FEBRUARY 2, 2024

An international law enforcement operation, named Synergia, led to the arrest of 31 individuals involved in ransomware, banking malware, and phishing attacks. Operation Synergia was led by Interpol and ran from September to November 2023 involving law enforcement agencies from 50 countries.

Cybercrime 137

Cybercrime Banking Phishing Malware 137

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .

Cybercrime 74

Cybercrime Identity Theft Cryptocurrency Phishing 74

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority.

Social Engineering 142

Social Engineering Ransomware Engineering Phishing 142

CyberSecurity Insiders

JUNE 26, 2023

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. Two of the most popular tools that have been used by the cybercrime group are LockBit 3.0 The content of this post is solely the responsibility of the author. Both LockBit 3.0

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. For more information, visit www.netwrix.com.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Risk 116

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 138

Social Engineering Authentication Engineering Accountability 138

Krebs on Security

NOVEMBER 9, 2024

For example, in its most recent transparency report (PDF) Verizon said it received more than 127,000 law enforcement demands for customer data in the second half of 2023 — including more than 36,000 EDRs — and that the company provided records in response to approximately 90 percent of requests. dot-gov emails get hacked.

Hacking 258

Hacking Accountability Government Social Engineering 258

The Hacker News

NOVEMBER 28, 2023

Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022.

Phishing 111

Phishing Data breaches Cybercrime Accountability 111

Jane Frankland

NOVEMBER 20, 2023

My Predictions for Cybersecurity in 2023 were… Technology enables opportunities as fast as it introduces threats. Here are my predictions for 2023. Types of attacks. Types of attacks. Ransomware attacks will surge again, and adversaries will lean on behavioural science and seemingly legitimate ways to trick users.

Cybersecurity 130

Cybersecurity Digital transformation Artificial Intelligence Architecture 130

Security Affairs

NOVEMBER 6, 2024

A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. Countries in Operation Synergia II took significant actions against cybercrime: Hong Kong : Disabled over 1,037 malicious servers. Macau : Took 291 servers offline.

Cybercrime 132

Cybercrime Phishing Ransomware Mobile 132