SecureList

JUNE 26, 2023

In this report, we have analyzed the key threats to small and medium-sized companies in 2022 and 2023, and provided advice on how to stay safe. Malware attacks Between January 1 and May 18, 2023, 2,392 SMB employees encountered malware or unwanted software disguised as business applications, with 2,478 unique files distributed this way.

Cybercrime 100

Cybercrime Phishing Banking Malware 100

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 112

Phishing Banking Mobile Scams 112

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 300

Hacking Cybercrime Phishing Passwords 300

Anton on Security

APRIL 20, 2023

The famous Mandiant 2023 M-Trends (NOT G-Trends, mind you…) report is out, and here are some of the things that I found to be surprising and NOT surprising :-) Mandiant M-Trends 2023 Detection by Source SURPRISING “Mandiant experts note a decrease in the percentage of global intrusions involving ransomware between 2021 and 2022.

Social Engineering 130

Social Engineering Ransomware Cybercrime Cyber Attacks 130

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The technique was first disclosed in Poland in July 2023 and later observed in Czechia and other countries like Hungary and Georgia. SMS campaigns sent phishing links indiscriminately to Czech phone numbers.

Phishing 135

Phishing Mobile Banking Social Engineering 135

Security Boulevard

JANUARY 17, 2024

Thanks to various 2023 security reports, we know phishing attacks are now the most common form of cybercrime, with an estimated close to 3.5 million, with the US experiencing an average data breach […] The post Taking on EvilProxy: Advancements in Phishing Protection appeared first on Security Boulevard.

Phishing 64

Phishing Data breaches Cybercrime 64

Security Affairs

JANUARY 25, 2024

The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include references to case studies that were reported on by RedSense throughout the year.

Ransomware 129

Ransomware Cybercrime Malware Data breaches 129

Malwarebytes

FEBRUARY 6, 2024

The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 104

Ransomware Cybercrime Malware Social Engineering 104

Security Affairs

MARCH 14, 2023

Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks.

Phishing 98

Phishing Cybercrime Authentication Advertising 98

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. “I do not think this is all they earned.

Phishing 144

Phishing Cybercrime Advertising Hacking 144

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. com”, which is a free online scanner.

Phishing 134

Phishing Cybercrime Manufacturing Hacking 134

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. Familiarize yourself with common phishing hallmarks and promptly report any suspicious activity.

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

Security Affairs

NOVEMBER 6, 2024

A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. Countries in Operation Synergia II took significant actions against cybercrime: Hong Kong : Disabled over 1,037 malicious servers. Macau : Took 291 servers offline.

Cybercrime 126

Cybercrime Phishing Ransomware Mobile 126

CyberSecurity Insiders

JUNE 26, 2023

In recent months, a cybercrime group known as Blacktail has begun to make headlines as they continue to target organizations around the globe. Two of the most popular tools that have been used by the cybercrime group are LockBit 3.0 The content of this post is solely the responsibility of the author. Both LockBit 3.0

Cybercrime 100

Cybercrime Social Engineering Ransomware Phishing 100

SecureList

NOVEMBER 9, 2022

What cyberthreats for business will be the greatest in 2023? The ongoing geopolitical storm brings not only classical cyberthreats for business, but also unpredictable risks and ‘black swans’ The main problem for 2023 will be supply-chain stability and cybersecurity. Vladimir Dashchenko , Security Evangelist, Kaspersky.

Cybersecurity 137

Cybersecurity Cyber Insurance Cybercrime IoT 137

SecureList

NOVEMBER 28, 2022

Although the main types of threats (phishing, scams, malware, etc.) Below, we present a number of key ideas about what the consumer-oriented threat landscape will look like in 2023, and describe how users could be lured into cybertraps with fake content and third-party apps. 2023 promises a wealth of new releases.

Education 131

Education Phishing Scams Social Engineering 131

Security Affairs

NOVEMBER 6, 2024

A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. Countries in Operation Synergia II took significant actions against cybercrime: Hong Kong : Disabled over 1,037 malicious servers. Macau : Took 291 servers offline.

Cybercrime 117

Cybercrime Phishing Ransomware Mobile 117

Security Affairs

JULY 31, 2024

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT.

Phishing 137

Phishing Malware Accountability Hacking 137

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 131

Phishing Marketing Scams Accountability 131

CyberSecurity Insiders

JANUARY 25, 2023

By Immanuel Chavoya, Emerging Threat Expert, SonicWall 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. In 2023, we should expect continued change as emerging tech and geopolitical conflicts meet to create an even more complicated and risky threat landscape.

Cyber threats 127

Cyber threats Cybercrime Malware Healthcare 127

Jane Frankland

NOVEMBER 20, 2023

My Predictions for Cybersecurity in 2023 were… Technology enables opportunities as fast as it introduces threats. Here are my predictions for 2023. Types of attacks. Types of attacks. Ransomware attacks will surge again, and adversaries will lean on behavioural science and seemingly legitimate ways to trick users.

Cybersecurity 130

Cybersecurity Digital transformation Artificial Intelligence Architecture 130

Security Boulevard

MARCH 21, 2024

Latest FBI IC3 Report shows a record year for cybercrime: record-setting $12.5 billion in losses The 2023 FBI IC3 report reveals not just numbers but narratives that underscore the adaptability and cunning of today’s cyber adversaries. With a record-setting $12.5 With a record-setting $12.5

Cyber threats 72

Cyber threats Cybercrime Social Engineering Engineering 72

Security Boulevard

NOVEMBER 8, 2024

CISA is warning about a spear-phishing campaign that spreads malicious RDP files. 1 - CISA: Beware of nasty spear-phishing campaign Proactively restrict outbound remote-desktop protocol (RDP) connections. 1 - CISA: Beware of nasty spear-phishing campaign Proactively restrict outbound remote-desktop protocol (RDP) connections.

Phishing 49

Phishing Cybersecurity Ransomware Cybercrime 49

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. In May 2023, the U.S. authorities. One of the new Fin7 domains identified by Silent Push is cybercloudsec[.]com

Phishing 278

Phishing Cybercrime Malware Software 278

SecureWorld News

SEPTEMBER 14, 2023

Microsoft has recently brought attention to a highly-sophisticated and targeted phishing campaign conducted by a notorious threat actor group known as Storm-0324. Microsoft's Threat Intelligence team said: "In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file.

Phishing 97

Phishing Ransomware Cybercrime Threat Detection 97

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware. Just to name a few.

Phishing 139

Phishing Scams Education Passwords 139

Security Affairs

AUGUST 8, 2023

Microsoft Patch Tuesday security updates for August 2023 addressed 74 vulnerabilities, including two actively exploited flaws. Microsoft has released an Office Defense in Depth update ( ADV230003 ) to address a patch bypass of the actively exploited RCE vulnerability CVE-2023-36884. reads the post.

Phishing 98

Phishing Cybercrime Hacking Government 98

The Hacker News

NOVEMBER 28, 2023

Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022.

Phishing 107

Phishing Data breaches Cybercrime Accountability 107

Identity IQ

DECEMBER 20, 2023

2023: A Year of Record-Breaking Data Breaches IdentityIQ This past year has been an eye-opening year in the realm of digital security. Here, we review the largest data breaches of 2023, analyze the trends, and review proactive measures to navigate the future of security. But the numbers alone tell only part of the story.

Data breaches 90

Data breaches Identity Theft Cybercrime Social Engineering 90

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 294

Phishing Telecommunications Malware Scams 294

Security Affairs

JULY 12, 2023

The issue, tracked as CVE-2023-36884 , was exploited by nation-state actors and cybercriminals to gain remote code execution via malicious Office documents. The threat actors were observed exploiting the flaw CVE-2023-36884 using lures related to the Ukrainian World Congress. ” reads the post.

Phishing 98

Phishing Cybercrime Hacking Government 98

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. For more information, visit www.netwrix.com.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Risk 116

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 145

Ransomware CISO Software Cybercrime 145

Security Through Education

JANUARY 18, 2023

The truth is technology has grown at an exponential rate and so has cybercrime. Cybercrime doesn’t just affect big businesses and national governments. What are some personal cybersecurity concerns for 2023? Business email compromise (BEC) attacks have been predicted to soar in 2023 according to Forbes Advisor.

Cybersecurity 98

Cybersecurity Social Engineering Scams IoT 98

BH Consulting

AUGUST 16, 2023

Shedding the light of the law on cybercrime methods Today’s cybercrime landscape involves criminals operating across borders as business-like syndicates, says Europol. The agency’s ninth Internet Organised Crime Assessment (IOCTA) 2023 report gives a law enforcement perspective on current cybercrime techniques.

Social Engineering 52

Social Engineering Cybercrime Data privacy Engineering 52

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority.

Social Engineering 139

Social Engineering Ransomware Engineering Phishing 139