Krebs on Security

APRIL 11, 2023

On April 7, Apple issued emergency security updates to fix two weaknesses that are being actively exploited, including CVE-2023-28206 , which can be exploited by apps to seize control over a device. CVE-2023-28205 can be used by a malicious or hacked website to install code. Both vulnerabilities are addressed in iOS/iPadOS 16.4.1,

Social Engineering 293

Social Engineering Ransomware Internet Internet 293

Security Affairs

APRIL 14, 2025

The operators of the Phishing-as-a-Service (PhaaS) platform Tycoon2FA have rolled out significant updates to enhance its evasion capabilities. Tycoon2FA, a phishing kit discovered in 2023 by cybersecurity firm Sekoia, was recently updated to improve its evasion capabilities. ” reported Trustwave.

Phishing 79

Phishing Hacking Cybersecurity Cybercrime 79

Krebs on Security

JULY 11, 2023

July marks the sixth month this year that Apple has released updates for zero-day vulnerabilities — those that get exploited by malware or malcontents before there is an official patch available. CVE-2023-36874 is an elevation of privilege bug in the Windows Error Reporting Service.

Software 247

Software Malware Antivirus Ransomware 247

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist.

Malware 326

Malware Cryptocurrency Software Phishing 326

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US This is noteworthy because.US is overseen by the U.S.

Phishing 293

Phishing Telecommunications Government DNS 293

Security Affairs

MARCH 31, 2025

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Threat actors are exploiting DNS techniques to enhance phishing attacks, using MX records to dynamically serve spoofed login pages. “We discovered cyber campaigns that used the phishing kits as early as January 2020.

DNS 85

DNS Phishing Banking Passwords 85

The Last Watchdog

JULY 27, 2023

Tel Aviv, Israel, July 27, 2023 — Perception Point , a leading provider of advanced threat prevention across digital communication channels, today published a new report analyzing global cyberattack trends in H1 2023 amidst the paradigm shift brought about by advances in generative AI (GenAI) capabilities.

Phishing 186

Phishing Social Engineering Engineering Media 186

Krebs on Security

NOVEMBER 9, 2024

For example, in its most recent transparency report (PDF) Verizon said it received more than 127,000 law enforcement demands for customer data in the second half of 2023 — including more than 36,000 EDRs — and that the company provided records in response to approximately 90 percent of requests. dot-gov emails get hacked.

Hacking 280

Hacking Accountability Government Social Engineering 280

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million in 2023.

Phishing 83

Phishing Banking Scams Mobile 83

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 327

Phishing Telecommunications Malware Scams 327

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. The automation of malware development is another worrying trend, as it lowers the barrier to entry for cybercrime.

Artificial Intelligence 133

Artificial Intelligence Phishing Media Cyber threats 133

Security Affairs

JULY 31, 2024

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT.

Phishing 134

Phishing Malware Accountability Hacking 134

Security Affairs

OCTOBER 11, 2024

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. ” continues the report.

Malware 136

Malware Social Engineering Engineering Hacking 136

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? This earned Google a whopping $175 billion in search-based ad revenues in 2023. First sponsorized google answer for “Google ads” is a phishing attempt !

Advertising 134

Advertising Accountability Phishing Scams 134

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. million in 2022.

Phishing 133

Phishing Banking Mobile Scams 133

Tech Republic Security

NOVEMBER 14, 2022

The post Top cybersecurity threats for 2023 appeared first on TechRepublic. Next year, cybercriminals will be as busy as ever. Are IT departments ready?

Cybersecurity 218

Cybersecurity Phishing Ransomware Malware 218

Tech Republic Security

JANUARY 23, 2023

A new report from Kaspersky details what their digital forensics and incident response teams predict as the main 2023 threats to corporations and government agencies. The post Kaspersky releases 2023 predictions appeared first on TechRepublic. Learn more about it.

Government 202

Government Phishing Ransomware Malware 202

The Hacker News

FEBRUARY 27, 2024

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer.

Phishing 135

Phishing Malware Scams Banking 135

Security Affairs

MAY 9, 2025

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks on Western governments and organizations. Google’s Threat Intelligence Group discovered LOSTKEYS, a new malware used by Russia-linked APT COLDRIVER , in recent attacks to steal files and gather system info.

Malware 59

Malware Government Hacking Phishing 59

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Security Affairs

APRIL 30, 2025

. “The analyses of the TTPs used during APT28 campaigns since 2021 and the recommendations published in October of 2023 remain relevant and may be consulted on the website of the CERT-FR” APT28’s attack chain begins with phishing and brute-force attacks, along with zero-day exploitation (e.g. CVE-2023-23397 ).

Government 113

Government Phishing DNS VPN 113

Security Affairs

APRIL 21, 2025

. “The threat actor also used other means to distribute the malware, such as attaching the same file to emails and exploiting the Microsoft Office Equation Editor vulnerability (CVE-2017-11882) [1].” Experts observed Kimsuky sending phishing emails targeting Korea and Japan from compromised systems.

Phishing 78

Phishing Malware Security Intelligence Hacking 78

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

APRIL 13, 2025

They continue to monitor for potential data misuse and urge vigilance against fraud, phishing, and identity theft. In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook.

Data breaches 127

Data breaches Unstructured Data Identity Theft Healthcare 127

Krebs on Security

SEPTEMBER 27, 2023

The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord. 226 , currently assigned to Matrix Telekom in Russia. com and www-discord[.]com.

Ransomware 314

Ransomware Internet Internet Phishing 314

Security Affairs

AUGUST 3, 2024

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. The campaign began around March 2024, the attackers leveraged phishing tactics that have been effective against diplomats for years, exploiting themes that prompt targets to engage with malicious content.

Phishing 134

Phishing Malware Advertising Hacking 134

Security Affairs

FEBRUARY 2, 2025

The HeartSender group has sold phishing tools to criminals since 2020, causing over $3 million in U.S. The Saim Raza group run multiple marketplaces that advertised and facilitated the sale of hacking and fraud tools, including malware, phishing kits and email extractors.

Cybercrime 109

Cybercrime Advertising Phishing Hacking 109

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. “The Nebulous Mantis team, which changes the domains they use every month, obtains these spear-phishing and C2 servers from LuxHost and AEZA bulletproof hosting (BPH) services.”

Encryption 98

Encryption Ransomware Malware Phishing 98

SecureList

NOVEMBER 29, 2024

The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities 106

Energy and Utilities Ransomware Malware Government 106

The Hacker News

JULY 26, 2024

A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level.

Cybercrime 123

Cybercrime Phishing Malware Cybersecurity 123

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. The threat of info stealers Info stealers are a type of malware that do exactly as they saythey steal information from peoples devices. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 136

Malware Software Passwords Cryptocurrency 136

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 307

Hacking Malware Ransomware Government 307

Malwarebytes

FEBRUARY 4, 2025

This warning comes from our 2025 State of Malware report, which compiled a years worth of intelligence to identify the most pressing cyberattacks on the horizon. You can find the full 2025 State of Malware report here. In 2023, Malwarebytes Labs subverted these boundaries to successfully get ChatGPT to write ransomware twice.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 82

Small Business Cybersecurity Passwords Scams 82

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The technique was first disclosed in Poland in July 2023 and later observed in Czechia and other countries like Hungary and Georgia. SMS campaigns sent phishing links indiscriminately to Czech phone numbers.

Phishing 132

Phishing Mobile Banking Social Engineering 132