SecureList

MAY 27, 2024

Compared to the first quarter of 2023, the percentage decreased by 1.3 Malicious activity in numbers Malicious objects used for initial infection Malicious objects that are used for initial infection of computers include dangerous internet resources that are added to denylists, malicious scripts and phishing pages, and malicious documents.

Spyware 128

Spyware Malware Internet Internet 128

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 126

Spyware Data breaches Hacking Ransomware 126

The Hacker News

AUGUST 1, 2023

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023.

Banking 94

Banking Spyware Phishing Cybersecurity 94

SecureList

AUGUST 30, 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. We had observed few victims compromised using Gopuram, but the number of infections increased in March 2023 — a spike that was directly related to the 3CX supply chain attack.

Malware 98

Malware Spyware Government Cryptocurrency 98

SecureList

NOVEMBER 22, 2022

A look back on the year 2022 and what to expect in 2023. This report assesses how accurately we predicted the developments in the financial threats landscape in 2022 and ponder at what to expect in 2023. Forecasts for 2023. Analysis of forecasts for 2022. Rise and consolidation of information stealers.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

SecureList

SEPTEMBER 26, 2024

pp compared to the second quarter of 2023, when the indicator reached its highest level since records began in 2022. pp compared to the first quarter of 2024); Malicious scripts and phishing pages (JS and HTML) – 5.69% (-0.15 Spyware (spy Trojans, backdoors and keyloggers) – 4.08% (+0.18 pp from the previous quarter to 23.5%.

Spyware 111

Spyware Malware Ransomware Internet 111

SecureList

JULY 27, 2023

This is our latest installment, focusing on activities that we observed during Q2 2023. The group’s latest activities, from September 2022 until March 2023, involve a new set of custom loaders and its private post-exploitation tool “Ninja,” used to help it remain undetected.

Malware 98

Malware Government Phishing Social Engineering 98

Security Affairs

SEPTEMBER 3, 2023

Being Used to Phish So Many of Us? Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US

Social Engineering 125

Social Engineering Data breaches Spyware Malware 125

The Last Watchdog

MAY 13, 2024

This process not only safeguards computers, mobile devices, and IoT systems from a diverse array of threats like malware, phishing, spyware, and botnets, ensuring privacy, but also optimizes performance.

DNS 130

DNS Cyber threats Engineering Spyware 130

Security Affairs

NOVEMBER 11, 2023

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2 Every week the best security articles from Security Affairs are free for you in your email box.

DDOS 127

DDOS Data breaches Ransomware Marketing 127

Security Affairs

APRIL 4, 2023

The attacker can also use the compromised accounts to carry out lateral phishing attacks and further infiltrate the target organizations TA473 targeted US elected officials and staffers since at least February 2023. CISA orders federal agencies to fix this flaw by April 24, 2023.

Phishing 98

Phishing Government Spyware Passwords 98

SecureList

DECEMBER 9, 2024

User data was stolen from Cisco Duo, a service that provides organizations with multi-factor authentication (MFA) and single sign-on (SSO) network access, as a consequence of a phishing attack targeting an employee of a third-party telephony provider. The breach allowed the threat actor to download SMS message logs. Why does it matter?

Internet 113

Internet Internet Risk Social Engineering 113

Security Affairs

JUNE 17, 2023

Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9 Margaret’s Health is the first hospital to cite a cyberattack as a reason for its closure A database containing data of +8.9

Data breaches 98

Data breaches DDOS Backups Firewall 98

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 98

Spyware Ransomware Malware Data breaches 98

Security Affairs

FEBRUARY 10, 2023

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. The attack chain starts with an phishing emails containing a malicious URL or malicious attachment that lead to deployment of WasabiSeed and Screenshotter malware. ” reads the post published by Proofpoint.

Malware 98

Malware Phishing Spyware Cybercrime 98

Security Affairs

JULY 4, 2023

Neo_Net’s eCrime campaign was reportedly targeting clients of banks globally, with a focus on Spanish and Chilean banks, from June 2021 to April 2023. Neo_Net has set up and rented out a wide-ranging infrastructure, including phishing panels, Smishing software, and Android trojans to its network of affiliates.

Banking 98

Banking Phishing Social Engineering Authentication 98

Security Affairs

SEPTEMBER 1, 2024

Under Meredith Whittaker, It’s Out to Prove Surveillance Capitalism Wrong EU investigating Telegram over user numbers Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 119

Malware Surveillance Firewall Phishing 119

Malwarebytes

MAY 10, 2023

Just check out the following stats from last year: 18 percent of clicked phishing emails in 2022 came from a mobile device. Check Point 2023 Cyber Security Report) For Managed Service Providers (MSPs) , these stats represent more than just figures; they underscore the need for proactive action across their customers’ mobile endpoints.

Mobile 87

Mobile Malware Phishing Scams 87

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 98

Data breaches Malware Mobile Spyware 98

Security Boulevard

FEBRUARY 17, 2025

Google's reCAPTCHA is not only useless, it's also basically spyware Techspot This study demonstrates Google's reCAPTCHA v2 and v3 are flawed and don't actually keep out bots. The research also shows that reCAPTCHA relies on fingerprinting (collecting "user agent data and other identifying information") and shares this data with advertisers.

Surveillance 52

Surveillance Data breaches VPN Malware 52

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Passwords 121

SecureList

NOVEMBER 14, 2023

In this article, we will review the past year’s trends to see which of our 2023 predictions have come true, and try to predict what is to come in 2024. The US Cybersecurity and Infrastructure Security Agency (CISA) provided additional IoCs associated with exploitation of CVE-2023-2868. A review of last year’s predictions 1.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureWorld News

JULY 27, 2023

Incidents have more than doubled in Q1 2023, indicating a disturbing trend that threatens global organizations. The 17-page report has a wealth of information, including the impact of stealers, the lifecycle of a stealer, the workflow of a stealer, and statistics around the stealers trending in 2023.

Malware 95

Malware Social Engineering Passwords Spyware 95

IT Security Guru

FEBRUARY 13, 2023

With so many well known banking sites falling short when it comes to blocking fraudsters, cybersecurity experts at VPNOverview have compiled a list of 12 safety tips to keep your money safe from malware and phishing scams. What are the possible dangers of online banking?

Banking 80

Banking Cybersecurity Antivirus Phishing 80

Security Affairs

NOVEMBER 15, 2023

The data was first indexed by IoT devices on March 8th, 2023. Source: Cybernews The information exposed in this data leak could have been exploited for fraud, identity theft, phishing attempts, or as a source of data for meticulously targeted cyberattacks. User security log.

Passwords 100

Passwords Identity Theft Social Engineering Spyware 100

CyberSecurity Insiders

MAY 19, 2023

Phishing – By circulating emails with malicious attachments, Hive actors can gain access to the victim’s networks. Impair Defenses – Hive will seek to terminate all processes related to backups, antivirus/anti-spyware, and file copying. This is called Exploit Public-Facing Application. billion being paid in 2022 alone.

Ransomware 124

Ransomware Encryption Healthcare Education 124

SecureList

SEPTEMBER 3, 2024

Number of new ransomware modifications, Q2 2023 – Q2 2024 ( download ) Number of users attacked by ransomware Trojans In Q2 2024, Kaspersky solutions protected 85,819 unique users from ransomware Trojans. Attacks on macOS In Q2 2024, numerous samples of the spyware Trojan-PSW.OSX.Amos (also known as Cuckoo) were found.

Mobile 113

Mobile Antivirus Adware Ransomware 113

Malwarebytes

JANUARY 22, 2023

Windows 10 download pages now say this at the bottom of the promotional text: January 31, 2023 will be the last day this Windows 10 download is offered for sale. Windows 10 will remain supported with security updates that help protect your PC from viruses, spyware and other malware until October 14, 2025.

Retail 97

Retail Spyware Malware Phishing 97

Security Affairs

MAY 23, 2023

On March 2023, researchers from Kaspersky spotted a previously unknown APT group, tracked as Bad Magic (aka Red Stinger), that targeted organizations in the region of the Russo-Ukrainian conflict. The attackers were observed using PowerMagic and CommonMagic implants. The archive contained two files, a decoy document (i.e.

Malware 98

Malware Spyware Encryption Hacking 98

Hacker's King

MAY 20, 2023

You may also like: Ways To Earn Passive Income In Cyber Security In 2023 Brute Force Attacks: Cracking the Code In certain cases, hackers may employ brute force attacks to gain access to an account without triggering the 2FA process. These codes are typically meant to be used in case the primary 2FA method fails.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

Google Security

JULY 27, 2023

While ARM had released the fixed driver version in October 2022, the vulnerability was not fixed by Android until April 2023 , 6 months after the initial release by ARM, 9 months after the initial report by Man Yue Mo, and 5 months after it was first found being actively exploited in-the-wild.

Spyware 94

Spyware Manufacturing Internet Internet 94

Security Affairs

JANUARY 10, 2021

It is a great question, particularly when you consider that $167 Billion was spent on Cybersecurity in 2019 and this is predicted to increase to $248 Billion by 2023 [Source: Forbes ]. For more information on this breach, see: Software Supply-Chain Attack Hits Vietnam Government Certification Authority.

Cyber Attacks 125

Cyber Attacks Government Software Surveillance 125

eSecurity Planet

JUNE 8, 2023

Email security consists of the policies, tools, and services deployed to protect against threats specific to email such as spam, phishing attacks, malware-infested attachments, impersonation, and email interception. Multi-factor Authentication Compromised credentials stolen from a phishing campaign can be quite dangerous. zip, etc.).

Firewall 80

Firewall DNS Authentication Malware 80

eSecurity Planet

MARCH 14, 2023

For example, hackers can use packet sniffers or a phishing link using a man-in-the-middle attack. For example, malware, spyware, adware, computer worms, botnets, trojan horses and similar malware do not normally impact network equipment (routers, firewalls, etc.) or network traffic. DNS security (IP address redirection, etc.),

Network Security 98

Network Security Firewall Penetration Testing Encryption 98

SecureWorld News

OCTOBER 31, 2024

From zombie botnets to phishing phantoms, these threats might sound like campfire tales, but they're some of the most sinister forces in cybersecurity today. Phishing phantoms: masters of disguise Phishing scams have become more sophisticated. Like a phantom in disguise, a phishing attack can appear harmless—until it's too late.

IoT 121

IoT Phishing DDOS Backups 121

eSecurity Planet

SEPTEMBER 11, 2023

September 5, 2023 Atlas VPN Leaks Users’ IP Addresses Type of attack: Zero-Day Vulnerability, a new vulnerability that is often difficult to fix since no patch is available on the market yet. The problem: The vulnerabilities ( CVE-2023-39238 , CVE-2023-39239 and CVE-2023-39240 ), with a CVSS v3.1 score of 9.8

VPN 113

VPN Authentication Firmware Phishing 113

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 127

Artificial Intelligence Firmware Data breaches Hacking 127