SecureList

NOVEMBER 28, 2024

This is our latest roundup, covering activity we observed during Q3 2024. Earlier in 2024, a secure USB drive was found to be compromised and malicious code was injected into the access management software installed on the USB drive. After that, we did not observe any new activity related to this actor until mid-July 2024.

Malware 119

Malware Government Software Spyware 119

SecureList

FEBRUARY 20, 2025

Security incident statistics for 2024 In 2024, the MDR infrastructure received and processed on average 15,000 telemetry events per host every day, generating security alerts as a result. This report answers key questions, including: Who are the potential attackers? What methods are they using today? in IT, 18.3% in government, 17.8%

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Security Affairs

AUGUST 18, 2024

The Mad Liberator ransomware group has been active since July 2024, it focuses on data exfiltration instead of data encryption. Mad Liberator employs social engineering techniques to gain access to the victim’s environment, specifically targeting organizations using remote access tools like Anydesk.

Social Engineering 145

Social Engineering Engineering Ransomware Cybercrime 145

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing 83

Phishing Banking Scams Mobile 83

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations.

Energy and Utilities 107

Energy and Utilities Ransomware Malware Government 107

Digital Shadows

OCTOBER 25, 2024

In October 2024, ReliaQuest responded to an alert for Impacket activity. During the investigation, we discovered a wider trend: a campaign of escalated social engineering tactics originally associated with the ransomware group “Black Basta.” What Happened?

Social Engineering 128

Social Engineering Engineering Phishing Accountability 128

Krebs on Security

NOVEMBER 21, 2024

In January 2024, KrebsOnSecurity broke the news that Urban had been arrested in Florida in connection with multiple SIM-swapping attacks. In September 2024, KrebsOnSecurity reported that a 17-year-old from the United Kingdom was arrested last year by U.K. police as part of an FBI investigation into the MGM hack.

Identity Theft 250

Identity Theft Phishing Cryptocurrency Accountability 250

The Last Watchdog

DECEMBER 12, 2023

What should I be most concerned about – and focus on – in 2024? In 2024, we will see more targeted, sophisticated business email compromise (BEC) attacks, including VIP impersonation, vendor email compromise (VEC), and autonomous agents used for malicious purposes. The comments we received were uniformly insightful and helpful.

Cybersecurity 258

Cybersecurity Social Engineering Cyber threats Software 258

Responsible Cyber

NOVEMBER 23, 2024

Overview of Vendor Breaches in 2024 In 2024, the cybersecurity landscape has faced an alarming rise in vendor-related breaches, underscoring the vulnerabilities associated with third-party service providers. A common characteristic among the vendor breaches reported in 2024 is the exploitation of weak security protocols.

Risk 81

Risk Healthcare Education Cybersecurity 81

Penetration Testing

OCTOBER 19, 2024

A new and dangerous social engineering tactic, dubbed ClickFix, has emerged as a significant cybersecurity threat in 2024, according to a recent report from the Sekoia Threat Detection & Research... The post Beware of Fake Google Meet Invites: ClickFix Campaign Spreading Infostealers appeared first on Cybersecurity News.

Social Engineering 88

Social Engineering Threat Detection Engineering Cybersecurity 88

BH Consulting

OCTOBER 24, 2024

The malevolent seven: ENISA report identifies prime cybersecurity threats Ransomware; malware; social engineering; threats against data; threats against availability (denial of service); information manipulation and interference; and supply chain attacks. Information Security Buzz has a good summary of the main points.

Social Engineering 69

Social Engineering Passwords Cybersecurity Ransomware 69

Security Affairs

DECEMBER 25, 2024

dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors in May 2024.” dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors in May 2024.” ” reads the press release published by FBI. ” reads the press release published by FBI. BTC ($308M). .”

Cryptocurrency 123

Cryptocurrency Social Engineering Hacking Cybercrime 123

Security Affairs

OCTOBER 29, 2024

” The Telegram channel was created on September 10, 2024 and at this time has 189 subscribers. that was registered in April 2024. On September 18, 2024, a missile alert channel with over 80,000 subscribers promoted the “Civil Defense” Telegram channel.

Malware 120

Malware Social Engineering Software Mobile 120

Security Affairs

APRIL 17, 2025

increasingly used in malware campaigns since October 2024, including an ongoing crypto-themed malvertising attack as of April 2025. In a documented instance, attackers used a ClickFix social engineering tactic to trick users into running a PowerShell command that downloads and installs Node.js Microsoft has observed Node.js

Social Engineering 116

Social Engineering Malware Cryptocurrency Engineering 116

Tech Republic Security

JUNE 4, 2024

Organisations providing services related to the Paris Olympics 2024 have an increased risk of cyber attack, a new study has found.

Cyber Attacks 197

Cyber Attacks Risk Social Engineering Engineering 197

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 130

Social Engineering Media Mobile Scams 130

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Organizations should implement domain monitoring, enforce DMARC policies, and train employees to recognize social engineering methods.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

Tech Republic Security

NOVEMBER 9, 2023

A November report from Google Cloud details possible nation-state malware tactics in 2024 and new angles of cyberattacks.

Cybersecurity 214

Cybersecurity Malware Big data Social Engineering 214

eSecurity Planet

MARCH 3, 2025

The report details how threat actors harness automation, artificial intelligence, and advanced social engineering to scale their operations. A dramatic 442% surge in vishing attacks during the latter half of 2024 further illustrates the lengths to which adversaries will go to exploit vulnerabilities.

Threat Reports 112

Threat Reports Cybercrime Artificial Intelligence Social Engineering 112

Krebs on Security

APRIL 9, 2024

Most of the flaws that Microsoft deems “more likely to be exploited” this month are marked as “important,” which usually involve bugs that require a bit more user interaction (social engineering) but which nevertheless can result in system security bypass, compromise, and the theft of critical assets.

DNS 299

DNS Social Engineering Malware Media 299

BH Consulting

NOVEMBER 14, 2024

There was no doubting the one topic on almost everyone’s minds at IRISSCON 2024: AI. Widely considered one of the industry’s leading sources of security research, the 2024 edition found that ransomware and extortion made up 32% of incidents. Many of these attacks are preventable, he added.

Artificial Intelligence 64

Artificial Intelligence Ransomware Social Engineering Cybersecurity 64

We Live Security

DECEMBER 12, 2024

Attackers could use seemingly innocuous prompts to manipulate an AI system and even make it their unwitting ally in carrying out malicious activities

Social Engineering 92

Social Engineering Engineering 92

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations. RaaS usage is expected to increase by 25% in 2024.

Social Engineering 142

Social Engineering Cyber Attacks Cyber Insurance IoT 142

Security Affairs

SEPTEMBER 11, 2024

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. ” The four actively exploited zero-day vulnerabilities are: CVE-2024-38014 – Windows Installer Elevation of Privilege Vulnerability. However, we at the ZDI think that number should be five.”

Social Engineering 130

Social Engineering IoT Engineering Authentication 130

eSecurity Planet

OCTOBER 22, 2024

ClickFix campaigns represent a new wave of phishing tactics that emerged in May 2024, aimed at exploiting users of popular software applications. Cybercriminals employ social engineering techniques to trick you into believing you must resolve fictitious technical issues.

Scams 123

Scams Malware Phishing Social Engineering 123

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays. The Ministry of Human Resources and Emiratisation (MoHRE) has announced that December 2 and 3, 2024, will be official paid holidays for all private sector employees in the UAE.

Social Engineering 112

Social Engineering Phishing Banking DNS 112

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. In our Q3 2024 ransomware report , we predicted activity would reach its peak in the last quarter of the year.

Ransomware 126

Ransomware Social Engineering Phishing VPN 126

Security Affairs

NOVEMBER 15, 2024

Threat actors relies on social engineering tactics like ClickFix and FakeCaptcha to trick users into executing malicious scripts via PowerShell or Run prompts. The malware bypasses Chrome’s App-Bound Encryption by utilizing the IElevator service, a method that was disclosed in October 2024.

Encryption 117

Encryption Password Management Cryptocurrency Social Engineering 117

The Hacker News

APRIL 17, 2025

Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025.

Social Engineering 129

Social Engineering Malware Engineering Phishing 129

SecureList

DECEMBER 9, 2024

As part of Kaspersky Security Bulletin 2024, our “Story of the Year” centers on these pressing issues. We’ll begin by revisiting notable supply chain incidents from 2024, and then explore potential scenarios of more damaging cases and the ways we prepare for them. Let’s dive in! Why does it matter? The Polyfill.io

Internet 114

Internet Internet Risk Social Engineering 114

Mitnick Security

AUGUST 6, 2024

August 6th, 2024, marks the first annual National Social Engineering Day , an opportunity to raise awareness about social engineering threats and emphasize effective cybersecurity practices.

Social Engineering 52

Social Engineering Engineering Cybersecurity 52

The Hacker News

APRIL 23, 2025

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber espionage-related operations.

Social Engineering 123

Social Engineering Malware Engineering 123

The Hacker News

MAY 15, 2024

The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks.

Social Engineering 141

Social Engineering Ransomware Engineering 141

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 98

Social Engineering Media Scams Advertising 98

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. Millions of customers were put at risk when their social security numbers, phone numbers, and other sensitive personal information were leaked.

Consumer Protection 88

Consumer Protection Identity Theft Scams Social Engineering 88

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Top Techniques: A Closer Look Phishing Techniques: The Evergreen Threat in Cybersecurity Initial access methods were the most common MITRE ATT&CK techniques between May and July 2024.

Cyber Attacks 59

Cyber Attacks Phishing Ransomware Cyber Insurance 59

Security Affairs

JANUARY 22, 2025

Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024. Sophos first observed a STAC5143 attack in November 2024, it began with spam emails followed by a Teams call from an account named “Help Desk Manager.”

Ransomware 98

Ransomware Malware Social Engineering Engineering 98