Security Affairs

MARCH 25, 2021

Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living outside China. ” The group used the now terminated accounts to send links to the victims that point to malicious websites set up to conduct watering hole attacks.

Surveillance 114

Surveillance Social Engineering Malware Accountability 114

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 127

Data breaches Social Engineering Malware Hacking 127

SecureList

DECEMBER 9, 2024

This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. In the Triangulation campaign , discovered by Kaspersky last year, attackers compromised the integrity of system software and hardware by exploiting zero-day vulnerabilities to load advanced spyware onto devices.

Internet 108

Internet Internet Risk Social Engineering 108

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

FEBRUARY 17, 2020

Israeli Defence Force (IDF) announced it has thwarted an attempt by the Hamas militant group to hack soldiers’ mobile devices by posing as attractive women on social media and instant messaging apps ( i.e. Facebook, Instagram, and Telegram). We do not assess there is any significant breach of information,” said Lt. Jonathan Conricus.

Social Engineering 100

Social Engineering Media Advertising Spyware 100

CyberSecurity Insiders

MARCH 16, 2023

But after the spread of the Covid-19 pandemic, the focus of hackers has shifted more towards the smart phones with more phishing and social engineering attacks recorded in a 2nd quarter of 2022. All these days, we have seen cyber criminals infiltrating networks and taking down computers.

Cybercrime 94

Cybercrime Social Engineering Mobile Spyware 94

Hot for Security

JUNE 15, 2021

They’ve evolved into a data storage device, a video and sound recorder, as well as an easy way to access our bank accounts. Smishing attacks rely on social engineering tactics to fool recipients into handing over personal information or downloading malicious software onto the device. Avoid smishing and phishing attacks.

Mobile 137

Mobile Banking Phishing Social Engineering 137

Security Affairs

NOVEMBER 25, 2020

Business Email Compromise (BEC) is a type of email phishing attack that relies on social engineering. The gang was also seen using earlier compromised email account to push a new round of phishing attempts. The investigation continues as some of the gang members remain at large. 3 Gammadyne Mailer used by cybercriminals.

Cybercrime 138

Cybercrime Phishing Social Engineering Spyware 138

Identity IQ

FEBRUARY 18, 2021

The following vectors represent some of the most common ways a criminal could gain access to your accounts and is also known as an account takeover : Social Engineering. This involves manipulating individuals into sharing confidential information that can be used for fraudulent purposes. A common example is phishing.

Identity Theft 119

Identity Theft Passwords Data breaches Scams 119

Hacker's King

MAY 20, 2023

By combining something you know(like a password) with something you have(such as a verification code), 2FA adds an extra layer of protection to your online accounts. Hackers might target weak session tokens or hijack active sessions to gain unauthorized access to an account. However, like any security system, 2FA is not foolproof.

Authentication 52

Authentication Social Engineering Spyware Engineering 52

SecureList

NOVEMBER 28, 2024

Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments. Unlike previous campaigns, we did not observe the Golang SFX droppers this time. Such actions, in turn, make the infection harder to detect and complicate post-compromise investigation.

Malware 117

Malware Government Software Spyware 117

Security Affairs

JULY 4, 2023

It has been estimated that the threat actor has stolen over 350,000 EUR from victims’ bank accounts and compromised Personally Identifiable Information (PII) of thousands of victims. Furthermore, due to the simplicity of SMS spyware, it can be difficult to detect, as it only requires permission to send and view SMS messages.”

Banking 98

Banking Phishing Social Engineering Authentication 98

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. In addition, the likelihood of the data being used for phishing and social engineering increases. . Kaspersky detects an average of 400,000 malicious files every day.

Media 139

Media Social Engineering Ransomware Hacking 139

SecureList

MAY 27, 2022

The attackers are mainly interested in collecting data on user accounts, IP addresses and session information; and they steal configuration files from programs that work directly with cryptocurrency and may contain account credentials. The campaign has two goals: gathering information and stealing cryptocurrency. Other malware.

Phishing 133

Phishing Spyware Firmware Malware 133

Security Affairs

NOVEMBER 15, 2023

Source: Cybernews Usernames Names Government ID numbers (CURP) Phone numbers Email addresses Home addresses Dates of Birth Gender KYC status IP addresses used to register for an account IP addresses used to log in Deposit amounts Withdrawal amounts Notes on users, submitted by admins and customer support agents.

Passwords 100

Passwords Identity Theft Social Engineering Spyware 100

SecureWorld News

JULY 27, 2023

Mike Parkin, Senior Technical Engineer at Vulcan Cyber, said: "There's no doubt we're seeing more information stealing malware, but there's been an uptick in cybercriminal activity overall. They are often spread by malicious advertising, spam, and compromised accounts.

Malware 94

Malware Social Engineering Passwords Accountability 94

SecureList

OCTOBER 4, 2022

More importantly, one of the libraries bundled with the malicious Tor Browser is infected with spyware that collects various personal data and sends it to a command and control server. The spyware also provides the functionality to execute shell commands on the victim machine, giving the attacker control over it.

Encryption 145

Encryption Spyware Malware Software 145

eSecurity Planet

JUNE 7, 2022

It needs to be maintained for various types of cyber threats like Ransomware, Malware, Social Engineering, and Phishing. It also prevents identity thefts and spyware attacks to safeguard confidential information, such as passwords, financial data, credit card numbers, and social security numbers of users.

Cybersecurity 127

Cybersecurity Identity Theft Encryption Antivirus 127

Hacker's King

OCTOBER 3, 2024

WhatsApp Pegasus Spyware Attack (2019) One of the most famous zero-day exploits happened on WhatsApp in 2019. Hackers discovered a vulnerability in WhatsApp’s call feature, allowing them to install spyware on phones without the user’s knowledge. Even if the user didn’t answer the call, spyware called Pegasus was installed.

Media 52

Media Spyware Accountability Marketing 52

Herjavec Group

AUGUST 26, 2021

They hack into their teacher’s account and leave messages making fun of him. Air Force research facility, discover a password “sniffer” has been installed onto their network, compromising more than 100 user accounts. banks using the Zeus Trojan virus to crack open bank accounts and divert money to Eastern Europe.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

MARCH 27, 2023

Such was related to a worldwide malware operation known as NullMixer, a controversial and widespread malware delivery maneuver based on SEO poisoning and social engineering technique to lure tech-savvy users, including IT personnel.

Malware 98

Malware Social Engineering Encryption Marketing 98

BH Consulting

OCTOBER 6, 2022

Social engineering techniques, such as phishing, target not the systems but the people using them. After all, it’s called social engineering for a reason. These virtual identities are then used to open accounts, purchase merchandise and services, or further distribute malware for other purposes (e.g.,

Security Awareness 52

Security Awareness Phishing Scams Social Engineering 52

Security Boulevard

AUGUST 6, 2024

The registration data we analyzed contained the registered domain name, the A record IP, and the IP address used when opening an account with the provider. Social Engineering: Attackers may use various social engineering techniques to convince victims to run the malware.

DNS 69

DNS Malware Social Engineering Engineering 69

ForAllSecure

APRIL 26, 2023

of polled executives report that their organizations' accounting and financial data were targeted by cyber adversaries.” ” And, “Nearly half (48.8%) of C-suite and other executives expect the number and size of cyber events targeting their organizations’ accounting and financial data to increase in the year ahead.”

Social Engineering 40

Social Engineering Passwords Engineering Software 40

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts. SandStrike is distributed as a means to access resources about the Bahá?í í religion that are banned in Iran.

Malware 145

Malware Ransomware Spyware Encryption 145

Security Boulevard

AUGUST 1, 2024

Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality. It adds an extra layer of protection to your accounts by requiring two forms of verification before granting access. Start by using strong, unique passwords for each of your accounts.

Identity Theft 64

Identity Theft Cyber threats Passwords Authentication 64

Thales Cloud Protection & Licensing

JULY 31, 2024

Cyber threats like viruses, spyware, and ransomware constantly evolve, posing significant risks to personal data, privacy, and device functionality. It adds an extra layer of protection to your accounts by requiring two forms of verification before granting access. Start by using strong, unique passwords for each of your accounts.

Identity Theft 62

Identity Theft Cyber threats Passwords Authentication 62

Identity IQ

JULY 17, 2023

Malware : Malicious software, such as viruses or spyware, can infect your devices and be used to steal your credentials. Social Engineering : Cybercriminals manipulate and deceive individuals into divulging their credentials through psychological manipulation or impersonation.

Identity Theft 52

Identity Theft Password Management Passwords Authentication 52

Identity IQ

JULY 17, 2023

Malware : Malicious software, such as viruses or spyware, can infect your devices and be used to steal your credentials. Social Engineering : Cybercriminals manipulate and deceive individuals into divulging their credentials through psychological manipulation or impersonation.

Identity Theft 52

Identity Theft Password Management Passwords Authentication 52

SecureList

NOVEMBER 18, 2022

The group delivers its malware using social engineering. Cybercriminals make extensive use of social engineering tricks to entice potential victims into installing malware: the promise of an Android version of a game that’s not on Google Play ; the chance to play games for free ; access to game cheats; etc.

Malware 122

Malware Computers and Electronics Adware Cryptocurrency 122

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. Drone hacking!

Hacking 140

Hacking Energy and Utilities Media Malware 140

Spinone

NOVEMBER 1, 2019

Spyware – malware that spies on the computer to collect the information about a product, a company, a person. The most widespread spyware are keyloggers and trojans. Hacking and Social Engineering Attack vector – a specific method used by a hacker to accomplish his malicious goal.

Passwords 40

Passwords Social Engineering Malware Encryption 40

SecureList

NOVEMBER 22, 2022

Unlike common stealers, this malware gathered data that can be used to identify the victims, such as browsing histories, social networking account IDs and Wi-Fi networks. One of the most striking new stealers has been OnionPoison. Previously discovered stealers have not been left behind.

Cryptocurrency 106

Cryptocurrency Mobile Ransomware Banking 106

Digital Shadows

NOVEMBER 10, 2022

Threat actors can develop fake mobile apps to install adware, steal PII and financial data, extract cookies and credentials, and download further payloads (such as spyware) from a remote-controlled domain. VIPs and executives can also be impersonated to conduct social engineering attacks.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

SecureList

MARCH 1, 2021

In their campaigns to infect mobile devices, cybercriminals always resort to social engineering tools, the most common of these passing a malicious application off as another, popular and desirable one. For example, an attacker could log in to a victim’s Facebook account and post a phishing link or spread spam.

Mobile 145

Mobile Malware Adware Banking 145

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware 98

Malware Government Phishing Social Engineering 98

Cytelligence

FEBRUARY 25, 2023

Phishing: Phishing is a type of social engineering attack where cybercriminals trick people into giving away sensitive information such as usernames, passwords, and credit card details. Additionally, enable multi-factor authentication for all accounts that offer it. It includes viruses, worms, and Trojans.

Cyber Attacks 40

Cyber Attacks IoT Authentication Passwords 40