Security Affairs

DECEMBER 11, 2018

Group-IB, an international company that specializes in preventing cyberattacks , has detected more than 40 000 compromised user credentials of online government services in 30 countries around the world. Group-IB Threat Intelligence has detected government websites’ user accounts compromised by cyber criminals in 30 countries.

Government 111

Government Cybercrime Accountability Advertising 111

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. government. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 70

Cybercrime Artificial Intelligence Hacking VPN 70

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

JULY 7, 2024

This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best articles and research on malware.

Malware 118

Malware Spyware Cybercrime Ransomware 118

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 67

Data breaches Hacking Artificial Intelligence Cybercrime 67

Malwarebytes

JANUARY 25, 2024

Currently only state sponsored groups, professional spyware vendors, and the large criminal operations have access to, and know how to use advanced AI tools to increase the effectivity of their attacks. Professional spyware vendors have deep enough pockets to invest in new tools, training, and development.

Ransomware 105

Ransomware Government Social Engineering Spyware 105

Security Affairs

DECEMBER 16, 2021

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware.

Spyware 138

Spyware Energy and Utilities Malware Engineering 138

Security Affairs

JANUARY 19, 2025

CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog Inexperienced actors developed the FunkSec ransomware using AI tools Credit Card Skimmer campaign targets WordPress via database injection Microsoft took legal action against crooks who developed a tool to abuse its AI-based services Pro-Russia hackers (..)

Spyware 68

Spyware Data breaches DNS Artificial Intelligence 68

Security Affairs

NOVEMBER 25, 2020

Group-IB supported an INTERPOL-led operation Falcon targeting business email compromise cybercrime gang from Nigeria, dubbed TMT. Group-IB , a global threat hunting and intelligence company, supported an INTERPOL-led operation Falcon targeting business email compromise (BEC) cybercrime gang from Nigeria, dubbed TMT by Group-IB.

Cybercrime 137

Cybercrime Phishing Social Engineering Spyware 137

SecureWorld News

MARCH 29, 2024

This ends up executing sketchy code that installs viruses, ransomware, spyware, or adware behind the victim's back. A stepping stone to impactful cybercrime This tactic has tangible real-world implications. If a user gets on the hook, they are redirected to a landing page or prompted to download an ostensibly innocuous file.

Cybercrime 105

Cybercrime Advertising Engineering Antivirus 105

Security Affairs

FEBRUARY 25, 2024

Iran Crisis Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign U.S.

Spyware 129

Spyware Cyber Insurance Hacking Advertising 129

Malwarebytes

FEBRUARY 16, 2021

Around the world, governments tried to stop their hospitals from being overwhelmed by ordering lockdowns, stay-in-place orders, and school closures. If 2020 taught us anything, it’s that cybercrime stops for nothing. By April 2020, half the world’s population had been asked or ordered to stay at home.

Malware 132

Malware Scams Spyware Healthcare 132

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 118

Malware Spyware Banking Ransomware 118

SecureWorld News

AUGUST 25, 2022

Israeli spyware company NSO Group has experienced quite a bit of controversy in the last few years. Its spyware product, Pegasus, has been used by various criminals and nation states to target individuals of interest, such as activists, politicians, and business leaders. After being blacklisted by the U.S.,

Spyware 98

Spyware Government Marketing Surveillance 98

Security Affairs

AUGUST 11, 2024

CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog Russian cyber spies stole data and emails from UK government systems 0.0.0.0 CISA adds Apache OFBiz and Android kernel bugs to its Known Exploited Vulnerabilities catalog Russian cyber spies stole data and emails from UK government systems 0.0.0.0

Spyware 117

Spyware Ransomware Hacking Government 117

Krebs on Security

APRIL 2, 2019

In response to an inquiry from this office, the RCMP stopped short of naming names, but said “we can confirm that our National Division Cybercrime Investigative Team did execute a search warrant at a Toronto location last week.”. government said was used to infect more than a half million computers worldwide. In 2014, the U.S.

Advertising 255

Advertising Malware Software Marketing 255

Security Affairs

AUGUST 7, 2022

affiliate sideloads Cobalt Strike through Windows Defender Gootkit AaaS malware is still active and uses updated tactics Austria investigates DSIRF firm for allegedly developing Subzero spyware ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.

Spyware 141

Spyware Manufacturing Small Business Surveillance 141

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 124

Spyware Surveillance DDOS Identity Theft 124

Security Affairs

MARCH 24, 2024

Government’s Antitrust Case Against Apple Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ramadan ) Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware 124

Malware Cybercrime Hacking Cyber threats 124

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 121

Data breaches Computers and Electronics Spyware Cybercrime 121

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Such attacks are likely to comprise an even larger portion of the threat landscape next year.

Spyware 139

Spyware Phishing Cybercrime Energy and Utilities 139

Security Affairs

JUNE 2, 2024

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 123

Data breaches VPN Cloud Migration Malware 123

Security Affairs

MARCH 5, 2020

According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Chinese hackers also targeted several organizations in the healthcare sector, government and defense sectors of countries in Asia. ” reads the report published by CrowdStrike.

Telecommunications 131

Telecommunications Advertising Mobile Government 131

Security Affairs

MAY 29, 2022

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks The strange link between Industrial Spy and the Cuba ransomware operation Reuters: Russia-linked APT behind Brexit leak website GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack Android pre-installed apps are affected by high-severity (..)

InfoSec 135

InfoSec Spyware DDOS Firewall 135

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 124

Social Engineering Data breaches Spyware Malware 124

Security Affairs

OCTOBER 1, 2023

Patch your TeamCity instance to avoid server hack Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Artificial Intelligence 127

Artificial Intelligence Firmware Data breaches Hacking 127

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches 130

Data breaches Ransomware Phishing Malware 130

Security Affairs

JULY 15, 2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise The source code of the BlackLotus UEFI Bootkit was leaked on GitHub US CISA warns of Rockwell Automation ControlLogix flaws Indexing Over 15 Million WordPress Websites with PWNPress New AVrecon botnet remained under the radar for two (..)

Spyware 98

Spyware Hacking Data breaches Mobile 98

Security Affairs

JULY 7, 2024

GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io

Data breaches 120

Data breaches Hacking Banking Spyware 120

Security Affairs

JUNE 25, 2023

Someone is sending mysterious smartwatches to the US Military personnel CISA orders govt agencies to fix recently disclosed flaws in Apple devices VMware fixed five memory corruption issues in vCenter Server Fortinet fixes critical FortiNAC RCE, install updates asap More than a million GitHub repositories potentially vulnerable to RepoJacking New Mirai (..)

DDOS 98

DDOS Cybercrime Spyware Malware 98

Security Affairs

FEBRUARY 28, 2021

Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing Google Alerts to deliver unwanted programs FBI warns of the consequences of telephony denial-of-service (TDoS) attacks An attacker was able to siphon audio feeds from multiple Clubhouse rooms Georgetown County has yet to recover from a sophisticated (..)

Spyware 110

Spyware Backups Manufacturing Data breaches 110

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing 141

Phishing Malware Spyware DDOS 141

SecureWorld News

NOVEMBER 23, 2021

The steps we’re taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place.". Being on this list effectively blocks the government or its vendors from doing business with NSO. And he didn't stop there.

Spyware 94

Spyware Surveillance Engineering Software 94

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cyber Attacks 121

Cyber Attacks Firewall Data breaches Telecommunications 121

SecureWorld News

JULY 11, 2022

The United States government has attributed the hack to a North Korean state-sponsored advanced persistent threat (APT) known as the Lazarus Group. The offer was emailed as a PDF document, and once it was downloaded, spyware infected the company's systems.

Social Engineering 97

Social Engineering Hacking Cryptocurrency Cybercrime 97

Security Affairs

APRIL 22, 2024

The threat actors shared a portion of the stolen data with TechCrunch as proof of the hack, it includes records on current and former government officials, diplomats, and politically exposed people. The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm.

Risk 138

Risk Spyware Hacking Accountability 138