Security Affairs

DECEMBER 25, 2024

TraderTraitor activity is often characterized by targeted social engineering directed at multiple employees of the same company simultaneously.” The FBI will continue to expose and combat the DPRKs use of illicit activitiesincluding cybercrime and virtual currency theftto generate revenue for the regime. BTC ($308M).

Cryptocurrency 121

Cryptocurrency Social Engineering Hacking Cybercrime 121

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media.

Social Engineering 128

Social Engineering Media Mobile Scams 128

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 88

Consumer Protection Identity Theft Scams Social Engineering 88

Security Affairs

MARCH 24, 2025

“Cloaks attack strategy involves acquiring network access through Initial Access Brokers (IABs) or social engineering methods such as phishing, malvertising, exploit kits, and drive-by downloads disguised as legitimate updates like Microsoft Windows installers.” ” reads a report published by Halcyon.

Ransomware 101

Ransomware Hacking Social Engineering VPN 101

Security Affairs

OCTOBER 11, 2024

Code snippets in attacker supplied prompts indicated it had standard surveillanceware capabilities” OpenAI finally reported that China-linked group SweetSpectre used ChatGPT for reconnaissance, vulnerability research, malware development, and social engineering.

Malware 135

Malware Social Engineering Engineering Hacking 135

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. Researchers from Gen Digital who discovered the threat, believe it is in its early development phase.

Encryption 115

Encryption Password Management Cryptocurrency Social Engineering 115

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority. You should always stop and verify.

Social Engineering 136

Social Engineering Ransomware Engineering Phishing 136

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 70

Cybercrime Firewall Social Engineering Ransomware 70

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays.

Social Engineering 110

Social Engineering Phishing Banking DNS 110

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

Security Affairs

JULY 22, 2024

for suspected involvement in the Scattered Spider cybercrime syndicate. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). Law enforcement arrested a 17-year-old boy from Walsall, U.K., Law enforcement in the U.K.

Cybercrime 132

Cybercrime Social Engineering Hacking Scams 132

Security Affairs

MARCH 10, 2025

Threat actors distribute malware in archives with fake installation instructions, urging users to disable security tools to allow their execution. Using this social engineering trick, threats like stealers, RATs, Trojans, and crypto miners can persist undetected.

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 132

Malware Cybercrime DDOS Social Engineering 132

Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Penetration Testing 144

Penetration Testing Retail Cybersecurity Social Engineering 144

Security Affairs

JANUARY 22, 2025

Employees should be aware of who their actual technical support team is and be mindful of tactics intended to create a sense of urgency that these sorts of social-engineering driven attacks depend upon.” ” Sophos published a list of indicators of compromise for these campaigns.

Ransomware 98

Ransomware Malware Social Engineering Engineering 98

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. “The security of our data is paramount and we have comprehensive information security protocols in place to ensure its confidentiality. Activision was breached December 4th, 2022.

Hacking 98

Hacking Cybercrime Social Engineering Data breaches 98

Security Affairs

APRIL 8, 2024

The Health Sector Cybersecurity Coordination Center (HC3) recently observed threat actors using sophisticated social engineering tactics to target IT help desks in the health sector. The attackers aim at gaining initial access to target organizations.

Social Engineering 137

Social Engineering Healthcare Engineering Accountability 137

Security Affairs

APRIL 15, 2024

The “Provider also started implementing measures to prevent similar incidents from occurring in the future and additional technical measures to further mitigate the risk associated with social engineering attacks. ” continues the notification.

Data breaches 139

Data breaches Social Engineering Engineering Authentication 139

Security Affairs

JUNE 17, 2024

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ).

Cybercrime 127

Cybercrime Hacking Social Engineering Cryptocurrency 127

Security Affairs

JUNE 4, 2024

These include: Social engineering tactics SIM swapping schemes Banking and credit card fraud” The attackers use various social engineering and spoofing tactics to trick victims into revealing their sensitive information, which supports real-time interaction to abuse and bypass MFA (Multi-Factor Authentication).

Banking 128

Banking Phishing Social Engineering Engineering 128

Security Affairs

AUGUST 21, 2020

Voice phishing is a form of criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Social Engineering 139

Social Engineering VPN Phishing Authentication 139

Security Affairs

AUGUST 2, 2021

The cleaner’s insider access takes care of the physical access challenge, while detachment to the organization makes the individual more susceptible to social engineering. There is an abundance of social engineering techniques, of which many are sinister, such as blackmail. The Faceless Man.

Social Engineering 137

Social Engineering Healthcare Engineering Hacking 137

Security Affairs

AUGUST 18, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 129

Malware Social Engineering Ransomware Government 129

Security Affairs

MARCH 29, 2025

Notifications & Social Engineering: Posts fake push notifications to trick users. Overlay Attacks: Checks for available overlays targeting installed applications, typically for credential theft. Device Administration & Persistence: Requests Device Admin privileges, locks the screen, and protects itself from deletion.

Banking 67

Banking Mobile Identity Theft Malware 67

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 124

Social Engineering Data breaches Spyware Malware 124

Security Affairs

OCTOBER 19, 2023

During the reporting period, key findings include: DDoS and ransomware rank the highest among the prime threats, with social engineering, data related threats, information manipulation, supply chain, and malware following.

Social Engineering 133

Social Engineering Artificial Intelligence Engineering Ransomware 133

Security Affairs

OCTOBER 21, 2023

Gal speculates that either Meta was the victim of a social engineered attack that tricked an employee into giving attackers access to the portal or the threat actor had credentials for a legitimate law enforcement account. ” Gal told Security Affairs.

Social Engineering 143

Social Engineering Identity Theft Accountability Engineering 143

SecureList

SEPTEMBER 13, 2021

In 2020, the pandemic forced companies to restructure their information security practices, accommodating a work-from-home (WFH) approach. Security issues with passwords, software vulnerabilities and social engineering combined into an overwhelming majority of initial access vectors during attacks.

Social Engineering 144

Social Engineering Ransomware Healthcare Government 144

SecureWorld News

JULY 3, 2023

According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Cybercrime is a highly profitable business. According to Cybersecurity Ventures, cybercrime will cost the world $10.5 Cyberattacks are not only a threat to individuals and businesses but also to national security.

Cybercrime 98

Cybercrime Social Engineering Data breaches Education 98

Security Affairs

MARCH 28, 2023

Cybercriminal groups can use chatbot like ChatGPT in social engineering attacks, disinformation campaigns, and other cybercriminal activities, such as developing malicious code. Cybercrime: In addition to generating human-like language, ChatGPT is capable of producing code in a number of different programming languages.

Artificial Intelligence 98

Artificial Intelligence Social Engineering Cybercrime Engineering 98

Security Affairs

NOVEMBER 23, 2023

It was originally discovered by Randy McEoin in August and has since gone through a number of upgrades, including the use of smart contracts to build its redirect mechanism, making it one of the most prevalent and dangerous social engineering schemes.” ” reads the analysis published by Malwarebytes.

Social Engineering 138

Social Engineering Passwords Malware Engineering 138

Security Affairs

SEPTEMBER 29, 2024

How the Necro Trojan infiltrated Google Play, again Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware “Marko Polo” Navigates Uncharted Waters With Infostealer Empire Octo2: European Banks Already Under Attack by New Malware Variant Infostealer malware bypasses Chrome’s new cookie-theft defenses AI-Generated Malware Found in the Wild (..)

Malware 125

Malware Social Engineering IoT Scams 125

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 123

Data breaches Cybercrime Firewall Ransomware 123

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 127

Data breaches Social Engineering Malware Hacking 127

IT Security Guru

SEPTEMBER 25, 2023

Attacks such as hacking, phishing, ransomware and social engineering are on the rise. Businesses and other organisations are being pushed both by customers and regulators to evidence how they are keeping their information secure. In the eyes of many, the war on cybercrime is being lost. This is not always the case.

CISO 133

CISO Identity Theft Cybercrime Cybersecurity 133

Security Affairs

NOVEMBER 4, 2022

Social engineering: Phishing remains a popular technique but we see new forms of phishing arising such as spear-phishing, whaling, smishing and vishing. Cybercrime actors. social nature. Malware: 66 disclosures of zero-day vulnerabilities observed in 2021. Hacker-for-hire actors. Hacktivists. digital, economical.

Cyber threats 141

Cyber threats Phishing Social Engineering Ransomware 141