Security Affairs

DECEMBER 25, 2024

TraderTraitor activity is often characterized by targeted social engineering directed at multiple employees of the same company simultaneously.” The FBI will continue to expose and combat the DPRKs use of illicit activitiesincluding cybercrime and virtual currency theftto generate revenue for the regime. BTC ($308M).

Cryptocurrency 122

Cryptocurrency Social Engineering Hacking Cybercrime 122

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

APRIL 17, 2025

In a documented instance, attackers used a ClickFix social engineering tactic to trick users into running a PowerShell command that downloads and installs Node.js Another notable technique observed by researchers in recent campaign employs inline JavaScript execution via Node.js to deploy malicious payloads. components.

Social Engineering 115

Social Engineering Malware Cryptocurrency Engineering 115

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J.

Scams 85

Scams Social Engineering Mobile Phishing 85

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media.

Social Engineering 129

Social Engineering Media Mobile Scams 129

Security Affairs

OCTOBER 11, 2024

Code snippets in attacker supplied prompts indicated it had standard surveillanceware capabilities” OpenAI finally reported that China-linked group SweetSpectre used ChatGPT for reconnaissance, vulnerability research, malware development, and social engineering.

Malware 136

Malware Social Engineering Engineering Hacking 136

Security Affairs

MARCH 24, 2025

“Cloaks attack strategy involves acquiring network access through Initial Access Brokers (IABs) or social engineering methods such as phishing, malvertising, exploit kits, and drive-by downloads disguised as legitimate updates like Microsoft Windows installers.” ” reads a report published by Halcyon.

Ransomware 103

Ransomware Hacking Social Engineering VPN 103

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. Researchers from Gen Digital who discovered the threat, believe it is in its early development phase.

Encryption 116

Encryption Password Management Cryptocurrency Social Engineering 116

Security Affairs

OCTOBER 17, 2023

According to Statista.com, the impact of cybercrime is expected to reach almost $13 trillion this year. With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority. You should always stop and verify.

Social Engineering 138

Social Engineering Ransomware Engineering Phishing 138

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 71

Cybercrime Firewall Social Engineering Ransomware 71

Security Affairs

DECEMBER 10, 2024

This social engineering scheme has been amplified by targeted phishing, smishing, and vishing activities, with a noticeable increase around the winter holidays.

Social Engineering 111

Social Engineering Phishing Banking DNS 111

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware 61

Spyware Cybercrime Scams Social Engineering 61

Security Affairs

JULY 22, 2024

for suspected involvement in the Scattered Spider cybercrime syndicate. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). Law enforcement arrested a 17-year-old boy from Walsall, U.K., Law enforcement in the U.K.

Cybercrime 133

Cybercrime Social Engineering Hacking Scams 133

Security Affairs

MARCH 10, 2025

Threat actors distribute malware in archives with fake installation instructions, urging users to disable security tools to allow their execution. Using this social engineering trick, threats like stealers, RATs, Trojans, and crypto miners can persist undetected.

Cryptocurrency 92

Cryptocurrency Malware Social Engineering Antivirus 92

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 133

Malware Cybercrime DDOS Social Engineering 133

Hot for Security

APRIL 19, 2021

Notorious FIN7 gang stole payment card details from retailers around the world Cybercrime gang posed as penetration testing firm to recruit hackers. A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Penetration Testing 144

Penetration Testing Retail Cybersecurity Social Engineering 144

Security Affairs

JANUARY 22, 2025

Employees should be aware of who their actual technical support team is and be mindful of tactics intended to create a sense of urgency that these sorts of social-engineering driven attacks depend upon.” ” Sophos published a list of indicators of compromise for these campaigns.

Ransomware 98

Ransomware Malware Social Engineering Engineering 98

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. “The security of our data is paramount and we have comprehensive information security protocols in place to ensure its confidentiality. Activision was breached December 4th, 2022.

Hacking 98

Hacking Cybercrime Social Engineering Data breaches 98

Security Affairs

APRIL 8, 2024

The Health Sector Cybersecurity Coordination Center (HC3) recently observed threat actors using sophisticated social engineering tactics to target IT help desks in the health sector. The attackers aim at gaining initial access to target organizations.

Social Engineering 138

Social Engineering Healthcare Engineering Accountability 138

Security Affairs

JUNE 17, 2024

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ).

Cybercrime 129

Cybercrime Hacking Social Engineering Cryptocurrency 129

Security Affairs

JUNE 4, 2024

These include: Social engineering tactics SIM swapping schemes Banking and credit card fraud” The attackers use various social engineering and spoofing tactics to trick victims into revealing their sensitive information, which supports real-time interaction to abuse and bypass MFA (Multi-Factor Authentication).

Banking 129

Banking Phishing Social Engineering Engineering 129

Security Affairs

AUGUST 21, 2020

Voice phishing is a form of criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Social Engineering 140

Social Engineering VPN Phishing Authentication 140

Security Affairs

APRIL 15, 2024

The “Provider also started implementing measures to prevent similar incidents from occurring in the future and additional technical measures to further mitigate the risk associated with social engineering attacks. ” continues the notification.

Data breaches 140

Data breaches Social Engineering Engineering Authentication 140

Security Affairs

AUGUST 2, 2021

The cleaner’s insider access takes care of the physical access challenge, while detachment to the organization makes the individual more susceptible to social engineering. There is an abundance of social engineering techniques, of which many are sinister, such as blackmail. The Faceless Man.

Social Engineering 138

Social Engineering Healthcare Engineering Hacking 138

Security Affairs

AUGUST 18, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 130

Malware Social Engineering Ransomware Government 130

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering 126

Social Engineering Data breaches Spyware Malware 126

Security Affairs

OCTOBER 19, 2023

During the reporting period, key findings include: DDoS and ransomware rank the highest among the prime threats, with social engineering, data related threats, information manipulation, supply chain, and malware following.

Social Engineering 134

Social Engineering Artificial Intelligence Engineering Ransomware 134

Security Affairs

OCTOBER 21, 2023

Gal speculates that either Meta was the victim of a social engineered attack that tricked an employee into giving attackers access to the portal or the threat actor had credentials for a legitimate law enforcement account. ” Gal told Security Affairs.

Social Engineering 144

Social Engineering Identity Theft Accountability Engineering 144

SecureList

SEPTEMBER 13, 2021

In 2020, the pandemic forced companies to restructure their information security practices, accommodating a work-from-home (WFH) approach. Security issues with passwords, software vulnerabilities and social engineering combined into an overwhelming majority of initial access vectors during attacks.

Social Engineering 145

Social Engineering Ransomware Healthcare Government 145

SecureWorld News

JULY 3, 2023

According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Cybercrime is a highly profitable business. According to Cybersecurity Ventures, cybercrime will cost the world $10.5 Cyberattacks are not only a threat to individuals and businesses but also to national security.

Cybercrime 98

Cybercrime Social Engineering Data breaches Education 98

Security Affairs

MARCH 28, 2023

Cybercriminal groups can use chatbot like ChatGPT in social engineering attacks, disinformation campaigns, and other cybercriminal activities, such as developing malicious code. Cybercrime: In addition to generating human-like language, ChatGPT is capable of producing code in a number of different programming languages.

Artificial Intelligence 98

Artificial Intelligence Social Engineering Cybercrime Engineering 98

Security Affairs

NOVEMBER 23, 2023

It was originally discovered by Randy McEoin in August and has since gone through a number of upgrades, including the use of smart contracts to build its redirect mechanism, making it one of the most prevalent and dangerous social engineering schemes.” ” reads the analysis published by Malwarebytes.

Social Engineering 139

Social Engineering Passwords Malware Engineering 139

Security Affairs

SEPTEMBER 29, 2024

How the Necro Trojan infiltrated Google Play, again Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware “Marko Polo” Navigates Uncharted Waters With Infostealer Empire Octo2: European Banks Already Under Attack by New Malware Variant Infostealer malware bypasses Chrome’s new cookie-theft defenses AI-Generated Malware Found in the Wild (..)

Malware 127

Malware Social Engineering IoT Scams 127

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 124

Data breaches Cybercrime Firewall Ransomware 124

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

Security Affairs

MARCH 29, 2025

Notifications & Social Engineering: Posts fake push notifications to trick users. Overlay Attacks: Checks for available overlays targeting installed applications, typically for credential theft. Device Administration & Persistence: Requests Device Admin privileges, locks the screen, and protects itself from deletion.

Banking 68

Banking Mobile Identity Theft Malware 68

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 128

Data breaches Social Engineering Malware Hacking 128