Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 126

Data breaches Social Engineering Malware Hacking 126

SecureWorld News

JULY 11, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning in April that the group was targeting cryptocurrency and blockchain companies and that it was using social engineering schemes to gain access to the victim's network. The employee who fell for the social engineering scheme no longer works for Sky Mavis.

Social Engineering 94

Social Engineering Hacking Cryptocurrency Cybercrime 94

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 104

Spyware Accountability VPN Malware 104

Malwarebytes

JANUARY 25, 2024

Reconnaissance and social engineering are specific fields where AI can be deployed. Currently only state sponsored groups, professional spyware vendors, and the large criminal operations have access to, and know how to use advanced AI tools to increase the effectivity of their attacks.

Ransomware 102

Ransomware Government Social Engineering Spyware 102

Security Affairs

JULY 4, 2023

The threat actor employed various techniques to circumvent the Multi-Factor Authentication (MFA), including social engineering to trick victims into installing a purported security application for their bank account on their Android devices. The malicious apps are used to capture SMSs containing authorization codes.

Banking 98

Banking Phishing Social Engineering Authentication 98

SecureList

MAY 27, 2022

The attackers study their victims carefully and use the information they find to frame social engineering attacks. One of the things you can do to protect yourself from advanced mobile spyware is to reboot your device on a daily basis. When opened, this document eventually downloads a backdoor. Other malware.

Phishing 134

Phishing Spyware Firmware Malware 134

Identity IQ

MAY 7, 2021

Social Engineering: Cybercriminals are increasingly using sophisticated social engineering tools to trick people into revealing their login credentials. Spyware can be loaded onto your machine to log all your keystrokes. This includes bulk collections of details stolen in data breaches.

Accountability 105

Accountability Data breaches Passwords Social Engineering 105

SecureWorld News

JULY 27, 2023

Some highlights include: Stealers are primarily sold on cybercrime forums. Mike Parkin, Senior Technical Engineer at Vulcan Cyber, said: "There's no doubt we're seeing more information stealing malware, but there's been an uptick in cybercriminal activity overall.

Malware 85

Malware Social Engineering Passwords Spyware 85

SecureList

NOVEMBER 22, 2022

These are attractive aspects that cybercrime groups will be unable to resist. And not only cybercrime groups, but also state-sponsored groups who have already started targeting this industry. It also offers anonymity to users. In 2022, we observed many other cryptocurrency-related threats potentially costing users millions of dollars.

Cryptocurrency 107

Cryptocurrency Mobile Ransomware Banking 107

Security Affairs

MARCH 27, 2023

Such was related to a worldwide malware operation known as NullMixer, a controversial and widespread malware delivery maneuver based on SEO poisoning and social engineering technique to lure tech-savvy users, including IT personnel.

Malware 98

Malware Social Engineering Encryption Marketing 98

BH Consulting

OCTOBER 6, 2022

Social engineering techniques, such as phishing, target not the systems but the people using them. So with European Cybersecurity Month here, now’s a good time to familiarise ourselves again with a popular cybercrime tactic. After all, it’s called social engineering for a reason. spyware, ransomware).”.

Security Awareness 52

Security Awareness Phishing Scams Social Engineering 52

SecureList

NOVEMBER 1, 2022

In June, we identified a previously unknown Android spyware app that targets Persian-speaking individuals. The spyware itself collects various data from the victims’ devices, such as call logs or lists of contacts. SandStrike is distributed as a means to access resources about the Bahá?í í religion that are banned in Iran.

Malware 145

Malware Ransomware Spyware Encryption 145

Malwarebytes

FEBRUARY 12, 2021

The scammers created those fake identities to redirect traffic away from the adult platforms onto pages showing bogus alerts claiming users were infected with pornographic spyware. This well-known scheme attempts to scare victims into calling so-called technicians for assistance but in fact defrauds them for hundreds of dollars.

Scams 100

Scams Advertising Spyware Mobile 100

SecureList

JULY 27, 2023

Following this, we released the first of a series of additional reports describing the final payload in the infection chain: a highly sophisticated spyware implant that we dubbed “TriangleDB” Operating in memory, this implant periodically communicates with the C2 (command and control) infrastructure to receive commands.

Malware 98

Malware Government Phishing Social Engineering 98

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM).

Spyware 125

Spyware Malware Hacking Cybercrime 125

Heimadal Security

APRIL 8, 2022

Hamas-linked cybercrime organization dubbed ‘APT-C-23’ was noticed catfishing Israeli officials working in defense, law, enforcement, and government institutions, resulting in the deployment of new malware. Experts at security […].

Hacking 89

Hacking Social Engineering Spyware Cybercrime 89

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. We also found some overlaps in these sets of activities with HAFNIUM in terms of infrastructure and TTPs as well as the use of ShadowPad malware during the same timeframe. Final thoughts.

Malware 145

Malware Government Spyware Social Engineering 145

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. Let’s start by looking at the predictions we made for 2021.

Mobile 145

Mobile Surveillance Ransomware Government 145

eSecurity Planet

OCTOBER 21, 2022

From ransomware attacks locking businesses out of their data until they pay potentially millions of dollars to spyware tracking users’ every move through their infected device, the effects of malware can be devastating. Types of spyware are often classified based on what information they’re gathering. Need More Intel on Rootkits?

Malware 75

Malware Adware Spyware Antivirus 75

SecureList

NOVEMBER 14, 2023

This politician became the target of a previously undiscovered “zero-day” attack aimed at infecting his phone with spyware. They advertise on dark web platforms and employ various techniques, including malware, phishing, and other social engineering methods.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureList

NOVEMBER 10, 2021

Looking for alternative sources to download a streaming app or an episode of a show, users often discover various types of malware, including Trojans, spyware and backdoors, as well as naughty applications, such as adware. When discussing streaming-related threats, it is crucial to talk about malware and unwanted software.

Phishing 128

Phishing Accountability Malware Adware 128

SecureList

OCTOBER 26, 2021

Historically, Lazarus used MATA to attack various industries for cybercrime-like intentions: stealing customer databases and spreading ransomware. Historically, its Windows implant was represented by a single-stage spyware installer. Southeast Asia and Korean Peninsula. This version was detected and researched several times up to 2018.

Malware 145

Malware Government Surveillance Spyware 145

BH Consulting

NOVEMBER 15, 2022

He argued that security works when it costs €100,000 for spyware to hack into a politician’s iPhone. Detective Inspector Gerard Doyle of the Garda Siochana National Cybercrime Bureau urged victims not to pay the ransom. Sharon Conheady’s entertaining talk explored the ethical side of social engineering.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

Herjavec Group

AUGUST 26, 2021

We can learn a lot from the cybercrime of the past…the history of cybercrime is a glimpse into what we can expect in the future. In the past 18 months, we’ve experienced the beginning of an era that has seen cybersecurity and cybercrime at the center of it all. Dateline Cybercrime . Robert Herjavec.

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135

Security Affairs

JULY 21, 2024

Threat actors attempted to capitalize CrowdStrike incident Russian nationals plead guilty to participating in the LockBit ransomware group MediSecure data breach impacted 12.9 Threat actors attempted to capitalize CrowdStrike incident Russian nationals plead guilty to participating in the LockBit ransomware group MediSecure data breach impacted 12.9

Data breaches 119

Data breaches Cybercrime Social Engineering Ransomware 119

Security Affairs

JULY 21, 2024

Threat actors attempted to capitalize CrowdStrike incident Russian nationals plead guilty to participating in the LockBit ransomware group MediSecure data breach impacted 12.9 Threat actors attempted to capitalize CrowdStrike incident Russian nationals plead guilty to participating in the LockBit ransomware group MediSecure data breach impacted 12.9

Data breaches 98

Data breaches Cybercrime Social Engineering Ransomware 98