Security Affairs

NOVEMBER 25, 2021

The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. “The adversary might be tied to Iran’s Islamic regime since the Telegram surveillance usage is typical of Iran’s threat actors like Infy, Ferocious Kitten, and Rampant Kitten. fn= hxxp://hr.dedyn.io/upload2.aspx

Surveillance 111

Surveillance Social Engineering Ransomware Cybercrime 111

Krebs on Security

NOVEMBER 6, 2018

The force was originally created to tackle a range of cybercrimes, but Tarazi says SIM swappers are a primary target now for two reasons. Two months earlier, the task force was instrumental in apprehending 20-year-old Joel Ortiz , a Boston man suspected of stealing millions of dollars in cryptocoins with the help of SIM swaps.

Mobile 268

Mobile Cryptocurrency Accountability Passwords 268

SecureList

APRIL 27, 2021

The group’s operations were exposed in 2018, showing that it was conducting surveillance attacks against individuals in the Middle East. Interestingly, some of the TTPs used by this threat actor are reminiscent of other groups operating in the domain of dissident surveillance. Final thoughts.

Malware 145

Malware Government Spyware Social Engineering 145

Identity IQ

FEBRUARY 8, 2024

But the dark web is also associated with illegal activities including the trafficking of drugs, weapons, and illegal pornography, hacking and cybercrime, terrorism, and the sale of stolen data or personal information. Surveillance and monitoring initiatives that enable authorities to track and identify individuals on the dark web.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

SecureList

NOVEMBER 14, 2023

A creative avenue for threat actors is to expand their surveillance efforts to include devices such as smart home cameras, connected car systems and beyond. They advertise on dark web platforms and employ various techniques, including malware, phishing, and other social engineering methods.

Hacking 140

Hacking Energy and Utilities Media Malware 140

Krebs on Security

MARCH 29, 2022

In a blog post about their recent hack, Microsoft said LAPSUS$ succeeded against its targets through a combination of low-tech attacks, mostly involving old-fashioned social engineering — such as bribing employees at or contractors for the target organization. ” The price: $100 to $250 per request.

Accountability 296

Accountability Government Hacking Social Engineering 296

SecureList

NOVEMBER 17, 2021

Last year, we foresaw the APT and cybercrime worlds becoming more porous on an operational level. This year, the use of surveillance software developed by private vendors has come under the spotlight, as discussed above. Let’s start by looking at the predictions we made for 2021. And now, we turn our attention to the future.

Mobile 145

Mobile Surveillance Ransomware Government 145

Security Affairs

SEPTEMBER 29, 2024

CISA adds new Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw International law enforcement operation dismantled criminal communication platform Ghost U.S.

Hacking 116

Hacking Ransomware Antivirus Cybercrime 116

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. In this quarter we focused on researching and dismantling surveillance frameworks following malicious activities we detected.

Malware 145

Malware Government Surveillance Spyware 145

SecureList

JULY 29, 2021

For further surveillance of the victim, the malware operator may also deploy additional tools. APT groups mainly use social engineering to gain an initial foothold in a target network. The injected payload creates a persistent backdoor on the victim’s machine. We observed several types of backdoor. Final thoughts.

Malware 145

Malware Phishing Password Management Social Engineering 145

SecureList

APRIL 27, 2022

While the TTPs of some threat actors remain consistent over time, relying heavily on social engineering as a means of gaining a foothold in a target organization or compromising an individual’s device, others refresh their toolsets and extend the scope of their activities. Final thoughts.

Malware 145

Malware Firmware Government Phishing 145

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. In its most recent wave of attacks, BlindEagle has once again adapted, embracing yet another open-source RAT, Agent Tesla.

Government 140

Government Malware VPN Manufacturing 140

eSecurity Planet

OCTOBER 21, 2022

The method of infection can vary from attack to attack and can include social engineering strategies, such as phishing and email spoofing , or a fraudulent website masquerading as legitimate, among others. It’s one of the most infectious forms of malware out there.

Malware 75

Malware Adware Spyware Antivirus 75

eSecurity Planet

DECEMBER 19, 2023

Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. AI-Powered Cybercrime Despite the advancements in using AI to improve security, cybercriminals also have access to AI and LLMs.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

Jane Frankland

JANUARY 12, 2025

Threat Actors Cybersecurity threats are growing more complex and persistent, driven by the heightened activities of nation-state actors and increasingly sophisticated cybercrime groups. Organised Cybercrime Groups Up Their Game Cybercriminals arent resting on old tactics with cybercrime expected to hit $12 trillion in 2025.

Cybersecurity 130

Cybersecurity CISO Insurance IoT 130

Security Affairs

OCTOBER 27, 2024

CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812 Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment Internet Archive was breached twice in a month Unknown threat actors exploit Roundcube Webmail flaw (..)

Data breaches 120

Data breaches Healthcare Cybercrime Social Engineering 120