Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. ” Image: SlowMist.

Malware 294

Malware Cryptocurrency Software Phishing 294

Security Affairs

JULY 30, 2024

The domains and documents employed in the campaign as part of the first stage of the attack suggest threat actors are targeting of Pakistan, Egypt and Sri Lanka. In recent campaign, the threat actors used meticulously crafted documents that appear to be legitimate and familiar to the target.

Phishing 123

Phishing Malware Hacking Information Security 123

Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware. Please download and read the attached encrypted document carefully.

Phishing 279

Phishing Antivirus Scams Malware 279

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 134

Malware Phishing Spyware Cyber threats 134

Tech Republic Security

APRIL 29, 2020

Application Guard for Office and Safe Documents will make phishing attacks harder and the Office experience better for users, starting with Office 365 Pro Plus and E5 licences.

Phishing 196

Phishing Malware 196

The Hacker News

JUNE 21, 2024

Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence.

Malware 118

Malware Scams Phishing Cybersecurity 118

Penetration Testing

AUGUST 29, 2024

Fortinet’s FortiGuard Labs has unearthed a new variant of the notorious Snake Keylogger, delivered through a malicious Excel document in a phishing campaign. This keylogger, also known as “404 Keylogger”... The post New Snake Keylogger Variant Slithers Into Phishing Campaigns appeared first on Cybersecurity News.

Phishing 110

Phishing Cybersecurity Malware 110

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. 16Shop documentation instructing operators on how to deploy the kit. Image: Akamai.com. Image: Akamai. Image: ZeroFox.

Phishing 198

Phishing Passwords Internet Internet 198

Security Affairs

AUGUST 21, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware.

Malware 130

Malware Spyware Phishing Cyber threats 130

Centraleyes

NOVEMBER 7, 2024

Fake copyright infringement notices are sweeping across inboxes globally, hitting hundreds of companies with a new and devious malware campaign. But instead of legal documents, victims are met with a decoy and a hidden malware file.

Phishing 52

Phishing Antivirus Malware Cryptocurrency 52

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing 294

Phishing Scams Banking Mobile 294

Bleeping Computer

AUGUST 30, 2022

Threat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. [.].

Malware 145

Malware Phishing 145

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19.

Phishing 145

Phishing Malware Government Small Business 145

The Hacker News

JANUARY 18, 2024

The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. The lures are

Malware 93

Malware Phishing 93

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware 140

Malware Banking Accountability Phishing 140

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. ” concludes the report.

Phishing 135

Phishing Cyber Attacks Malware Internet 135

Bleeping Computer

AUGUST 23, 2021

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. [.].

Phishing 145

Phishing Malware 145

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Subject lines included “your document” and “photo of you???”. Endpoint Security : Install endpoint security solutions to fortify defenses against malware attacks. 177 and 185[.]215[.]113[.]66.

Phishing 134

Phishing Ransomware Security Awareness Authentication 134

Security Affairs

NOVEMBER 18, 2020

Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users of a large e-commerce platform in Latin America with malware tracked as Chaes.

Phishing 135

Phishing Malware Cryptocurrency Information Security 135

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware 125

Malware Phishing Ransomware Mobile 125

Bleeping Computer

DECEMBER 13, 2021

A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code. [.].

Phishing 135

Phishing Malware 135

Security Affairs

FEBRUARY 27, 2020

Google announced that the new scanning capabilities implemented in Gmail have increased the detection rate of malicious documents. The figures revealed by Google are awesome, the company declared that its malware scanner processes more than 300 billion attachments each week. SecurityAffairs – Gmail, malware).

Malware 143

Malware Advertising Technology Engineering 143

Security Affairs

NOVEMBER 11, 2024

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Upon opening the file, the RCE vulnerability CVE-2017-0199 is exploited.

Phishing 131

Phishing Malware Banking Encryption 131

Heimadal Security

JULY 15, 2022

Researchers have uncovered a new phishing kit that, under the guise of security controls, injects malware into legitimate WordPress sites and uses a fake PayPal-branded social engineering scam to trick targets into handing over their most sensitive data. This data includes government documents, photos, and even financial information.

Phishing 99

Phishing Social Engineering Scams Engineering 99

Adam Levin

JUNE 12, 2020

and global protests of the killing of George Floyd are being used to spread malware according to the cybersecurity non-profit organization abuse.ch. . The Zurich-based group identified a phishing campaign that capitalizes on the Black Lives Matter movement to distribute malware. The documented by Abuse.ch

Malware 167

Malware Banking Phishing Ransomware 167

Security Boulevard

DECEMBER 4, 2023

In the ever-evolving landscape of cybersecurity, a recent discovery sheds light on a new phishing attack being dubbed the Konni malware. Identifying The Konni […] The post Konni Malware Alert: Uncovering The Russian-Language Threat appeared first on TuxCare.

Malware 72

Malware Phishing Cybersecurity Cyber threats 72

Malwarebytes

MARCH 22, 2023

Opening the attachment up reveals a Word document called W-9 form.doc This file’s size is 548,164 KB (548 MB), which is very suspicious. You won’t find many genuine Word documents weighing in at 500MB or more. Opening the document quickly becomes a game of Macro-related risk. This is no exception. File early.

Malware 98

Malware Scams Social Engineering Banking 98

Security Affairs

JANUARY 7, 2023

Cyber researchers warn of a modified Zoom app that was used by threat actors in a phishing campaign to deliver the IcedID Malware. Cyble researchers recently uncovered a phishing campaign targeting users of the popular video conferencing and online meeting platform Zoom to deliver the IcedID malware. Pierluigi Paganini.

Malware 98

Malware Phishing Banking Hacking 98

The Hacker News

DECEMBER 20, 2023

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla.

Malware 103

Malware Phishing 103

Malwarebytes

AUGUST 18, 2021

Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. DocuSign is a service that allows people to sign documents in the Cloud. DocuSign is a service that allows people to sign documents in the Cloud. Signing documents electronically saves a lot of paper and time.

Phishing 144

Phishing Password Management Passwords Accountability 144

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? The post Researchers found alleged sensitive documents of NATO and Turkey appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 143

Advertising Manufacturing Hacking Cyber Attacks 143

The Hacker News

JULY 17, 2023

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It

Malware 97

Malware Phishing 97

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 143

Malware Cybercrime Ransomware Phishing 143

The Hacker News

AUGUST 17, 2023

The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29 (aka BlueBravo, Cloaked Ursa, Cozy Bear, Iron Hemlock,

Phishing 91

Phishing Malware 91

Security Affairs

AUGUST 1, 2023

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. ” reads the post published by Proofpoint. ” continues the report.

Malware 98

Malware Phishing Banking Hacking 98

Malwarebytes

JULY 19, 2022

This data includes identification documents, spreadsheets related to Roblox creators, and various email addresses. At time of writing, there’s no specifics with regard to the “identification documents” This could mean driving licence, passport, employee ID scan…we simply don’t know at the moment.

Accountability 90

Accountability Phishing Hacking Ransomware 90

Bleeping Computer

JUNE 7, 2022

A previously unknown malware loader named SVCReady has been discovered in phishing attacks, featuring an unusual way of loading the malware from Word documents onto compromised machines. [.].

Malware 98

Malware Phishing 98