Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. 16Shop documentation instructing operators on how to deploy the kit. Image: Akamai.com. Image: Akamai. Image: ZeroFox.

Phishing 200

Phishing Passwords Internet Internet 200

Malwarebytes

DECEMBER 3, 2024

Some of the records that were found included: Identification documents including passports, which contain information like full names, dates of birth, passport numbers, and other information cybercriminals love to get their hands on.

Identity Theft 141

Identity Theft Education Risk Phishing 141

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption 140

Encryption Malware Phishing Hacking 140

The Hacker News

MARCH 17, 2024

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.

Phishing 143

Phishing Government 143

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. 31 that uses Linkedin.com links to redirect anyone who clicks to a site that spoofs Adobe , and then prompts users to log in to their Microsoft email account to view a shared document. Here’s one example from Jan.

Phishing 347

Phishing Marketing Scams Accountability 347

The Hacker News

SEPTEMBER 12, 2023

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A

Phishing 144

Phishing 144

Krebs on Security

AUGUST 14, 2020

The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. for phishing scams that resulted in the compromise of millions of email accounts. for phishing scams that resulted in the compromise of millions of email accounts. Nigerian Kolade Ojelade gets 26 years in U.S. ” reads the press release published by DoJ.

Scams 132

Scams Phishing Identity Theft Accountability 132

The Hacker News

DECEMBER 22, 2023

A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language.

Malware 110

Malware Engineering Phishing 110

Schneier on Security

FEBRUARY 28, 2020

It's challenging to tell the difference between legitimate documents in all their infinite variations and those that have specifically been manipulated to conceal something dangerous. Google says that 63 percent of the malicious documents it blocks each day are different than the ones its systems flagged the day before.

Phishing 332

Phishing Malware 332

Security Affairs

JULY 30, 2024

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. ” reads the report published by Trellix.

Phishing 144

Phishing DNS Social Engineering Engineering 144

Schneier on Security

FEBRUARY 11, 2022

It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event. Over 30,000 machines were running Windows 7 (out of support since January 2020).

Antivirus 318

Antivirus Hacking Ransomware CISO 318

Security Affairs

JULY 30, 2024

The domains and documents employed in the campaign as part of the first stage of the attack suggest threat actors are targeting of Pakistan, Egypt and Sri Lanka. In recent campaign, the threat actors used meticulously crafted documents that appear to be legitimate and familiar to the target.

Phishing 130

Phishing Malware Hacking Information Security 130

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. ” concludes the report.

Phishing 139

Phishing Cyber Attacks Malware Internet 139

Penetration Testing

AUGUST 29, 2024

Fortinet’s FortiGuard Labs has unearthed a new variant of the notorious Snake Keylogger, delivered through a malicious Excel document in a phishing campaign. This keylogger, also known as “404 Keylogger”... The post New Snake Keylogger Variant Slithers Into Phishing Campaigns appeared first on Cybersecurity News.

Phishing 114

Phishing Cybersecurity Malware 114

SecureList

MARCH 27, 2023

technologies — the distributed file system IPFS — for email phishing attacks. URL formats can be quite different, for example: [link] [link] Phishing and IPFS In 2022, scammers began actively using IPFS for email phishing attacks. The use of a distributed file system allows attackers to cut back on phishing page hosting costs.

Phishing 140

Phishing Technology Internet Internet 140

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The operation was first documented on OSINT Fans by Gabor Szathmari in October 2020.

Phishing 144

Phishing Cybercrime Advertising Hacking 144

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. CERT-UA discovered multiple phishing attacks aimed at government organizations between December 15 and December 25. file classified as MASEPIE.

Phishing 144

Phishing Malware Computers and Electronics Internet 144

Schneier on Security

JANUARY 28, 2021

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware.

Malware 250

Malware Phishing Ransomware Cybercrime 250

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Subject lines included “your document” and “photo of you???”. Phishing Reporting : Report phishing emails and other malicious cyber activities to relevant authorities like the FBI’s IC3 and the NJCCIC.

Phishing 138

Phishing Ransomware Security Awareness Authentication 138

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. OpenSSH is also used for external access.

Phishing 138

Phishing Cybercrime Manufacturing Hacking 138

Krebs on Security

MAY 24, 2019

NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. He said anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link.

Insurance 279

Insurance Banking Identity Theft Scams 279

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time. Phishing site with chat support.

Scams 137

Scams Phishing Social Engineering Banking 137

Krebs on Security

NOVEMBER 9, 2024

The trouble is, these EDRs largely bypass any official review and do not require the requester to supply any court-approved documents. Others simply sell access to hacked government or police email accounts, and leave it up to the buyer to forge any needed documents. “Unlimited Emergency Data Requests. . Reset as you please.

Hacking 258

Hacking Accountability Government Social Engineering 258

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 87

Phishing Identity Theft Cryptocurrency Cybercrime 87

Schneier on Security

FEBRUARY 7, 2023

In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.

Malware 262

Malware Phishing Cybercrime 262

Krebs on Security

MARCH 7, 2023

The move comes just days after the Dutch registrar was sued by Meta , which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains. ” Image: Interisle Consulting Group, Phishing Landscape 2021, Sept. for Tokelau. Please accept our apologies for the inconvenience.

Phishing 292

Phishing Media Internet Internet 292

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others. Image: Proofpoint.

Accountability 354

Accountability Advertising Passwords Phishing 354

Adam Levin

MARCH 17, 2022

Unfortunately, brackets create opportunities for a wide array of phishing and hacking campaigns, particularly in workplaces where a lot of brackets are distributed. Use online or cloud-based office software for non-sensitive documents. The outcome of over 60 games is wagered on through shared files or online services. .

Cyber threats 229

Cyber threats Phishing Passwords Malware 229

Troy Hunt

SEPTEMBER 25, 2021

Sponsored by: Boxcryptor cloud security: Free end-to-end encryption for your files.

Encryption 275

Encryption Phishing Government 275

Krebs on Security

NOVEMBER 21, 2020

In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.”

Cryptocurrency 363

Cryptocurrency VPN Scams Social Engineering 363

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware. EXE which is responsible for the insertion and editing of equations (OLE objects) in documents. The vulnerability affects the MS Office component EQNEDT32.EXE

Malware 139

Malware Phishing Spyware Cyber threats 139

The Hacker News

DECEMBER 3, 2024

Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses.

Antivirus 143

Antivirus Phishing Software Cybersecurity 143

Krebs on Security

APRIL 9, 2024

.” CVE-2024-29988 is a weakness that allows attackers to bypass Windows SmartScreen , a technology Microsoft designed to provide additional protections for end users against phishing and malware attacks. Adobe has since clarified that its apps won’t use AI to auto-scan your documents, as the original language in its FAQ suggested.

DNS 282

DNS Social Engineering Malware Media 282

Krebs on Security

JUNE 13, 2023

“Gaining access to sensitive and privileged documents, stealing and deleting documents as part of a ransomware attack or replacing real documents with malicious copies to further infect users in the organization.” ” There are at least three other vulnerabilities fixed this month that earned a collective 9.8

Social Engineering 242

Social Engineering System Administration Authentication Internet 242

The Hacker News

JUNE 21, 2024

Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence.

Malware 137

Malware Scams Phishing Cybersecurity 137

Krebs on Security

FEBRUARY 28, 2024

Unfortunately for us, Doug freaked out after deciding he’d been tricked — backing up his important documents, changing his passwords, and then reinstalling macOS on his computer. If you’re approached in a similar scheme, the response from the would-be victim documented in the SlowMist blog post is probably the best.

Malware 309

Malware Cryptocurrency Software Phishing 309