Krebs on Security

NOVEMBER 26, 2018

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “[link].

Phishing 279

Phishing Scams Cryptocurrency Internet 279

Security Affairs

SEPTEMBER 24, 2024

HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligence services and used to deliver the AsyncRAT malware.

Artificial Intelligence 133

Artificial Intelligence Malware Phishing Encryption 133

Security Affairs

JANUARY 12, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 59

Malware Scams Phishing Encryption 59

Tech Republic Security

APRIL 17, 2023

New cloud-focused credential harvester available on encrypted messaging service Telegram is part of a trend of Python scrapers making it easier to bait multiple phishing hooks. The post Credential harvesting malware appears on deep web appeared first on TechRepublic.

Malware 175

Malware Phishing Encryption Mobile 175

Security Affairs

JANUARY 10, 2025

Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures.

Malware 120

Malware Advertising Antivirus Cybercrime 120

SecureWorld News

OCTOBER 31, 2024

From zombie botnets to phishing phantoms, these threats might sound like campfire tales, but they're some of the most sinister forces in cybersecurity today. Phishing phantoms: masters of disguise Phishing scams have become more sophisticated. Like a phantom in disguise, a phishing attack can appear harmless—until it's too late.

IoT 120

IoT Phishing DDOS Backups 120

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic.

Encryption 145

Encryption Malware Ransomware Firewall 145

Krebs on Security

AUGUST 9, 2019

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. “For these infections hackers take sometimes days, weeks, or even months to encrypt your data.”

Phishing 228

Phishing Backups Ransomware Encryption 228

Security Affairs

JANUARY 5, 2025

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. The backdoor is distributed through: Phishing emails with themes such as code of conduct to trick users into downloading the malware.

Malware 130

Malware Encryption Phishing Hacking 130

eSecurity Planet

NOVEMBER 6, 2024

Attackers can steal your cookies through phishing, malware, and MITM attacks, leading to data theft, financial loss, and identity theft. Initial Attack Vector Attackers might send phishing emails or create fake websites. Let’s take a closer look at the process. How Do You Prevent It?

Identity Theft 110

Identity Theft Passwords Phishing Accountability 110

SecureList

JUNE 22, 2023

We wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. The attackers target German-speaking companies in the DACH region.

Phishing 132

Phishing Encryption Cybercrime Ransomware 132

SecureWorld News

FEBRUARY 20, 2025

Ghost ransomware actors, identified as operating from China, have been targeting unpatched systems and stolen credentials to infiltrate networks, encrypt data, and demand ransom payments. Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts. Use Privileged Access Management (PAM) solutions.

Ransomware 112

Ransomware IoT Encryption Social Engineering 112

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 331

Antivirus VPN Encryption Malware 331

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. “Don’t pay,” the agent said.

Ransomware 353

Ransomware Encryption Backups Manufacturing 353

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

Schneier on Security

AUGUST 30, 2019

The paper: " Practical Enclave Malware with Intel SGX.". In particular, it is unclear to what extent enclave malware could harm a system. In this work, we practically demonstrate the first enclave malware which fully and stealthily impersonates its host application. The results are predictable.

Malware 256

Malware Architecture Encryption Phishing 256

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. ” reads the analysis published by Google TAG.

Accountability 144

Accountability Malware Phishing Social Engineering 144

The Last Watchdog

DECEMBER 18, 2024

Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. While fully agentic AI malware remains years away, the industry must prepare now.

Risk 173

Risk Threat Detection Technology Phishing 173

Hacker Combat

MAY 10, 2022

Phishing emails are one way to do it. A researcher has demonstrated how a vulnerability common to several ransomware families can help take control of the malware and stop it from encrypting files on infected devices. Malvuln is a project developed by the researcher that catalogs vulnerabilities uncovered in various malware.

Encryption 132

Encryption Ransomware Malware Cyber Attacks 132

The Last Watchdog

JUNE 2, 2021

They outlined why something called attribute-based encryption, or ABE, has emerged as the basis for a new form of agile cryptography that we will need in order to kick digital transformation into high gear. PKI is the authentication and encryption framework on which the Internet is built. Attribute-based access.

Encryption 176

Encryption Artificial Intelligence IoT Data collection 176

eSecurity Planet

DECEMBER 4, 2024

With cyberattacks on operating systems, applications, and networks becoming more sophisticated, the tech giant formulated a strategy to enhance the protection of Windows systems, focusing strongly on phishing attacks. Data Protection Windows 11 Enterprise introduced a new Personal Data Encryption feature.

Encryption 108

Encryption Phishing Passwords Authentication 108

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. The ZIP archives contain a compressed executable payload that, if executed, will start the encryption process with LockBit Black ransomware. com,” and “Jenny[@]gsd[.]com.”

Phishing 132

Phishing Ransomware Security Awareness Authentication 132

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 124

Malware Antivirus Software Passwords 124

Malwarebytes

JANUARY 20, 2025

Welcome to 2025 Stay safe!

Insurance 73

Insurance Phishing Advertising Malware 73

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing 137

Phishing Scams Education Passwords 137

CyberSecurity Insiders

FEBRUARY 8, 2022

Microsoft has made it official that it has disabled macros across its office products to block malware cyber attacks. The post Microsoft disables macros to curtail Malware Cyber Attacks appeared first on Cybersecurity Insiders.

Cyber Attacks 137

Cyber Attacks Malware Identity Theft Cyber Risk 137

Cisco Security

SEPTEMBER 28, 2021

What does phishing mean? All you see is an alarming screen that shouts, “Your files are encrypted!”. What’s phishing? Phishing is a simple and popular way for hackers trick and hook you. Spear phishing is a special type. Why is there a ‘p’ in phishing? For example, what is ransomware and how does it work?

Phishing 145

Phishing Ransomware Passwords Cryptocurrency 145

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. It combines multiple security capabilities into one easy-to-use package that includes: Antivirus protection Detects and neutralizes viruses, malware , spyware , and ransomware.

Antivirus 72

Antivirus Identity Theft Cyber threats Phishing 72

SecureWorld News

JANUARY 16, 2025

Conducting regular training sessions on recognizing phishing emails, avoiding suspicious downloads, and following cybersecurity protocols can build a resilient workforce. Hackers used compromised credentials to gain access to Colonial Pipeline's network, deploying ransomware that encrypted critical systems.

Energy and Utilities 109

Energy and Utilities IoT Artificial Intelligence Backups 109

Security Boulevard

SEPTEMBER 10, 2024

Introduction Following the 2024 ThreatLabz Phishing Report, Zscaler ThreatLabz has been closely tracking domains associated with typosquatting and brand impersonation - common techniques used by threat actors to proliferate phishing campaigns. Microsoft and Amazon followed closely behind. Online Shopping websites, accounting for 22.3%

Phishing 111

Phishing Accountability Malware Encryption 111

IT Security Guru

JANUARY 30, 2025

Common Cyber Attacks On Spread Betting Platforms Phishing Attacks Hackers send fake emails or messages that are made to look official to unsuspecting users. Malware Infections Malware is simply dangerous programs installed on devices through suspicious downloads or links. They are like a secret code between your device (e.g.,

Cyber Risk 95

Cyber Risk Risk Penetration Testing Accountability 95

SecureList

MARCH 31, 2022

This malware is a full-featured backdoor containing sufficient capabilities to control the compromised victim. The malware operator exclusively used compromised web servers located in South Korea for this attack. Then, the spawned malware overwrites the legitimate application with the Trojanized application. Backdoor creation.

Malware 143

Malware Encryption Cryptocurrency Architecture 143

SecureList

FEBRUARY 21, 2025

Technical details Initial attack vector The initial attack vector used by Angry Likho consists of standardized spear-phishing emails with various attachments. Contents of spear-phishing email inviting the victim to join a videoconference The archive includes two malicious LNK files and a legitimate bait file. averageorganicfallfaw[.]shop

Phishing 83

Phishing Encryption Banking Malware 83

Security Affairs

NOVEMBER 19, 2024

Ptitsyn reportedly sold the ransomware on darknet forums under aliases like “derxan” and “zimmermanx,” enabling other criminals to encrypt data and demand ransom. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates.

Cybercrime 115

Cybercrime Ransomware Healthcare Education 115

SecureList

NOVEMBER 28, 2024

However, P8 contains many built-in functions and redesigns of the communication protocol and encryption algorithm, making it a well-designed and powerful espionage platform. Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails.

Malware 115

Malware Government Software Spyware 115

Security Affairs

MARCH 13, 2025

. “The Medusa ransomware variant is unrelated to the MedusaLocker variant and the Medusa mobile malware variant per the FBIs investigation.” The group’s affiliates gain access to victims using phishing campaigns to steal credentials and exploiting unpatched software vulnerabilities.

Ransomware 70

Ransomware Encryption Cryptocurrency Insurance 70

Malwarebytes

AUGUST 3, 2022

We believe that these archive files have been distributed using spear phishing emails. Before initialization, the malware effectively suppresses all error reporting by calling SetErrorMode with 0x8007 as parameter. The malware communicates with its C2 using HTTP requests. Data encryption with HTTP requests. Archive files.

Malware 130

Malware Encryption Antivirus Architecture 130