Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. In September 2024, Ukraines National Coordination Centre for Cybersecurity (NCCC) banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

JANUARY 16, 2025

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection.

Accountability 121

Accountability Phishing Government Hacking 121

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. commercial and government interests.

Hacking 299

Hacking Identity Theft Government Phishing 299

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 137

Government Phishing Malware Banking 137

Schneier on Security

JUNE 19, 2020

Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents.

Hacking 216

Hacking Phishing Accountability Government 216

Security Affairs

SEPTEMBER 17, 2024

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to target employees of NASA, the U.S. Air Force, Navy, Army, and the FAA. Air Force, Navy, Army, and the FAA.”

Phishing 132

Phishing Government Identity Theft Engineering 132

Krebs on Security

NOVEMBER 5, 2024

Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. On May 2, 2024, Judische claimed on the fraud-focused Telegram channel Star Chat that they had hacked Santander Bank , one of the first known Snowflake victims. government agencies and first responders. “Negotiate a deal in Telegram.”

Cybercrime 274

Cybercrime Mobile Media Hacking 274

SecureWorld News

NOVEMBER 2, 2022

New research from Lookout reveals the most common mobile threats aimed at federal, state, and local government agencies and their employees—all of which have increased since 2021. One in eight government employees were exposed to phishing threats. Federal workers have more restrictions on BYOD devices.

Mobile 114

Mobile Government Phishing Risk 114

Heimadal Security

APRIL 18, 2022

More Information about the IcedID Phishing Attacks According to the agency, the IcedID phishing attacks are linked to […]. The post IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government appeared first on Heimdal Security Blog.

Government 131

Government Social Engineering Malware Hacking 131

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams 129

Scams Phishing Government Passwords 129

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 67

Government Cyber threats Malware Phishing 67

Security Boulevard

FEBRUARY 10, 2023

Reddit got hacked with a “sophisticated” spear phishing attack. The post Reddit Hacked — 2FA is no Phishing Phix appeared first on Security Boulevard. The individual victim was an employee who clicked the wrong email link.

Phishing 111

Phishing Hacking Social Engineering CISO 111

Krebs on Security

APRIL 15, 2020

Mark Rogers , one of several people helping to manage the CTI League’s efforts, told Reuters the top priority of the group is working to combat hacks against medical facilities and other frontline responders to the pandemic, as well as helping defend communication networks and services that have become essential as more people work from home.

Cybersecurity 340

Cybersecurity Cyber threats Government Phishing 340

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. The Chinese government is well known for its censorship– and frequent harassment and intimidation of foreign journalists. Related: How China challenged Google in Operation Aurora.

Hacking 243

Hacking Passwords Internet Internet 243

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. The infrastructure that the US government relies to communicate on is made up of the same private sector systems that everybody else uses.

Encryption 142

Encryption Identity Theft Media Telecommunications 142

Bleeping Computer

JULY 3, 2024

FIA (Fédération Internationale de l'Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack. [.]

Government 101

Government Data breaches Hacking Phishing 101

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. .”

Government 136

Government Phishing Hacking Malware 136

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 145

Phishing Accountability Hacking Scams 145

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the third campaign, threat actors targeted the Rostec defense conglomerate, the phishing messages used build_rosteh4.exe SecurityAffairs – hacking, Unknown APT group). exe for its malware. Pierluigi Paganini.

Government 129

Government Malware Phishing Hacking 129

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 9, 2024, U.S. On July 28 and again on Aug.

Social Engineering 356

Social Engineering Mobile Passwords Cybercrime 356

CyberSecurity Insiders

JANUARY 25, 2023

United States Cybersecurity and Infrastructure Security Agency (CISA) along with two other agencies; National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a warning to federal agencies against a phishing scam taking place through Remote Monitoring and Management (RMM) Software.

Scams 134

Scams Software Phishing Social Engineering 134

Security Boulevard

JULY 16, 2024

DeFAIL: Cryptocurrency fans lose their worthless tokens via phishing attacks on decen­tral­ized finance sites. The post Squarespace Hacked — DeFi Wallets Drained (Imaginary Money Stolen) appeared first on Security Boulevard.

Hacking 131

Hacking Cryptocurrency Phishing Social Engineering 131

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government 139

Government Authentication Phishing Hacking 139

The Last Watchdog

JUNE 21, 2020

Related: What local government can do to repel ransomware Ransomware came into existence in 1989 as a primitive program dubbed the AIDS Trojan that was spreading via 5.25-inch The logic of the raid mainly comes down to using unsecured RDP ports or spear-phishing to infiltrate networks and gain a foothold in them. inch diskettes.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time. Phishing site with chat support.

Scams 134

Scams Phishing Social Engineering Banking 134

eSecurity Planet

SEPTEMBER 3, 2021

Cybercriminals are using Salesforce’s mass email service to dupe people into handing over credit card numbers, credentials and other personal information in a novel phishing campaign that highlights the threats to corporate networks that can come from whitelisted email addresses. Therein lies a key issue raised by the phishing campaign.

Phishing 142

Phishing Architecture Education Marketing 142

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. According to Mandiant, starting as early as October 10, 2022, the UNC4841 group sent spear-phishing emails to victim organizations. reads the report published by Mandiant. At the end of July, the U.S.

Government 124

Government Hacking Malware Accountability 124

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises. Kaspersky shared Indicators of compromise (IoCs) for the recent attacks.

Government 120

Government Malware Phishing Hacking 120

The Last Watchdog

DECEMBER 20, 2021

Earlier in the year, there was an attempted hack of a water treatment facility in Oldsmar, Florida. While the entire threat of killware is new, regulators and enforcers responded with salient advise focused on water systems and the vulnerabilities of spear phishing as a viable way bad actors gain access for killware attacks.

Malware 256

Malware Phishing Technology Ransomware 256

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. The IT giant recommends training users about phishing and employing attack surface reduction rules. LNK shortcut files, disguised as Office documents.

Phishing 86

Phishing Malware Security Intelligence Hacking 86

Security Affairs

MARCH 2, 2024

government and defense entities. Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. private sector and government computer systems,” said Assistant Attorney General Matthew G. defense contractors and private companies. Targeted entities include the U.S.

Hacking 137

Hacking Identity Theft Social Engineering Accountability 137

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. This communication plan should specify how governing bodies will stay informed should there be a data breach as well as. Related: Using employees as human sensors.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

JUNE 19, 2021

The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation. Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ? Pierluigi Paganini.

Hacking 144

Hacking VPN Internet Internet 144

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. reads the joint advisory.

Ransomware 142

Ransomware Hacking Engineering Manufacturing 142

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware 138

Ransomware Hacking Manufacturing Healthcare 138

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Here’s what I took away from our discussion: Transient hacks. This quickly gets intricately technical. Branching attacks.

Hacking 212

Hacking Energy and Utilities System Administration Accountability 212