Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Artificial Intelligence DNS Ransomware 63

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 137

Government Phishing Malware Banking 137

Security Affairs

MARCH 27, 2025

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. ” reads the alert published by Malwarebytes.

Malware 67

Malware Data collection Advertising Media 67

Security Affairs

NOVEMBER 2, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti. Researchers observed the attackers monitoring network communications and stealing credentials from the victims.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

NOVEMBER 10, 2024

The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers. Hackers linked to the Chinese government have broken into a handful of U.S. The Consumer Financial Protection Bureau (CFPB) is a U.S.

Hacking 129

Hacking Internet Internet Government 129

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. In March 2025, threat actors distributed archived messages through Signal.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107

Security Affairs

AUGUST 18, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 129

Malware Social Engineering Ransomware Government 129

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. .”

Government 136

Government Phishing Hacking Malware 136

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 115

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 115

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises. This campaign highlights the group’s continued efforts to refine their remote access strategies.

Government 120

Government Malware Phishing Hacking 120

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

VPN 121

VPN Government Malware Manufacturing 121

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. appeared first on Security Affairs. ” concludes Palo Alto Networks.

Government 133

Government Manufacturing Education Malware 133

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “Information sharing is easy to talk about, and hard to do in practice,” Daniel said.

Cybersecurity 340

Cybersecurity Cyber threats Government Phishing 340

Security Affairs

MAY 31, 2022

Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the Costa Rican government that caused a nationwide crisis. The experts warn of ransomware attacks against government organizations. ” continues Cyble. .

Government 145

Government Ransomware Cybercrime Banking 145

Security Affairs

DECEMBER 26, 2024

Japan Airlines confirmed that its systems were not infected with malware and no customer data was leaked. ” Chief Cabinet Secretary Yoshimasa Hayashi, the top government spokesman, said at a press conference. . ” Chief Cabinet Secretary Yoshimasa Hayashi, the top government spokesman, said at a press conference.

Cyber Attacks 120

Cyber Attacks DDOS Government Hacking 120

Security Affairs

NOVEMBER 19, 2024

Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors. Barron for the District of Maryland.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 118

Malware Spyware Banking Ransomware 118

Security Affairs

AUGUST 25, 2022

Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.

Malware 134

Malware Authentication Telecommunications Government 134

Security Affairs

JUNE 6, 2022

Following the attacks of the Killnet Collective, the group responsible for the attacks against major government resources and law enforcement, a new group has been identified called “Cyber Spetsnaz”. The post Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies appeared first on Security Affairs.

Government 145

Government DDOS Cyber Attacks Hacking 145

Security Affairs

JULY 7, 2024

Today marks the launch of the Security Affairs newsletter, specializing in Malware. Each week, it will feature a collection of the best articles and research on malware. This newsletter complements the weekly one you already receive.

Malware 118

Malware Spyware Cybercrime Ransomware 118

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. ” Microsoft Threat Intelligence team identified two samples of the Tickler malware in compromised environments as recently as July 2024. dll to execute its functions.

Malware 128

Malware Social Engineering Education Government 128

Security Affairs

SEPTEMBER 29, 2022

The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. ” reads the analysis published by Cluster25.

Malware 135

Malware Government Hacking Information Security 135

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware 138

Malware Banking Accountability Phishing 138

Security Affairs

SEPTEMBER 8, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 114

Malware Insurance Ransomware Government 114

Security Affairs

MAY 22, 2024

A threat actor is targeting organizations in Africa and the Middle East by exploiting Microsoft Exchange Server flaws to deliver malware. Further investigation allowed to identify over 30 victims in multiple countries, most of whom were linked to government agencies. The keylogger was used to collect account credentials.

Malware 137

Malware Accountability Technology Internet 137

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and credential-harvesting web pages.

Malware 141

Malware Phishing Surveillance Internet 141

Security Affairs

MARCH 16, 2025

A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack, forcing the shutdown of all computers in its government health agency. The Department will issue updates as the situation develops.”

Ransomware 115

Ransomware Government Internet Internet 115

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 135

Malware Internet Internet DDOS 135

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e.

Education 136

Education Government Business Services Software 136

Security Affairs

MARCH 18, 2024

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information.

Data breaches 134

Data breaches Malware Technology Hacking 134

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware 143

Malware DNS Retail Education 143

Joseph Steinberg

APRIL 21, 2022

It is no secret that cybersecurity professionals universally recommend that people, businesses, and governments employ strong encryption as one of several methods of protecting sensitive information.

Encryption 362

Encryption Cybersecurity Artificial Intelligence Backups 362

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The malware is highly obfuscated and disguises itself as system utilities, allowing attackers to perform tasks like file manipulation, command execution, and remote port scanning.

Malware 118

Malware Telecommunications Encryption Hacking 118

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government 106

Government Phishing Accountability VPN 106

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. When opened, they execute PowerShell or Mshta to download malware like PebbleDash and RDP Wrapper, to control the infected systems.

Phishing 86

Phishing Malware Security Intelligence Hacking 86

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. government entities in Belgium, and telecommunications companies in Thailand and Brazil.

Malware 134

Malware Telecommunications Encryption DDOS 134

Security Affairs

FEBRUARY 6, 2024

China-linked APT group breached the Dutch Ministry of Defence last year and installed malware on compromised systems. Dutch Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published a joint report warning that a China-linked APT group breached the Dutch Ministry of Defence last year.

Malware 134

Malware Firmware VPN Backups 134