Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 66

Government Cyber threats Malware Phishing 66

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Artificial Intelligence DNS Ransomware 63

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 136

Government Phishing Malware Banking 136

Security Affairs

NOVEMBER 2, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti. Researchers observed the attackers monitoring network communications and stealing credentials from the victims.

Firmware 119

Firmware Government Firewall Malware 119

Security Affairs

MARCH 27, 2025

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. ” reads the alert published by Malwarebytes.

Malware 66

Malware Data collection Advertising Media 66

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. In March 2025, threat actors distributed archived messages through Signal.

Computers and Electronics 106

Computers and Electronics Telecommunications Malware Surveillance 106

Security Affairs

NOVEMBER 10, 2024

The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers. Hackers linked to the Chinese government have broken into a handful of U.S. The Consumer Financial Protection Bureau (CFPB) is a U.S.

Hacking 128

Hacking Internet Internet Government 128

Security Affairs

APRIL 4, 2025

. “The Ukrainian government’s computer emergency response team, CERT-UA, is taking systematic measures to accumulate and analyze data on cyber incidents in order to provide up-to-date information on cyber threats.” ” reads the report published by CERT-UA.

Malware 72

Malware Cyber threats Government Hacking 72

The Last Watchdog

DECEMBER 18, 2024

state privacy laws, the EUs governance of ethical AI deployment, and updated regulations in India and Japan. The SEC Cybersecurity Disclosure Rule highlights transparency in governance. Seara Jose Seara , CEO, DeNexus Recent regulatory updates highlight a shift toward robust cyber risk governance, requiring organizations to adapt.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 115

Data breaches Cybercrime Cyber Insurance Marketing 115

Security Affairs

AUGUST 18, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 128

Malware Social Engineering Ransomware Government 128

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. .”

Government 135

Government Phishing Hacking Malware 135

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 115

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 115

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture 106

Architecture Internet Internet Malware 106

Security Affairs

OCTOBER 9, 2024

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. The threat actor continues to target Russian government entities and enterprises. This campaign highlights the group’s continued efforts to refine their remote access strategies.

Government 119

Government Malware Phishing Hacking 119

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. government neutralized the Volt Typhoon botnet taking over its C2 and deleting the bot from infected devices.

VPN 121

VPN Government Malware Manufacturing 121

Security Affairs

APRIL 7, 2025

In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data Requests (EDRs) to major online platforms.

Cybercrime 137

Cybercrime Social Engineering Accountability Government 137

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. appeared first on Security Affairs. ” concludes Palo Alto Networks.

Government 132

Government Manufacturing Education Malware 132

Security Affairs

DECEMBER 26, 2024

Japan Airlines confirmed that its systems were not infected with malware and no customer data was leaked. ” Chief Cabinet Secretary Yoshimasa Hayashi, the top government spokesman, said at a press conference. . ” Chief Cabinet Secretary Yoshimasa Hayashi, the top government spokesman, said at a press conference.

Cyber Attacks 119

Cyber Attacks DDOS Government Hacking 119

Security Affairs

NOVEMBER 19, 2024

Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates. The attacks were observed as recently as February 2024, they targeted government, education, emergency services, healthcare, and other critical infrastructure sectors. Barron for the District of Maryland.

Cybercrime 113

Cybercrime Ransomware Healthcare Education 113

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. Data belonging to current and former Government of Canada employees, members of the Canadian Armed Forces and Royal Canadian Mounted Police personnel have been also exposed. Both contractors suffered a security breach in October.

Data breaches 136

Data breaches Government Hacking Backups 136

Security Affairs

SEPTEMBER 15, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 118

Malware Spyware Banking Ransomware 118

Security Affairs

JULY 7, 2024

Today marks the launch of the Security Affairs newsletter, specializing in Malware. Each week, it will feature a collection of the best articles and research on malware. This newsletter complements the weekly one you already receive.

Malware 118

Malware Spyware Cybercrime Ransomware 118

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. ” Microsoft Threat Intelligence team identified two samples of the Tickler malware in compromised environments as recently as July 2024. dll to execute its functions.

Malware 127

Malware Social Engineering Education Government 127

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware 138

Malware Banking Accountability Phishing 138

Security Affairs

SEPTEMBER 8, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 113

Malware Insurance Ransomware Government 113

Security Affairs

MAY 22, 2024

A threat actor is targeting organizations in Africa and the Middle East by exploiting Microsoft Exchange Server flaws to deliver malware. Further investigation allowed to identify over 30 victims in multiple countries, most of whom were linked to government agencies. The keylogger was used to collect account credentials.

Malware 136

Malware Accountability Technology Internet 136

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and credential-harvesting web pages.

Malware 140

Malware Phishing Surveillance Internet 140

Security Affairs

FEBRUARY 2, 2024

The Computer Emergency Response Team in Ukraine (CERT-UA) reported that a PurpleFox malware campaign had already infected at least 2,000 computers in the country. Experts defined DirtyMoe as a complex malware that has been designed as a modular system. ” reads the alert published by CERT-UA.

Malware 134

Malware Internet Internet DDOS 134

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. The software was delivered through fraudulent updates, drive-by downloads, malware loaders (i.e.

Education 135

Education Government Business Services Software 135

Security Affairs

MARCH 18, 2024

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information.

Data breaches 134

Data breaches Malware Technology Hacking 134

Security Affairs

DECEMBER 3, 2023

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. The malware was used in attacks against multiple industries, including education, real estate, retail, non-profit organizations, telecom companies, and governments.

Malware 143

Malware DNS Retail Education 143

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Malware 129

Malware Authentication Government Threat Detection 129

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 110

Cryptocurrency Malware Hacking Ransomware 110

Joseph Steinberg

APRIL 21, 2022

It is no secret that cybersecurity professionals universally recommend that people, businesses, and governments employ strong encryption as one of several methods of protecting sensitive information.

Encryption 362

Encryption Cybersecurity Artificial Intelligence Backups 362

Security Affairs

APRIL 8, 2025

In February, Meta announced that it had discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). Researchers linked Paragon to several IP addresses hosted at local telecoms, suggesting they belong to government customers.

Spyware 114

Spyware Media Surveillance Hacking 114

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. When opened, they execute PowerShell or Mshta to download malware like PebbleDash and RDP Wrapper, to control the infected systems.

Phishing 87

Phishing Malware Security Intelligence Hacking 87