Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US government overall, nor to the US public.”

Phishing 294

Phishing Telecommunications Government DNS 294

SecureList

MARCH 3, 2025

million attacks involving malware, adware or unwanted mobile software were prevented. million malware, adware or unwanted software attacks targeting mobile devices. Some time later, the user received a phishing link to download malware disguised as a shipment tracking app. A total of 1.1 A total of 1.1

Mobile 116

Mobile Malware Adware Banking 116

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Vishing: Also known as voice phishing. What is mishing? and 9%in Brazil.

Phishing 88

Phishing Mobile Social Engineering Data breaches 88

Adam Levin

OCTOBER 8, 2020

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning of an increase in Emotet malware-based phishing attacks on state and local agencies. Emotet is a trojan-style strain of malware that is typically spread via email attachment but can rapidly propagate itself across networks.

Government 208

Government Antivirus Phishing Malware 208

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus 113

Antivirus Malware Cybercrime Identity Theft 113

Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam. In this case, the attackers used Google Play as a trusted source," says Kaspersky researcher Alexey Firsh.

Malware 270

Malware Spyware Phishing Government 270

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware 108

Malware Ransomware Passwords Healthcare 108

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 138

Government Phishing Malware Banking 138

The Hacker News

AUGUST 12, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign that masquerades as the Security Service of Ukraine to distribute malware capable of remote desktop access. More than 100 computers are estimated to have been infected since July 2024, including those related to government bodies in the

Government 134

Government Phishing Malware 134

The Last Watchdog

DECEMBER 20, 2021

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Malware 256

Malware Phishing Technology Ransomware 256

Trend Micro

SEPTEMBER 28, 2023

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware.

Phishing 140

Phishing Malware Government Cyber threats 140

The Hacker News

OCTOBER 16, 2024

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails.

Banking 133

Banking Phishing Malware Retail 133

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. In September 2024, Ukraines National Coordination Centre for Cybersecurity (NCCC) banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Malwarebytes

MARCH 19, 2025

” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same underlying goalto manipulate people into giving away their personal information, orworsetheir hard-earned cash. .” ” “482 Spots Remaining! gov domains).

Scams 90

Scams Government Identity Theft Social Engineering 90

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. Generic Trojan.Win64.Agent

Malware 127

Malware Education Technology Media 127

SecureList

MARCH 10, 2025

Last year, we published an article about SideWinder , a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. Once their tools are identified, they respond by generating a new and modified version of the malware, often in under five hours.

Energy and Utilities 112

Energy and Utilities Malware Government Phishing 112

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 67

Government Cyber threats Malware Phishing 67

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Cisco Security

AUGUST 28, 2024

Cisco Umbrella for Government up-levels government cybersecurity with protection against phishing, malware, ransomware and data loss from cyberattacks. Cisco Umbrella for Government up-levels government cybersecurity with protection against phishing, malware, ransomware and data loss from cyberattacks.

Government 106

Government Phishing Ransomware Malware 106

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

The Last Watchdog

FEBRUARY 4, 2025

These sprawling identities, exposed through breaches, infostealer infections, and phishing attacks, create shadow data that traditional tools simply cant address. SpyCloud , a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection.

Cybercrime 124

Cybercrime Accountability Phishing Malware 124

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing 141

Phishing Malware Computers and Electronics Internet 141

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

DNS 331

DNS Internet Internet Phishing 331

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Hacking 310

Hacking Malware Ransomware Government 310

Krebs on Security

APRIL 15, 2020

. “The group is also using its web of contacts in internet infrastructure providers to squash garden-variety phishing attacks and another financial crime that is using the fear of COVID-19 or the desire for information on it to trick regular internet users,” wrote Reuters’ Joe Menn. ” SURVIVING THE PANDEMIC. .

Cybersecurity 342

Cybersecurity Cyber threats Government Phishing 342

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 329

Phishing Telecommunications Malware Scams 329

The Hacker News

NOVEMBER 20, 2023

Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT.

Government 139

Government Business Services Education Phishing 139

The Hacker News

DECEMBER 22, 2023

Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE.

Government 105

Government Malware Engineering Encryption 105

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day.

Antivirus 363

Antivirus Hacking Software Government 363

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. While fully agentic AI malware remains years away, the industry must prepare now. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities.

Risk 173

Risk Threat Detection Technology Phishing 173

Krebs on Security

NOVEMBER 5, 2024

government agencies and first responders. Special Operations Command (PDF), demanding that the government turn over information collected about him and seeking restitution for his alleged kidnapping at the hands of the CIA. “Most of my ops involve malware [because] credential access burns too fast,” Judische explained.

Cybercrime 277

Cybercrime Mobile Media Hacking 277

SecureWorld News

FEBRUARY 25, 2025

Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. From the report: "Generative AI is being used to create highly convincing phishing emails, fake voices, and even deepfake videosmaking social engineering attacks more difficult to detect.

Cybersecurity 95

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 95

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. The IT giant recommends training users about phishing and employing attack surface reduction rules. LNK shortcut files, disguised as Office documents.

Phishing 87

Phishing Malware Security Intelligence Hacking 87

SecureList

NOVEMBER 28, 2024

Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails. The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments.

Malware 117

Malware Government Software Spyware 117

The Hacker News

JULY 23, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY.

Malware 133

Malware Phishing Government 133

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. The infrastructure that the US government relies to communicate on is made up of the same private sector systems that everybody else uses.

Encryption 141

Encryption Identity Theft Media Telecommunications 141

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. .”

Government 137

Government Phishing Hacking Malware 137