Government and Social Engineering - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Cybersecurity Event Cancelled After Being Hit By Cybercriminals

Joseph Steinberg

OCTOBER 24, 2022

An online cybersecurity event with 2,500 people already logged in had to be cancelled after suspected cybercriminals launched a social engineering attack in the event’s chat window.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Scams

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

Security Affairs

JANUARY 21, 2025

“The Ukrainian government’s computer emergency response team, CERT-UA, has received information about numerous cases of attempts to connect to computers using the AnyDesk program, allegedly on behalf of CERT-UA.” ” reads the advisory published by CERT-UA.

Social Engineering

Social Engineering Scams Engineering Software

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SecureWorld News

FEBRUARY 25, 2025

One of the report's most pressing concerns is the role of Generative AI in social engineering attacks. From the report: "Generative AI is being used to create highly convincing phishing emails, fake voices, and even deepfake videosmaking social engineering attacks more difficult to detect.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Cyber threats

Trojaned Windows Installer Targets Ukraine

Schneier on Security

DECEMBER 20, 2022

The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System installers.

Social Engineering

Social Engineering Engineering Software Government

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

The government says much of Tylerb’s cryptocurrency wealth was the result of successful SIM-swapping attacks, wherein crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. .”

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

The “free money” trap: How scammers exploit financial anxiety

Malwarebytes

MARCH 19, 2025

” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same underlying goalto manipulate people into giving away their personal information, orworsetheir hard-earned cash. .” ” “482 Spots Remaining! gov domains).

Scams

Scams Government Identity Theft Social Engineering

Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users

The Hacker News

NOVEMBER 20, 2023

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data.

Social Engineering

Social Engineering Banking Government Mobile

Understanding the Deepfake Threat

SecureWorld News

FEBRUARY 13, 2025

Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions. Attackers now impersonate executives, government officials, and even family members to gain trust and manipulate victims.

Social Engineering

Social Engineering Authentication Identity Theft Education

What are the key Threats to Global National Security?

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom.

Technology

Technology Cyber Attacks Government Social Engineering

Mishing Is the New Phishing — And It’s More Dangerous

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals disguise messages as urgent notifications from banks, government agencies, or corporate IT teams, tricking users into providing credentials or downloading malware. Mishing is a phishing attack that uses SMS messages instead of emails to deceive victims into revealing sensitive information or clicking malicious links.

Phishing

Phishing Mobile Social Engineering Data breaches

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Organizations face rising risks of AI-driven social engineering and personal device breaches. Collaborative efforts between security vendors, AI providers, and businesses will be key to counter automated, scalable attacks.

Risk

Risk Threat Detection Technology Phishing

Managed detection and response in 2024

SecureList

FEBRUARY 20, 2025

Kaspersky MDR customers by region Distribution of incidents by industry In 2024, the MDR team observed the highest number of incidents in the industrial (25.7%), financial (14.1%), and government (11.7%) sectors. in government, 17.8% However, if we consider only high-severity incidents, the distribution is somewhat different: 22.8%

Social Engineering

Social Engineering Phishing Government Threat Detection

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Develop and test ransomware response plans.

Ransomware

Ransomware IoT Encryption Social Engineering

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. Twilio disclosed in Aug.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Social engineering attacks Social engineering attacks occur when someone uses a fake persona to gain your trust.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

China, Russia, North Korea Hackers Exploit Windows Security Flaw

Security Boulevard

MARCH 20, 2025

Amost a dozen state-sponsored threat groups from Russia, China, and North Korea have been exploiting a security flaw in WIndows in attacks on governments and critical infrastructure that date back to 2017. According to Trend Micro's VDI unit, Microsoft has no plans to patch the vulnerability.

Government

Government Social Engineering Engineering Malware

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

eSecurity Planet

NOVEMBER 6, 2024

This data reportedly includes everything from names and addresses to Social Security numbers and bank account details. This attack underscores a critical lesson for businesses: even the most vital institutions, such as a city government, are vulnerable to cyberthreats.

Ransomware

Ransomware Authentication Identity Theft Penetration Testing

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

The employee involved in this incident fell victim to a spear-fishing or social engineering attack. Any actions done by the threat actor have been reverted and the impacted customers have been notified. We have taken steps across our technology, processes and employee education, to help prevent these types of attacks in the future.”

Phishing

Phishing DNS Social Engineering Accountability

GUEST ESSAY: Defending ransomware boils down to this: make it very costly for cybercriminals

The Last Watchdog

APRIL 11, 2022

While it’s nice to see law enforcement and governments go after the gangs, that won’t stop the monster that has grown out of control, that we, as an industry, continue to feed. They’re easier to attack and provide moderate consistent payouts with little retribution from law enforcement or governments. Bricks in the wall.

Ransomware

Ransomware Social Engineering Passwords Engineering

Beware: Malicious Android Malware Disguised as Government Alerts.

Quick Heal Antivirus

MARCH 21, 2024

The post Beware: Malicious Android Malware Disguised as Government Alerts. In our high-tech world, sneaky cyber threats can pop up anywhere. Lately, we’ve spotted sneaky malware on Android. appeared first on Quick Heal Blog.

Government

Government Malware Cyber threats Social Engineering

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7

Security Affairs

AUGUST 18, 2024

Deciphering the Brain Cipher Ransomware Ideal typosquat ‘solana-py’ steals your crypto wallet keys Ransomware attackers introduce new EDR killer to their arsenal Beyond the wail: deconstructing the BANSHEE infostealer A Deep Dive into a New ValleyRAT Campaign Targeting Chinese Speakers Tusk: unraveling a complex infostealer campaign Zero (..)

Malware

Malware Social Engineering Ransomware Government

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

A ransomware attack against the New Orleans city government in early 2020 cost the city over $7 million dollars. They’re improving their tools, they’re improving their business models, and they’re constantly evolving their techniques for getting companies to pay using social engineering. That’s my answer.

Ransomware

Ransomware Government Social Engineering Small Business

Lessons from a Scam Artist

Security Through Education

MARCH 22, 2023

What does a government scam, an IT support scam and a romance scam have in common? They all use psychology and social engineering skills to convince their victims to take an action that is detrimental to them. Prey on Emotions Scammers have become experts in using social engineering techniques to their advantage.

Scams

Scams Social Engineering Engineering Media

CISA Warns of Phone Scammers Impersonating Agency Employees

SecureWorld News

JUNE 17, 2024

While no details were provided about the potential perpetrators, the scam highlights how threat actors exploit the authority of government agencies to trick victims into complying with illicit demands. Ezra Graziano, Director of Federal Accounts at Zimperium, emphasized the urgency for defense against such evolving social engineering tactics.

Social Engineering

Social Engineering Scams Artificial Intelligence Engineering

Iran-linked group APT33 adds new Tickler malware to its arsenal

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. The group also relied on social engineering efforts in attacks against organizations in the higher education, satellite, and defense sectors through LinkedIn.

Malware

Malware Social Engineering Education Government

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Security Boulevard

MARCH 20, 2025

As organizations work to establish AI governance frameworks, many are taking a cautious approach, restricting access to certain AI applications as they refine policies around data protection.U.S. Figure 1: Top AI applications by transaction volume Enterprises blocked a large proportion of AI transactions: 59.9%

Social Engineering

Social Engineering Phishing Risk Insurance

Scattered Spider ransomware gang falls under government agency scrutiny

Malwarebytes

NOVEMBER 20, 2023

CISA and the FBI consider Scattered Spider to be experts that use multiple social engineering techniques, especially phishing, push bombing, and SIM swap attacks, to obtain credentials, install remote access tools, and bypass multi-factor authentication (MFA).

Ransomware

Ransomware Government Social Engineering Backups

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Additionally, keep in mind that while Lockdown Mode may make it more difficult for attackers to exploit social engineering in order to compromise devices, until Apple more strictly controls what apps it allows in its app store , potential government spying remains a major problem.

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

Backdoor in XZ Utils That Almost Happened

Schneier on Security

APRIL 11, 2024

The companies benefiting from these freely available libraries need to actually step up, and the government can force them to. Certainly the security of these libraries needs to be part of any broad government cybersecurity initiative. government needs to recognize this as a national security problem and start treating it as such.

Software

Software Engineering Internet Internet

AI likely to boost ransomware, warns government body

Malwarebytes

JANUARY 25, 2024

Reconnaissance and social engineering are specific fields where AI can be deployed. The impact is expected to grow for several reasons: AI already helps cybercriminals to compose more effective phishing emails. AI will help to improve existing tactics, techniques, and procedures (TTPs).

Ransomware

Ransomware Government Social Engineering Spyware

GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation

The Last Watchdog

MARCH 20, 2023

Related: How Google, Facebook enable snooping In fact, a majority of scams occur through social engineering. The rise of social media has added to the many user-friendly digital tools scammers, sextortionists, and hackers can leverage in order to manipulate their victims.

Media

Media Identity Theft Internet Internet

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

Krebs on Security

MARCH 29, 2022

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. ” A month prior on Cracked, Everlynn posted a sales thread, “1x Government Email Account || BECOME A FED!,”

Accountability

Accountability Government Hacking Social Engineering

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

government and defense entities. private sector and government computer systems,” said Assistant Attorney General Matthew G. “In addition to spearphishing, the conspirators utilized social engineering, which involved impersonating others, generally women, in order to obtain the confidence of victims.

Hacking

Hacking Identity Theft Social Engineering Accountability

Recent Cyber Attacks: Trends, Tactics, and Countermeasures

Hacker's King

DECEMBER 16, 2024

In the digital age, cyber-attacks are a growing concern for individuals, businesses, and governments worldwide. Recent incidents include attacks on government agencies, critical infrastructure, and major corporations, highlighting the vulnerability of national cybersecurity defenses.

Cyber Attacks

Cyber Attacks Phishing Artificial Intelligence Penetration Testing

APT trends report Q3 2024

SecureList

NOVEMBER 28, 2024

The secure USB drive was developed by a government entity in Southeast Asia to securely store and transfer files between machines in sensitive environments. Chinese-speaking activity In July 2021, we detected a campaign called ExCone targeting government entities in Russia.

Malware

Malware Government Software Spyware

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Generative AI Impact : Generative AI will have a big role in cyber security, especially in areas like email protection and fighting social engineering attacks. US Sanctions Iranian Officials : The US government sanctioned six Iranian officials in response to cyber attacks on an Israeli PLC vendor.

Social Engineering

Social Engineering Cyber Attacks Cyber Insurance IoT

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

The Last Watchdog

FEBRUARY 14, 2022

Automating these processes with the help of Identity Governance and Administration ( IGA ) tools should be a top priority for your IT department. Multi-Factor Authentication ( MFA ) can tremendously increase their access security and prevent phishing and social engineering attacks.

CISO

CISO Social Engineering Authentication Risk

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

AI, a double-edged sword AI-driven cybersecurity tools enhance threat detection but also empower attackers with sophisticated social engineering, deepfake campaigns, and automated exploits. Address the talent shortage with focused initiatives Expand government incentives for cybersecurity education and mid-career training.

InfoSec

InfoSec Energy and Utilities Cybersecurity Education

New Linux FASTCash Variant: Threats to Banking Systems

Hacker's King

DECEMBER 17, 2024

Train Employees Educating employees about phishing and social engineering tactics can reduce the likelihood of attackers gaining initial access to networks. The Role of Regulators and Governments Governments and regulatory bodies play a critical role in combating cyber threats like FASTCash.

Banking

Banking Social Engineering Malware Cyber threats

US offers a $10 million reward for information on four Iranian nationals

Security Affairs

APRIL 24, 2024

government, defense contractors, and private companies. The Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) is an organization within the Iranian government responsible for cybersecurity and cyber warfare. companies and government entities. entities using spear phishing and social engineering.

Government

Government Phishing Social Engineering Hacking

US Federal agencies fall prey to Phishing Scam via Remote Management Software

CyberSecurity Insiders

JANUARY 25, 2023

The advisory was issued after two government firms fell prey to the attack and more is being investigated. According to the alert, cyber crooks are sending emails to employees of government agencies to download two legitimate RMM software- ScreenConnect (ConnectWise Control) and AnyDesk.

Scams

Scams Software Phishing Social Engineering

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 9, 2025

What are the risks?

Spyware

Spyware Cybercrime Scams Social Engineering

Lamborghini Carjackers Lured by $243M Cyberheist

Krebs on Security

OCTOBER 9, 2024

19, a group of cybercriminals that allegedly included the couple’s son executed a sophisticated phone-based social engineering attack in which they stole $243 million worth of cryptocurrency from a victim in Washington, D.C. .’s son was loaded with cryptocurrency? Approximately one week earlier, on Aug.

Cryptocurrency

Cryptocurrency Social Engineering Accountability Mobile

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Cybersecurity Event Cancelled After Being Hit By Cybercriminals

Trending Sources

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

Google's AI Trends Report: Key Insights and Cybersecurity Implications

Trojaned Windows Installer Targets Ukraine

Feds Charge Five Men in ‘Scattered Spider’ Roundup

The “free money” trap: How scammers exploit financial anxiety

Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users

Understanding the Deepfake Threat

What are the key Threats to Global National Security?

Mishing Is the New Phishing — And It’s More Dangerous

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Managed detection and response in 2024

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

China, Russia, North Korea Hackers Exploit Windows Security Flaw

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

GUEST ESSAY: Defending ransomware boils down to this: make it very costly for cybercriminals

Beware: Malicious Android Malware Disguised as Government Alerts.

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Lessons from a Scam Artist

CISA Warns of Phone Scammers Impersonating Agency Employees

Iran-linked group APT33 adds new Tickler malware to its arsenal

AI in the Enterprise: Key Findings from the ThreatLabz 2025 AI Security Report

Scattered Spider ransomware gang falls under government agency scrutiny

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Backdoor in XZ Utils That Almost Happened

AI likely to boost ransomware, warns government body

GUEST ESSAY: Scammers leverage social media, clever con games to carry out digital exploitation

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

U.S. authorities charged an Iranian national for long-running hacking campaign

Recent Cyber Attacks: Trends, Tactics, and Countermeasures

APT trends report Q3 2024

26 Cyber Security Stats Every User Should Be Aware Of in 2024

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

New Linux FASTCash Variant: Threats to Banking Systems

US offers a $10 million reward for information on four Iranian nationals

US Federal agencies fall prey to Phishing Scam via Remote Management Software

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Lamborghini Carjackers Lured by $243M Cyberheist

Stay Connected