Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware: the most likely COVID-19 payload.

Phishing 142

Phishing Malware Spyware DDOS 142

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 112

Cryptocurrency Malware Hacking Ransomware 112

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. ” continues the report.

Spyware 98

Spyware Accountability Social Engineering Phishing 98

Security Affairs

DECEMBER 8, 2024

SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT DroidBot: Insights from a new Turkish MaaS fraud operation RedLine, A License to Steal: The Rudometov Story & Operation Magnus Unveiling RevC2 and Venom Loader Ultralytics (..)

Malware 70

Malware Spyware Phishing Hacking 70

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Attackers injected the malicious code to deploy the spyware in websites, some of them were actually fake. The server, in turn, may send some commands to the compromised device.

Spyware 106

Spyware Advertising Encryption Phishing 106

SecureWorld News

NOVEMBER 2, 2022

government threat report , released this morning and titled "Rise in Mobile Phishing Credential Theft Targeting Public Sector," includes these key findings: Nearly 50% of state and local government employees are running outdated Android operating systems, exposing them to hundreds of device vulnerabilities.

Mobile 117

Mobile Government Phishing Risk 117

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware. Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system.

Malware 134

Malware Phishing Spyware Cyber threats 134

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware 114

Spyware Malware Advertising Banking 114

Security Affairs

JANUARY 19, 2025

CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog Inexperienced actors developed the FunkSec ransomware using AI tools Credit Card Skimmer campaign targets WordPress via database injection Microsoft took legal action against crooks who developed a tool to abuse its AI-based services Pro-Russia hackers (..)

Spyware 70

Spyware Data breaches DNS Artificial Intelligence 70

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. SecurityAffairs – hacking, FormBook). XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware.

Spyware 114

Spyware Malware Cybercrime Advertising 114

SecureList

MAY 3, 2021

Banking phishing: new version of an old scheme. Clients of several Dutch banks faced a phishing attack using QR codes. The links in their messages took the victim to a well-designed phishing pages with official emblems, business language and references to relevant laws. Quarterly highlights. Vaccine with cyberthreat.

Phishing 137

Phishing Banking Accountability Computers and Electronics 137

Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 74

Spyware Cybercrime Ransomware IoT 74

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 70

Spyware Firewall Artificial Intelligence Malware 70

Threatpost

APRIL 21, 2020

Highly targeted spearphishing emails are being sent to oil and gas companies in hopes of infecting them with the Agent Tesla spyware.

Spyware 100

Spyware Phishing Malware Hacking 100

Security Affairs

FEBRUARY 9, 2025

Texas is the first state to ban DeepSeek on government devices Law enforcement seized the domains of HeartSender cybercrime marketplaces WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware Ransomware attack hit Indian multinational Tata Technologies International Press Newsletter Cybercrime FBI, Dutch Police Disrupt Manipulaters (..)

Spyware 61

Spyware Cybercrime Scams Social Engineering 61

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 128

Spyware Data breaches Hacking Ransomware 128

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. According to Snowden, the UK’s signals intelligence have hacked into the Belgian telco to spy on private communications in transit into its infrastructure. ” wrote The Intercept.

Hacking 110

Hacking Spyware Malware Advertising 110

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The attack starts with spear-phishing emails containing weaponized attachments, the malware is distributed via Russian hosting providers. The post Experts spotted a rare Linux Desktop spyware dubbed EvilGnome appeared first on Security Affairs.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 61

Data breaches Malware Phishing Hacking 61

Security Affairs

FEBRUARY 23, 2025

Military & Defense Sector: A Cybersecurity Disaster in the Making Analyzing ELF/Sshdinjector.A!tr

Malware 67

Malware Scams Encryption Phishing 67

Security Affairs

AUGUST 4, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 140

Malware Spyware Media Phishing 140

Security Affairs

AUGUST 4, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 125

Spyware Phishing Malware Ransomware 125

Security Affairs

NOVEMBER 24, 2024

A cyberattack on gambling giant IGT disrupted portions of its IT systems China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane Microsoft seized 240 sites used by the ONNX phishing service U.S.

Cybercrime 72

Cybercrime Artificial Intelligence Hacking VPN 72

Security Affairs

AUGUST 21, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware.

Malware 129

Malware Spyware Phishing Cyber threats 129

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. The post Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading appeared first on Security Affairs. Pierluigi Paganini.

Spyware 103

Spyware Adware Malware Accountability 103

SecureList

MAY 27, 2022

The group uses various malware families, including Wroba, and attack methods that include phishing, mining, smishing and DNS poisoning. While it’s not clear how the threat actor tricked the victims into executing the Trojanized app, we suspect they sent a spear-phishing email or contacted them via social media. Other malware.

Phishing 134

Phishing Spyware Firmware Malware 134

Security Affairs

JANUARY 3, 2025

Cybersecurity firm Cyfirma warns of the FireScam Android info-stealing malware that supports spyware capabilities. The malware is distributed as a fake Telegram Premium APK via a phishing website hosted on the GitHub.io The analysis of FireScam reveals a sophisticated and multifaceted threat targeting Android devices.

Spyware 69

Spyware Malware Phishing Internet 69

Security Affairs

JUNE 4, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool. Target reshuffle.

Phishing 87

Phishing Spyware Banking Malware 87

Security Affairs

JULY 28, 2024

CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog International Press – Newsletter Cybercrime Walsall teenager arrested in joint West Midlands Police and FBI operation Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn Three arrested for (..)

Spyware 124

Spyware Data breaches Cybercrime Banking 124

Malwarebytes

SEPTEMBER 4, 2024

After using passwords obtained from one of the countless breaches as a lure to trick victims into paying, the “Hello pervert” sextortion scammers have recently introduced two new pressure tactics: Name-dropping the infamous Pegasus spyware and adding pictures of your home environment. Here, this isn’t some act of advanced hacking.

Scams 137

Scams Spyware Passwords Password Management 137

The Last Watchdog

JULY 18, 2023

July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error. A new study by HostingAdvice, the premier authority on web hosting, found that 32% of Americans say they’ve gotten hacked from visiting a sketchy website and of those, 53% got a computer virus. Gainesville, Fla.,

Hacking 100

Hacking DDOS Small Business Spyware 100

Security Affairs

FEBRUARY 14, 2021

SecurityAffairs – hacking, newsletter). Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B Pierluigi Paganini.

Phishing 112

Phishing Spyware Data breaches Ransomware 112

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 132

Data breaches Ransomware Phishing Malware 132

eSecurity Planet

FEBRUARY 22, 2022

Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. NSO Group’s Pegasus software has been routinely in the headlines in recent years for using zero-click attacks to install its spyware. Spyware and Zero-Days: A Troubling Market.

Spyware 125

Spyware Software Government Social Engineering 125

Security Affairs

JULY 25, 2021

SecurityAffairs – hacking, newsletter). Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics Obtaining password hashes of Windows systems with PetitPotam attack. If you want to also receive for free the international pre ss subscribe here. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware 125

Spyware Data breaches Government Ransomware 125

Security Affairs

JUNE 2, 2024

OpenAI’s Altman Sidesteps Questions About Governance, Johansson at UN AI Summit Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches 125

Data breaches VPN Cloud Migration Malware 125