Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Attackers injected the malicious code to deploy the spyware in websites, some of them were actually fake. The server, in turn, may send some commands to the compromised device.

Spyware 103

Spyware Advertising Encryption Phishing 103

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware 111

Spyware Malware Advertising Banking 111

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs.

Spyware 111

Spyware Malware Cybercrime Advertising 111

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 109

Cryptocurrency Malware Hacking Ransomware 109

Security Affairs

FEBRUARY 9, 2025

Texas is the first state to ban DeepSeek on government devices Law enforcement seized the domains of HeartSender cybercrime marketplaces WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware Ransomware attack hit Indian multinational Tata Technologies International Press Newsletter Cybercrime FBI, Dutch Police Disrupt Manipulaters (..)

Spyware 59

Spyware Cybercrime Scams Social Engineering 59

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 124

Spyware Data breaches Hacking Ransomware 124

Security Affairs

MARCH 16, 2025

CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog GitLab addressed critical auth bypass flaws in CE and EE North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy Experts warn of a coordinated surge in the exploitation attempts of SSRF vulnerabilities Meta warns of actively exploited (..)

Spyware 70

Spyware Cybercrime Ransomware IoT 70

Security Affairs

AUGUST 4, 2024

Unplugging PlugX: Sinkholing the PlugX USB worm botnet Introducing Gh0stGambit: A Dropper for Deploying Gh0st RAT Mandrake spyware sneaks onto Google Play again, flying under the radar for two years A Survey of Malware Detection Using Deep Learning ThreatLabz 2024_Ransomware Report Phishing targeting Polish SMBs continues via ModiLoader BingoMod: The (..)

Malware 138

Malware Spyware Media Phishing 138

Security Affairs

FEBRUARY 15, 2025

Sorry, It’s Windows Malware Malware Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Deep Learning-Driven Malware Classification with API Call Sequence Analysis and Concept Drift Handling Hacking (..)

Spyware 67

Spyware Firewall Artificial Intelligence Malware 67

Security Affairs

AUGUST 4, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Spyware 121

Spyware Phishing Malware Ransomware 121

Security Affairs

MAY 8, 2020

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. Figure 1 The distribution of web-phishing among target categories . CERT-GIB’s findings indicate that phishing attack perpetrators have revised their so-called target pool. Target reshuffle.

Phishing 87

Phishing Spyware Banking Malware 87

Security Affairs

AUGUST 21, 2024

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware.

Malware 125

Malware Spyware Phishing Cyber threats 125

SecureList

NOVEMBER 23, 2021

For instance, we see a new trend emerging in the criminal ecosystem of spyware-based authentication data theft, with each individual attack being directed at a very small number of targets (from single digits to several dozen). Phishing is the top initial penetration tool for targeted (and not-so-targeted) attacks.

Spyware 137

Spyware Phishing Cybercrime Energy and Utilities 137

Security Affairs

JANUARY 3, 2025

Cybersecurity firm Cyfirma warns of the FireScam Android info-stealing malware that supports spyware capabilities. The malicious code steals credentials and financial data by monitoring app notifications and sending the information to a Firebase database. ” concludes the report that includes Indicators of Compromise (IoCs).

Spyware 66

Spyware Malware Phishing Internet 66

Security Affairs

FEBRUARY 23, 2025

CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog Juniper Networks fixed a critical flaw in Session Smart Routers China-linked APT group Winnti targets Japanese organizations since March 2024 Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers (..)

Malware 64

Malware Scams Encryption Phishing 64

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches 59

Data breaches Malware Phishing Hacking 59

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Affairs

NOVEMBER 24, 2024

A cyberattack on gambling giant IGT disrupted portions of its IT systems China-linked APT Gelsemium uses a new Linux backdoor dubbed WolfsBane Microsoft seized 240 sites used by the ONNX phishing service U.S.

Cybercrime 69

Cybercrime Artificial Intelligence Hacking VPN 69

Security Affairs

FEBRUARY 14, 2021

COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B If you want to also receive for free the international press subscribe here.

Phishing 109

Phishing Spyware Data breaches Surveillance 109

Security Affairs

MARCH 8, 2020

The emails provide updates on the Coronavirus outbreak, it includes stats on the epidemic and contains an email of corona-virus@caramail.com that is likely used for phishing purposes. The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017.

Malware 145

Malware Scams Social Engineering Phishing 145

Security Affairs

JULY 28, 2024

CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog International Press – Newsletter Cybercrime Walsall teenager arrested in joint West Midlands Police and FBI operation Treasury Sanctions Leader and Primary Member of the Cyber Army of Russia Reborn Three arrested for (..)

Spyware 120

Spyware Data breaches Cybercrime Banking 120

The Last Watchdog

JANUARY 28, 2019

Why we’re in the ‘Golden Age’ of cyber espionageThe fact is cyber criminals are expert at refining and carrying out phishing, malvertising and other tried-and-true ruses that gain them access to a targeted victim’s Internet-connected computing device. Apps from other sources can carry malware or spyware.

Passwords 196

Passwords Password Management Internet Internet 196

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 128

Data breaches Ransomware Phishing Malware 128

Security Affairs

OCTOBER 29, 2021

Government experts state that the group uses multiple mechanisms to compromise networks of the victims, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network. The Hive ransomware adds the.hive extension to the filename of encrypted files. .

Encryption 135

Encryption Ransomware Spyware Malware 135

Security Affairs

JUNE 2, 2024

Ticketmaster confirms data breach impacting 560 million customers Critical Apache Log4j2 flaw still threatens global finance Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin ShinyHunters is selling data of 30 million Santander customers Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours LilacSquid APT (..)

Data breaches 121

Data breaches VPN Cloud Migration Malware 121

Security Affairs

NOVEMBER 8, 2021

Government experts state that the group uses multiple mechanisms to compromise networks of the victims, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network. The Hive ransomware adds the.hive extension to the filename of encrypted files.

Computers and Electronics 131

Computers and Electronics Ransomware Retail Spyware 131

Security Affairs

MARCH 21, 2022

Ukraine CERT (CERT-UA) warns of spear-phishing ??attacks The Government Team for Response to Computer Emergencies of Ukraine (CERT-UA) warns of spear-phishing messages conducted by UAC-0035 group (aka InvisiMole) against Ukrainian state bodies. attacks conducted by UAC-0035 group (aka InvisiMole) on state organizations of Ukraine.

Spyware 98

Spyware DNS Phishing Government 98

Security Affairs

AUGUST 21, 2022

In October 2021, a report released by the Amnesty International revealed that the Donot Team group employed Android applications posing as secure chat application and malicious emails in attacks aimed at a prominent Togolese human rights defender. In the past, the Donot Team spyware was found in attacks outside of South Asia.

Malware 100

Malware Spyware Phishing Government 100

Security Affairs

JULY 4, 2023

. “The campaign employs a multi-stage attack strategy, starting with targeted SMS phishing messages distributed across Spain and other countries, using Sender IDs (SIDs) to create an illusion of authenticity and mimicking reputable financial institutions to deceive victims.” ” Thill explained.

Banking 98

Banking Phishing Social Engineering Authentication 98

Security Affairs

SEPTEMBER 1, 2024

CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog International Press – Newsletter Cybercrime Telegram messaging app CEO Durov arrested in France Thousands of travelers, airport operations impacted by Port of Seattle cyberattack Hacker who stole 3 billion US data was discovered and is Brazilian Pressure Grows in Congress to (..)

Malware 117

Malware Surveillance Firewall Phishing 117

Security Affairs

APRIL 24, 2022

If you want to also receive for free the newsletter with the international press subscribe here. T-Mobile confirms Lapsus$ had access its systems Are you using Java 15/16/17 or 18 in production? Patch them now!

Cyber Insurance 100

Cyber Insurance Spyware Firmware Hacking 100

Security Affairs

NOVEMBER 11, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Police seized BulletProftLink phishing-as-a-service (PhaaS) platform Serbian pleads guilty to running ‘Monopoly’ dark web drug market McLaren Health Care revealed that a data breach impacted 2.2

DDOS 125

DDOS Data breaches Ransomware Marketing 125

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. In addition, the likelihood of the data being used for phishing and social engineering increases. . Kaspersky detects an average of 400,000 malicious files every day.

Media 139

Media Social Engineering Ransomware Hacking 139

Security Affairs

DECEMBER 20, 2020

Every week the best security articles from Security Affairs free for you in your email box. Hacked Subway UK marketing system used in TrickBot phishing campaign Pay2Key hackers stole data from Intels Habana Labs PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs Security Affairs Newsletter is back!

Hacking 104

Hacking Spyware Marketing Ransomware 104

Security Affairs

SEPTEMBER 3, 2023

Being Used to Phish So Many of Us? Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US

Social Engineering 123

Social Engineering Data breaches Spyware Malware 123

SecureList

DECEMBER 9, 2024

User data was stolen from Cisco Duo, a service that provides organizations with multi-factor authentication (MFA) and single sign-on (SSO) network access, as a consequence of a phishing attack targeting an employee of a third-party telephony provider. However, delegating tasks also introduces new information security challenges.

Internet 113

Internet Internet Risk Social Engineering 113