Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. Doug then messaged the Mr. Lee account on Telegram, who said there was some kind of technology issue with the video platform, and that their IT people suggested using a different meeting link.

Malware 328

Malware Cryptocurrency Software Phishing 328

The Last Watchdog

DECEMBER 20, 2021

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Malware 256

Malware Phishing Technology Ransomware 256

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 231

Phishing Passwords Hacking Internet 231

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

The Last Watchdog

NOVEMBER 11, 2024

The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly a groundbreaking technology that will reinvent how we interact with the digital world. Related: Is the Metaverse truly secure?

Cybersecurity 130

Cybersecurity Social Engineering Technology Threat Detection 130

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. Agent Trojan.Win64.Convagent.gen

Malware 127

Malware Education Technology Media 127

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. A recent phishing site that abused LinkedIn’s marketing redirect. A recent phishing site that abused LinkedIn’s marketing redirect. Urlscan also found this phishing scam from Jan. Image: Urlscan.io.

Phishing 359

Phishing Marketing Scams Accountability 359

Security Affairs

OCTOBER 11, 2024

” Beyond previous reports on this threat actor’s focus on ICS and PLCs, the prompts observed during this campaign provide precious information on other technologies and software the state-sponsored hackers may target. This included working on malware that was still in development, and looking for information on potential targets.”

Malware 136

Malware Social Engineering Engineering Hacking 136

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. While fully agentic AI malware remains years away, the industry must prepare now. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities.

Risk 173

Risk Threat Detection Technology Phishing 173

Malwarebytes

FEBRUARY 4, 2025

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its use in cyberattacks. Uhh, again, that is.

Artificial Intelligence 143

Artificial Intelligence Small Business Malware Technology 143

Krebs on Security

AUGUST 14, 2020

Sources close to the investigation tell KrebsOnSecurity the malware is known as Defray. “The phishing emails the authors use are well-crafted,” Trend Micro wrote. Defray was first spotted in 2017, and its purveyors have a history of specifically targeting companies in the healthcare space.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Security Boulevard

JANUARY 20, 2025

Specifically, stories and news items where public and/or private organizations have leveraged their capabilities to encroach on user privacy; for example, data brokers using underhanded means to harvest user location data without user knowledge or public organizations using technology without regard for user privacy.

Surveillance 97

Surveillance Malware Data breaches Scams 97

The Last Watchdog

FEBRUARY 4, 2025

These sprawling identities, exposed through breaches, infostealer infections, and phishing attacks, create shadow data that traditional tools simply cant address. SpyCloud , a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection.

Cybercrime 124

Cybercrime Accountability Phishing Malware 124

The Last Watchdog

JULY 27, 2023

In its H1 2023 Report: Cybersecurity Trends & Insights , Perception Point reported an overall increase in social engineering attacks, including a 20% growth in the prevalence of Business Email Compromise (BEC) attacks along with a 41% surge in phishing attacks from H2 2022 to H1 2023.

Phishing 186

Phishing Social Engineering Engineering Media 186

SecureWorld News

DECEMBER 4, 2024

The United States retail sector faced an especially aggressive wave of cyber threats, with phishing attacks mimicking major holiday brands [3] including Walmart, Target, and Best Buy increasing by more than 2,000% during peak shopping periods.

Retail 115

Retail Scams Phishing Cyber threats 115

CyberSecurity Insiders

JANUARY 3, 2023

Spy”-type cyberspace race as both criminals and defenders vie to gain the upper hand using new and emerging technologies. Every technology that enables our cyber teams to pinpoint and resolve threats and prevent attacks more quickly and accurately also benefits cybercriminals.

Technology 135

Technology Cybercrime Artificial Intelligence Government 135

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million detections compared to 5.84

Phishing 74

Phishing Banking Scams Mobile 74

SecureWorld News

JANUARY 7, 2025

Their themes touch on phishing, man-in-the middle attacks, cryptography and decryption, incident response, and more. Lured by the Sweet: Avoiding the Phishing Trap Similar to Hansel and Gretel, who were tempted by a candy-coated trap, phishing attacks entice victims with seemingly irresistible offers or legitimate-looking emails and websites.

Cybersecurity 112

Cybersecurity Social Engineering Phishing Engineering 112

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). A progressive web app (PWA) is an app that’s built using web platform technologies, but that provides a user experience like that of a platform-specific app. ” reads the report published by ESET.

Phishing 132

Phishing Mobile Banking Social Engineering 132

Security Affairs

NOVEMBER 25, 2024

“This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.” ” first reported TechCrunch.

Mobile 123

Mobile Scams Technology Telecommunications 123

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. Among the new Fin7 domains Silent Push found are several sites phishing people seeking tickets at the Louvre.

Phishing 316

Phishing Cybercrime Malware Software 316

SecureList

MARCH 10, 2025

We continued to monitor the group throughout the rest of the year, observing intense activity that included updates to SideWinder’s toolset and the creation of a massive new infrastructure to spread malware and control compromised systems. Infection flow The attacker sends spear-phishing emails with a DOCX file attached.

Energy and Utilities 112

Energy and Utilities Malware Government Phishing 112

Approachable Cyber Threats

MARCH 12, 2025

Category Awareness, Social Enginering Risk Level Phishing emails are getting harder to detect. What is phishing, and why is it such a big deal?" Phishing is one of the oldest tricks in the hacker playbook - but its also one of the most effective. Alright, but cant I just spot and delete phishing emails?"

Phishing 52

Phishing Scams Social Engineering Artificial Intelligence 52

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

Security Boulevard

MAY 18, 2023

However, its widespread use has raised concerns about the potential for bad actors to misuse the technology. Experts are worried that ChatGPT’s ability to source recent data about an organization could make social engineering and phishing attacks more effective than ever.

Phishing 130

Phishing Social Engineering Engineering Technology 130

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. This is part of the reason we acquired Authy and created a line of account security products and services.

Accountability 362

Accountability Hacking Authentication Marketing 362

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. “This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S.

Hacking 310

Hacking Malware Ransomware Government 310

SecureWorld News

FEBRUARY 25, 2025

It is recommended that organizations should consider AI-powered deception technologies to detect and neutralize AI-driven threats. Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise.

Cybersecurity 95

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 95

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. But as technology advances, so do the threats. Anti-phishing protection Shields you from phishing attempts. Viruses and malware programs harm your devices or steal your data.

Antivirus 73

Antivirus Identity Theft Cyber threats Phishing 73

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. Among the culprits are four major APT groups: Volt Typhoon, Salt Typhoon, Flax Typhoon, and Velvet Ant.

Encryption 141

Encryption Identity Theft Media Telecommunications 141

Duo's Security Blog

JANUARY 14, 2025

In recent webinar Preventing Helpdesk Phishing with Duo and Traceless , Duo PMM Katherine Yang sat down with Gene Reich, Co-founder of Traceless to discuss why stronger identity verification is critical for MSPs and helpdesk teamsespecially with the increased accessibility of AI technologies driving identity fraud.

Phishing 111

Phishing Technology Scams Cybercrime 111

IT Security Guru

NOVEMBER 1, 2024

As technology advances, so do the methods and motivations of those who seek to disrupt global stability. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information.

Technology 109

Technology Cyber Attacks Government Social Engineering 109

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. APT41 was known to hide its malware inside fake resumes that were sent to targets. APT41’s activities span from the mid-2000s to the present day.

Antivirus 363

Antivirus Hacking Software Government 363

Security Boulevard

SEPTEMBER 10, 2024

Introduction Following the 2024 ThreatLabz Phishing Report, Zscaler ThreatLabz has been closely tracking domains associated with typosquatting and brand impersonation - common techniques used by threat actors to proliferate phishing campaigns. Microsoft and Amazon followed closely behind. Online Shopping websites, accounting for 22.3%

Phishing 111

Phishing Accountability Malware Encryption 111

The Last Watchdog

OCTOBER 7, 2024

7, 2024, CyberNewswire — Criminal IP , a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA , has partnered with Hybrid Analysis , a platform that provides advanced malware analysis and threat intelligence, to enhance threat research. Torrance, Calif.,

Malware 130

Malware Engineering Cyber threats Phishing 130

SecureWorld News

SEPTEMBER 14, 2023

Microsoft has recently brought attention to a highly-sophisticated and targeted phishing campaign conducted by a notorious threat actor group known as Storm-0324. Microsoft's Threat Intelligence team said: "In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file.

Phishing 118

Phishing Ransomware Cybercrime Threat Detection 118