Security Affairs

OCTOBER 29, 2024

Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “ Civil Defense.”

Malware 117

Malware Social Engineering Software Mobile 117

Security Affairs

AUGUST 18, 2024

Mad Liberator employs social engineering techniques to gain access to the victim’s environment, specifically targeting organizations using remote access tools like Anydesk. However, the social-engineering tactics the group used in the case described above are noteworthy – but they are not unique.

Social Engineering 144

Social Engineering Engineering Ransomware Cybercrime 144

Krebs on Security

NOVEMBER 9, 2024

“This is social engineering at the highest level and there will be failed attempts at times. “In terms of overall social engineering attacks, the more you have a relationship with someone the more they’re going to trust you,” Donahue said. Don’t be discouraged. dot-gov emails get hacked.

Hacking 278

Hacking Accountability Government Social Engineering 278

Schneier on Security

DECEMBER 7, 2020

Clever tactic : This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital skimming (also known as Magecart) attacks.

Media 337

Media Malware Social Engineering Engineering 337

SecureWorld News

MARCH 13, 2025

A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware. While the AI-generated malware required manual debugging to function properly, its mere existence signals an urgent need for security teams to adapt their defenses.

Malware 104

Malware Cybersecurity Cyber threats Threat Detection 104

Tech Republic Security

AUGUST 23, 2024

A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.

Social Engineering 203

Social Engineering Malware Engineering Banking 203

Webroot

OCTOBER 31, 2024

In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. Now let’s take a look at this year’s Nastiest Malware. It is the most successful and lucrative avenue for monetizing a breach of a victim.

Malware 104

Malware Ransomware Passwords Healthcare 104

Security Affairs

DECEMBER 1, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 69

Malware Social Engineering Antivirus Engineering 69

Krebs on Security

JANUARY 7, 2025

Each participant in the call has a specific role, including: -The Caller: The person speaking and trying to social engineer the target. A tutorial shared by Stotle titled “Social Engineering Script” includes a number of tips for scam callers that can help establish trust or a rapport with their prey.

Phishing 337

Phishing Cryptocurrency Accountability Social Engineering 337

Tech Republic Security

MARCH 14, 2022

A new social engineering method is spreading this malware, and it’s very easy to fall for. The post Cybersecurity: Attacker uses websites’ contact forms to spread BazarLoader malware appeared first on TechRepublic. Here’s what it’s doing and how to avoid it.

Malware 185

Malware Social Engineering Cybersecurity Engineering 185

eSecurity Planet

MARCH 14, 2025

A recent phishing campaign has raised alarms among cybersecurity professionals after it impersonated Booking.com to deliver a suite of credential-stealing malware. This command, executed via mshta.exe, downloads and launches various malware families, such as XWorm, Lumma Stealer, VenomRAT, AsyncRAT, Danabot, and NetSupport RAT.

Phishing 66

Phishing Malware Social Engineering Authentication 66

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. “This actor used our models to debug malware, for coding assistance in creating a basic scraper for Instagram, and to translate LinkedIn profiles into Persian.

Malware 134

Malware Social Engineering Engineering Hacking 134

Tech Republic Security

FEBRUARY 15, 2024

Whether an infection is the result of a disgruntled employee, hardware vulnerability, software-based threat, social engineering penetration, robotic attack or human error, all organizations must be prepared to immediately respond effectively to such an issue if the corresponding damage is to be minimized.

Malware 160

Malware Social Engineering Engineering Software 160

Schneier on Security

APRIL 2, 2024

In theory, the code could allow for just about anything, including stealing encryption keys or installing malware. Installing it was a multi-year process that seems to have involved social engineering the lone unpaid engineer in charge of the utility. It was an incredibly complex backdoor.

Social Engineering 352

Social Engineering Engineering Software Encryption 352

Digital Shadows

MAY 15, 2024

"Black Basta" ransomware group uses new email spam and vishing to spread malware. Learn more about protective measures for your organization.

Social Engineering 119

Social Engineering Engineering Ransomware Malware 119

eSecurity Planet

MARCH 3, 2025

Notably, 79% of detections were malware-free a reminder that modern adversaries often bypass traditional antivirus defenses by leveraging innovative, non-malware techniques. The report details how threat actors harness automation, artificial intelligence, and advanced social engineering to scale their operations.

Threat Reports 112

Threat Reports Cybercrime Artificial Intelligence Social Engineering 112

SecureWorld News

JANUARY 7, 2025

Be mindful of the dangers of poisoned gifts (malware), and stay vigilant against these sweet but dangerous schemes. Outrunning the Fox: Avoiding Social Engineering Traps The clever fox lures the unsuspecting Gingerbread Man into a false sense of security, ultimately capturing him. Are your defenses ready to withstand a "Jack"?

Cybersecurity 111

Cybersecurity Social Engineering Phishing Engineering 111

Penetration Testing

APRIL 17, 2024

McAfee Labs researchers have uncovered a dangerous new variant of the Redline Stealer malware that uses clever obfuscation tactics and aggressive social engineering to trick victims and evade detection.

Penetration Testing 143

Penetration Testing Malware Social Engineering Engineering 143

Malwarebytes

DECEMBER 19, 2024

More and more, threat actors are leveraging the browser to deliver malware in ways that can evade detection from antivirus programs. Social engineering is a core part of these schemes and the tricks we see are sometimes very clever. 93 Malware download URLs hxxp[://]topsportracing[.]com/wpnot21 com microsoft.team-chaats[.]com

Social Engineering 101

Social Engineering Engineering Malware Antivirus 101

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption 115

Encryption Password Management Cryptocurrency Social Engineering 115

Security Affairs

MARCH 10, 2025

Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert ( WPD ) tools by crooks to distribute malware under this pretense, the researchers spotted the campaign.

Cryptocurrency 91

Cryptocurrency Malware Social Engineering Antivirus 91

The Hacker News

MAY 16, 2024

The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware.

Social Engineering 144

Social Engineering Malware Engineering Accountability 144

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 324

Hacking Social Engineering Phishing Scams 324

The Hacker News

DECEMBER 17, 2024

A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An

Social Engineering 126

Social Engineering Malware Engineering 126

The Hacker News

AUGUST 14, 2024

An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC.

Malware 134

Malware Social Engineering Engineering Ransomware 134

The Hacker News

DECEMBER 2, 2024

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs.

Social Engineering 140

Social Engineering Malware Mobile Engineering 140

Schneier on Security

DECEMBER 20, 2022

The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System installers.

Social Engineering 248

Social Engineering Engineering Software Government 248

The Hacker News

SEPTEMBER 11, 2023

A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after MacStealer, Pureland, Atomic Stealer, and Realst.

Social Engineering 142

Social Engineering Malware Engineering 142

Penetration Testing

MARCH 15, 2025

A sophisticated phishing campaign impersonating Booking.com is targeting organizations in the hospitality industry, using a novel social engineering The post Booking.com Impersonated in Phishing Campaign Delivering Credential-Stealing Malware appeared first on Cybersecurity News.

Phishing 44

Phishing Malware Social Engineering Engineering 44

The Hacker News

DECEMBER 27, 2024

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie.

Social Engineering 128

Social Engineering Malware Engineering Hacking 128

Security Affairs

AUGUST 18, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 128

Malware Social Engineering Ransomware Government 128

Security Affairs

SEPTEMBER 29, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 125

Malware Social Engineering IoT Scams 125

The Last Watchdog

NOVEMBER 11, 2024

It could also help users identify various cybersecurity attacks, whether they are types of spoofing , phishing, social engineering, or malware. One significant risk is the potential for the technology to become a host to sophisticated social engineering attacks.

Cybersecurity 130

Cybersecurity Social Engineering Technology Threat Detection 130

Security Affairs

AUGUST 25, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 118

Malware Social Engineering Ransomware Cybercrime 118

The Hacker News

APRIL 26, 2024

An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor. Cybersecurity firm Securonix is tracking the activity under the name DEV#POPPER, linking it to North Korean threat actors.

Software 143

Software Social Engineering Malware Engineering 143

Security Affairs

JANUARY 22, 2025

STAC5777 was spotted using Microsoft Quick Assist and manual configuration changes to deploy malware. Common tactics include email bombing with spam (in some cases the volume reached as 3,000 in less than an hour), posing as tech support via Teams messages and calls, and using Microsoft remote tools to install malware.

Ransomware 98

Ransomware Malware Social Engineering Engineering 98

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. The group also relied on social engineering efforts in attacks against organizations in the higher education, satellite, and defense sectors through LinkedIn.

Malware 127

Malware Social Engineering Education Government 127