Krebs on Security

SEPTEMBER 14, 2021

Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google ‘s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat , Reader and a slew of other software.

Spyware 61

Spyware Social Engineering Surveillance Internet 61

Security Boulevard

SEPTEMBER 25, 2023

The post More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard. Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government.

Spyware 126

Spyware Government Social Engineering Data privacy 126

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware 145

Malware Scams Social Engineering Phishing 145

Security Affairs

JANUARY 21, 2022

Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have uncovered multiple spyware campaigns that target industrial firms to steal email account credentials and carry out fraudulent activities. ” concludes the report.

Spyware 98

Spyware Accountability Social Engineering Phishing 98

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware 105

Malware Adware Spyware Antivirus 105

The Hacker News

FEBRUARY 2, 2021

Typically spread through social engineering lures, the Windows spyware not only now targets Microsoft's Antimalware Scan Interface (AMSI) in an attempt to defeat endpoint protection software, it also employs a

Social Engineering 105

Social Engineering Spyware Malware Engineering 105

Security Boulevard

JUNE 28, 2023

The post Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) appeared first on Security Boulevard. Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing.

Spyware 111

Spyware Hacking Social Engineering Data breaches 111

Security Boulevard

JULY 18, 2024

In the realm of cybercrime, a threat actor by the name of Transparent Tribe is rapidly spreading the CapraRAT spyware by disguising it as popular Android apps. Media reports claim that these attacks are part of a larger social engineering campaign targeting individuals of interest.

Spyware 64

Spyware Social Engineering Cybercrime Engineering 64

Security Boulevard

MAY 3, 2022

The notorious spyware, sold by NSO Group “only to governments,” caused large amounts of data to be exfiltrated. Hacked by NSO Pegasus Spyware (or was it?) The prime minister and the defense minister of Spain were infected with Pegasus. The post Spanish Govt. appeared first on Security Boulevard.

Spyware 105

Spyware Hacking Government Social Engineering 105

Security Boulevard

MARCH 3, 2021

Another reason is that social engineering lures may be expertly crafted by the attacker after they have been monitoring a victim’s activity for some time, resulting in more effective phishing campaigns with serious security implications. Continue reading Trojan Spyware and BEC Attacks at Sucuri Blog.

Spyware 75

Spyware Social Engineering Phishing Engineering 75

Security Affairs

FEBRUARY 9, 2025

Here’s how data awareness can help HTTP Client Tools Exploitation for Account Takeover Attacks Dangerous hacker responsible for more than 40 cyberattacks on strategic organizations arrested Whos Behind the Seized Forums Cracked & Nulled?

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

Security Boulevard

AUGUST 22, 2022

NSO, notorious producer of the Pegasus nation-state spyware, is struggling. The post NSO Group Fires CEO — and 100 Staff — in Spyware ‘Streamlining’ appeared first on Security Boulevard. So it’s dumped its CEO, Shalev Hulio, and around 100 employees.

Spyware 98

Spyware Social Engineering Engineering Security Awareness 98

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. ” reads the analysis published by SentinelOne.

Passwords 144

Passwords Spyware VPN Malware 144

SecureList

NOVEMBER 28, 2024

We also found Cobalt Strike beacons and several traces tying this actor to the ShadowPad malware and UNC2643 activity, which is in turn associated with the HAFNIUM threat actor. Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments.

Malware 116

Malware Government Software Spyware 116

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware 107

Malware Computers and Electronics Adware Spyware 107

WIRED Threat Level

APRIL 21, 2021

The groups used social engineering techniques on Facebook to direct targets to a wide range of malware, including custom tools.

Social Engineering 76

Social Engineering Spyware Engineering Malware 76

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. These are the first known mobile malware families linked to the Russian APT. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a.

Mobile 97

Mobile Malware Surveillance Social Engineering 97

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 126

Data breaches Social Engineering Malware Hacking 126

Security Affairs

SEPTEMBER 3, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Social Engineering 123

Social Engineering Data breaches Spyware Malware 123

SecureList

DECEMBER 9, 2024

This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. Other notable supply chain attacks in 2024 include: Hackers injected malware directly into the source code of the largest Discord bot platform. Kaspersky products detect malicious objects related to the attack.

Internet 105

Internet Internet Risk Social Engineering 105

SecureList

JANUARY 19, 2022

Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum. The attackers use off-the-shelf spyware, but limit the scope and lifetime of each sample to the bare minimum.

Spyware 104

Spyware Accountability VPN Malware 104

Security Affairs

JUNE 4, 2023

Xplain hack impacted the Swiss cantonal police and Fedpol Zyxel published guidance for protecting devices from ongoing attacks Kimsuky APT poses as journalists and broadcast writers in its attacks New Linux Ransomware BlackSuit is similar to Royal ransomware CISA adds Progress MOVEit Transfer zero-day to its Known Exploited Vulnerabilities catalog (..)

Spyware 98

Spyware Hacking Malware Social Engineering 98

Security Boulevard

JUNE 23, 2023

Vulns unpatched for FOUR years: ‘Triangulation’ spyware said to use backdoor Apple gave to NSA. The post Apple Fixes 0-Days — Russia Says US Used for Spying appeared first on Security Boulevard.

Spyware 145

Spyware Social Engineering Engineering Mobile 145

eSecurity Planet

FEBRUARY 22, 2022

Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. There is no need for social engineering , as the program can implant backdoors directly without forced consent. Spyware and Zero-Days: A Troubling Market. Zero-click attacks remove this hurdle.

Spyware 126

Spyware Software Government Social Engineering 126

SecureWorld News

JULY 27, 2023

A new study from Uptycs has uncovered an increase in the distribution of information stealing malware. Newly discovered stealer families include modules that specifically steal logs from MFA applications, like the Rhadamanthys malware. Examining the dark web reveals that infostealer malware has become increasingly widespread.

Malware 85

Malware Social Engineering Passwords Spyware 85

Malwarebytes

JANUARY 25, 2024

Reconnaissance and social engineering are specific fields where AI can be deployed. Currently only state sponsored groups, professional spyware vendors, and the large criminal operations have access to, and know how to use advanced AI tools to increase the effectivity of their attacks. Prevent intrusions. Detect intrusions.

Ransomware 102

Ransomware Government Social Engineering Spyware 102

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Security Boulevard

JULY 20, 2021

Yet another zero-day bug in iOS has allowed notorious spyware vendor NSO Group to break into the iPhones of journalists and activists. The post Apple’s Insecure iPhone Lets NSO Hack Journalists (Again) appeared first on Security Boulevard.

Hacking 119

Hacking Spyware Social Engineering Engineering 119

SecureList

MAY 27, 2022

Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. The attackers study their victims carefully and use the information they find to frame social engineering attacks.

Phishing 134

Phishing Spyware Firmware Malware 134

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. In addition, the likelihood of the data being used for phishing and social engineering increases. . Kaspersky detects an average of 400,000 malicious files every day.

Media 140

Media Social Engineering Ransomware Hacking 140

Security Affairs

JUNE 11, 2023

Gox exchange and operating BTC-e Japanese Pharmaceutical giant Eisai hit by a ransomware attack Clop ransomware gang was testing MOVEit Transfer bug since 2021 Stealth Soldier backdoor used is targeted espionage attacks in Libya Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue Experts detail a new Kimsuky (..)

Social Engineering 98

Social Engineering Data breaches Ransomware Cybercrime 98

SecureList

NOVEMBER 30, 2021

In November, Apple announced that it was taking legal action against NSO Group for developing software that targets its users with “malicious malware and spyware” Detecting infection traces from Pegasus and other advanced mobile malware is very tricky, and complicated by the security features of modern OSs such as iOS and Android.

Malware 140

Malware Mobile Spyware Surveillance 140

Hot for Security

JUNE 15, 2021

Given the portability and myriad of functionalities, mobile devices are highly susceptible to cyber threats, including malware, spyware and phishing attempts that may compromise that precious piece of tech we keep in our pocket and any information stored on it. Avoid smishing and phishing attacks. Security at home or on the go.

Mobile 137

Mobile Banking Phishing Social Engineering 137

Identity IQ

FEBRUARY 18, 2021

The following vectors represent some of the most common ways a criminal could gain access to your accounts and is also known as an account takeover : Social Engineering. If a “Not Secure” warning appears on your browser when you visit a website, it is not necessarily affected by malware. Anti-Malware Software.

Identity Theft 119

Identity Theft Passwords Data breaches Scams 119

Security Affairs

NOVEMBER 25, 2020

Business Email Compromise (BEC) is a type of email phishing attack that relies on social engineering. Group-IB researchers note that the cybercriminals behind these BEC operations rely exclusively on a variety of publicly available Spyware and Remote Access Trojans (RATs), such as AgentTesla , Loky, AzoRult , Pony, NetWire , etc.

Cybercrime 136

Cybercrime Phishing Social Engineering Spyware 136

Malwarebytes

JULY 16, 2021

This means asking for payment, locking devices, or acting in a malware-like manner. Others go further, acting the same way actual spy/malware does while simultaneously saying the PC has an infection (spoiler – it does, but not in the way victims might think). There are some caveats to this, which we’ll cover below. Double win!

Social Engineering 124

Social Engineering Software Malware VPN 124

Security Affairs

JULY 4, 2023

A Mexican threat actor that goes online with the moniker Neo_Net is behind an Android malware campaign targeting banks worldwide. Furthermore, due to the simplicity of SMS spyware, it can be difficult to detect, as it only requires permission to send and view SMS messages.” The case was reported by security researcher Pol Thill.

Banking 98

Banking Phishing Social Engineering Authentication 98