Malwarebytes

FEBRUARY 16, 2021

When COVID-19 cases first began spiking in several countries, cybercriminals preyed upon people’s fears mercilessly, with an avalanche of coronavirus phishing emails and scams. As the manufacturing and automotive sectors contracted, attackers simply turned their faces to agriculture and other essential industries instead.

Malware 132

Malware Scams Spyware Healthcare 132

Security Boulevard

MARCH 17, 2025

The reality is, the original findings found undocumented commands - that were likely manufacturer debugging tools - shipped in the final, consumer-facing products. In theory, these could be abused for malicious actions.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

SecureList

NOVEMBER 28, 2024

Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails. Most of the infections were still at financial institutions in Vietnam, with one victim active in the manufacturing industry. In terms of victimology, there was little change.

Malware 116

Malware Government Software Spyware 116

eSecurity Planet

FEBRUARY 16, 2021

Most device or software manufacturers place backdoors in their products intentionally and for a good reason. Attackers often use botnets to send out spam or phishing campaigns to carry out distributed denial of service (DDoS) attacks. Additional features of botnets include spam, ad and click fraud, and spyware. Bots and botnets.

Malware 105

Malware Adware Spyware Antivirus 105

SecureList

SEPTEMBER 13, 2023

Percentage of ICS computers on which malicious objects were blocked in Africa and regions of Asia Individual industries In H1 2023, the percentage of ICS computers on which malicious objects were blocked increased in engineering and ICS integration (by 2 pp), manufacture (by 1.9 pp) and energy (by 1.5

Spyware 136

Spyware Internet Internet Manufacturing 136

Security Affairs

MARCH 22, 2021

Building automation, automotive manufacturing, energy and oil & gas, suffered major increases in the ICS engineering sector. European ICS engineering organizations were mainly targeted by phishing campaigns attempting to deliver spyware and cryptominers. In H2 2020, 39.3%

Engineering 141

Engineering VPN Accountability Software 141

SecureList

DECEMBER 9, 2024

User data was stolen from Cisco Duo, a service that provides organizations with multi-factor authentication (MFA) and single sign-on (SSO) network access, as a consequence of a phishing attack targeting an employee of a third-party telephony provider. The breach allowed the threat actor to download SMS message logs. Why does it matter?

Internet 106

Internet Internet Risk Social Engineering 106

Security Affairs

OCTOBER 1, 2023

million newborns and pregnancy care patients Xenomorph malware is back after months of hiatus and expands the list of targets Smishing Triad Stretches Its Tentacles into the United Arab Emirates Crooks stole $200 million worth of assets from Mixin Network A phishing campaign targets Ukrainian military entities with drone manual lures Alert!

Artificial Intelligence 127

Artificial Intelligence Firmware Data breaches Hacking 127

eSecurity Planet

SEPTEMBER 11, 2023

Sending phishing emails to engineers can be used as an exploitation technique to get them to import malicious configuration files ( CVE-2023-31171 ), which results in arbitrary code execution. Business email compromise (BEC) assaults were the main aim of this large phishing effort, which resulted in significant financial losses.

VPN 116

VPN Authentication Firmware Phishing 116

Security Affairs

JANUARY 10, 2021

The Brazilian aerospace giant Embrarer manufactures commercial, executive and military aircraft and are the world’s third largest aircraft manufacturer after Boeing and Airbus. For more information on this, see: Manchester United Football Club Cyber Attack. 30 th November 2020 – Embrear ( www.embrear.com ).

Cyber Attacks 124

Cyber Attacks Government Software Surveillance 124

Pen Test Partners

JANUARY 14, 2025

Researching them online was difficult as manufacturer and product names are chaotic. The ability to manipulate partitions on the device is especially concerning because it allows for a wide range of malicious activities, including rooting the device, installing spyware or creating backdoors for further exploitation.

Firmware 75

Firmware Malware Manufacturing Mobile 75

eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity 123

Cybersecurity DDOS Penetration Testing Passwords 123

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The manufacturer of the mobile device preloads an adware application or a component with the firmware. Pandemic theme in mobile threats. apk and coviddetect.apk. Statistics.

Mobile 145

Mobile Malware Adware Banking 145

SecureList

NOVEMBER 18, 2022

It also turned out that the motherboards infected in all known cases came from just two manufacturers. First, the threat actor sends a spear-phishing email to the potential victim with a lure to download additional documents. The attackers gained access to the enterprise network using carefully crafted phishing emails.

Malware 123

Malware Computers and Electronics Adware Cryptocurrency 123

Google Security

JULY 27, 2023

In 2022, across the Android ecosystem we saw a series of cases where the upstream vendor had released a patch for the issue, but the downstream manufacturer had not taken the patch and released the fix for users to apply. Anyone who visits that site is then exploited and delivered the final payload (usually spyware).

Spyware 94

Spyware Manufacturing Internet Internet 94

SecureList

DECEMBER 1, 2023

However, they included an additional module that constantly monitored the messenger and sent data to the spyware creator’s C2 server. The group has targeted numerous companies around the world, with victims including retailers, financial and logistical services companies, government agencies and manufacturers.

Malware 137

Malware Ransomware Encryption Energy and Utilities 137

eSecurity Planet

MARCH 22, 2023

Asset Discovery Controls Unauthorized devices can intercept or redirect network traffic through attacks such as connecting unauthorized computers to the network, deploying packet sniffers to intercept network traffic, or delivering a phishing link to a man-in-the-middle attack to steal login credentials and data.

Firewall 111

Firewall Network Security Penetration Testing Encryption 111

SecureList

FEBRUARY 19, 2025

To rush users into entering their data carelessly, on the phishing page, the scammers displayed warnings about dwindling accommodation availability and an imminent payment deadline for the booking. Potential victims were prompted to check their profile by entering their login credentials into a phishing form.

Phishing 81

Phishing Scams Cryptocurrency Computers and Electronics 81

SecureList

DECEMBER 27, 2024

Percentage of ICS computers on which malicious objects were blocked in selected industries In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased across most industries, with the exception of the biometrics and manufacturing sectors. pp) and 1.97% (by 0.01 pp), respectively.

Malware 99

Malware Spyware Internet Internet 99