Data Breach Today

APRIL 14, 2023

Pakistan-Linked APT Group Using Spear-Phishing to Plant Info Stealer Malware A suspected Pakistan espionage threat actor that relies on phishing emails is expanding to the education sector after years of focusing on the Indian military and government.

Education 144

Education Military Phishing Government 144

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? Also, in September 2020, it was reported that Russian hackers targeted government agencies in NATO member countries, and nations who cooperate with NATO -> Link.” Pierluigi Paganini.

Military 133

Military Manufacturing Phishing Government 133

IT Governance

MARCH 8, 2022

Welcome to our March 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal information. This month, we look at a phishing attack targeting Ukrainian citizens, the latest campaign imitating Tesco and a warning from HSBC.

Phishing 144

Phishing Military Access Education 144

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the third campaign, threat actors targeted the Rostec defense conglomerate, the phishing messages used build_rosteh4.exe This campaign primarily targeted RT TV employees. exe for its malware. Pierluigi Paganini.

Government 104

Government Phishing Archiving Cybersecurity 104

Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year. Pierluigi Paganini.

Phishing 90

Phishing Archiving Government Passwords 90

IT Governance

JANUARY 11, 2023

Welcome to our January 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. A new phishing campaign has been discovered that imitates Flipper Zero, a cyber security tool used by penetration testers and white-hat hackers.

Phishing 105

Phishing Education Access Personal data 105

IT Governance

AUGUST 10, 2021

Welcome to August’s review of phishing scams, in which we look at criminals’ latest tactics and provide examples of successful frauds. Microsoft issues alert about “crafty” phishing scams. Security researchers at Microsoft are again warning users about phishing scams imitating SharePoint.

Phishing 111

Phishing File names Security Risk 111

Dark Reading

JULY 14, 2022

Attackers use scam security checks to steal victims' government documents, photos, banking information, and email passwords, researchers warn.

Phishing 131

Phishing Passwords Government Security 131

Security Affairs

MAY 30, 2021

Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. reads the analysis published by Cofense.

Phishing 98

Phishing Authentication Access Passwords 98

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing 115

Phishing Government Security IT 115

Security Affairs

MAY 28, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. The phishing campaign detected by MSTIC leveraged the Google Firebase platform to provide an ISO file containing the malicious code.

Phishing 90

Phishing Military Government IT 90

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:?

Phishing 84

Phishing Military Ransomware Encryption 84

Security Affairs

AUGUST 17, 2020

Threat actors used a decoy document titled “Pyongyang e-mail lists – April 2017” and it contained the email addresses and phone numbers of individuals working at organizations such as the United Nations, UNICEF and embassies linked to North Korea. The KONNI malware also employed in at least two campaigns in 2017. Pierluigi Paganini.

Phishing 119

Phishing Cybersecurity Access Security 119

Security Affairs

MARCH 8, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia.

Government 79

Government Communications Phishing IT 79

IT Governance

MAY 12, 2021

Welcome to May’s round-up of phishing scams. SharePoint users are being warned about targeted phishing attacks that claim users must urgently provide a signature on a document. SharePoint users are being warned about targeted phishing attacks that claim users must urgently provide a signature on a document.

Phishing 90

Phishing Data breaches Access Passwords 90

IT Governance

JUNE 4, 2020

One of the more damaging side-effects of the coronavirus pandemic has been the increase in targeted phishing scams. As of 15 May, the UK’s cyber crime agency had uncovered 7,796 phishing emails linked to COVID-19. Phishing is just one of many security problems that the coronavirus pandemic is causing organisations.

Phishing 119

Phishing Insurance Sales Marketing 119

Security Affairs

NOVEMBER 20, 2018

Security researchers Palo Alto Networks have analyzed the techniques adopted by Iran-linked APT group OilRig (aka APT34 ) to test the weaponized documents before use in attacks. The testing activity analyzed by Palo Alto Network preceded the August 2018 attacks on a Middle-Eastern government.

Phishing 83

Phishing Government Security IT 83

Krebs on Security

JANUARY 30, 2024

The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. On July 28 and again on Aug. According to an Aug.

Passwords 309

Passwords Phishing Access Encryption 309

Security Affairs

FEBRUARY 23, 2020

Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. . “CrimsonRAT has been known to target diplomatic and government organizations in Southeast Asia.” Pierluigi Paganini.

Government 114

Government File names Passwords Phishing 114

Adam Levin

JANUARY 15, 2019

citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown. The two primary websites created by the government as resources for victims of identity theft, IdentityTheft.gov and FTC.gov/complaint , are currently offline as part of the partial shutdown of the Federal Trade Commission.

Government 87

Government Phishing Encryption Communications 87

IT Governance

JUNE 6, 2019

Phishing is one of the most longstanding and dangerous methods of cyber crime. Despite what people think they know about phishing, they consistently fall victim. According to Verizon’s 2019 Data Breach Investigations Report , 32% of all cyber attacks involved phishing. The message is sent from a public email domain.

Phishing 111

Phishing IT Communications Access 111

IT Governance

JANUARY 7, 2020

Want to stay up to date with the latest phishing scams ? In our first review of 2020, we look at a new twist on a PayPal scam, and discuss data breaches at an IVF treatment facility and in the Singapore government. Latest PayPal phishing scam goes for more than just your login details. Login vs log in.

Phishing 94

Phishing Passwords Access Government 94

IT Governance

NOVEMBER 9, 2018

Football world-governing body FIFA has admitted that its systems suffered a sustained phishing hack earlier this year. In March, more than 70 million documents and 3.4 It is believed that the breach was caused by an employee falling for a phishing scam. Otherwise you don’t go anywhere.

Phishing 87

Phishing Data breaches Risk Encryption 87

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches 95

Data breaches Security MDM Ransomware 95

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. QakBot is most commonly delivered via email phishing lures disguised as something legitimate and time-sensitive, such as invoices or work orders.

Ransomware 244

Ransomware Government Military Access 244

Security Affairs

OCTOBER 27, 2023

The French National Agency for the Security of Information Systems ANSSI (Agence Nationale de la sécurité des systèmes d’information) warns that the Russia-linked APT28 group has been targeting multiple French organizations, including government entities, businesses, universities, and research institutes and think tanks.

Military 106

Military Phishing Government Security 106

The Last Watchdog

SEPTEMBER 25, 2023

According to Verizon’s 2023 Data Breach Investigations Report, 74% of breaches were caused by human error, with phishing and text message phishing scams being some of the leading causes. Taking an active role Your cybersecurity policy should address your employees and technology systems. Employee training is crucial.

Cybersecurity 222

Cybersecurity Data breaches Compliance Phishing 222

Security Affairs

AUGUST 17, 2023

Russia-linked APT29 used the Zulip Chat App in attacks aimed at ministries of foreign affairs of NATO-aligned countries EclecticIQ researchers uncovered an ongoing spear-phishing campaign conducted by Russia-linked threat actors targeting Ministries of Foreign Affairs of NATO-aligned countries. zulipchat[.]com) ” concludes the report.

Phishing 88

Phishing Manufacturing Government Authentication 88

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. Pierluigi Paganini.

Government 80

Government Computer and Electronics Archiving Phishing 80

Security Affairs

DECEMBER 10, 2020

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is leveraging COVID-19 as phishing lures in a new wave of attacks aimed at distributing the Go version of their Zebrocy (or Zekapab) malware. ” concludes the report.

Phishing 104

Phishing Healthcare Military Data collection 104

Security Affairs

MAY 9, 2020

Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations. The email messages used an attachment disguised as an Indonesian health department document to deliver a variant of the Lokibot malware. ” continues the report.

Government 64

Government Energy and Utilities Insurance Phishing 64

Security Affairs

SEPTEMBER 29, 2023

According to our team, the exposed files belonged to the WBSC, the world governing body for baseball, softball, and Baseball5 – a recently introduced sport combining the previous two. Government-issued documents are arguably the most important form of identification a person holds. the team said.

Risk 115

Risk Phishing Government Cloud 115

Security Affairs

APRIL 16, 2022

Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team (CERT-UA) uncovered new phishing campaigns aimed at infecting systems of Ukrainian government agencies with the IcedID malware. Patch 1 and 8.8.x x before 8.8.7

Phishing 80

Phishing Government Authentication Cybersecurity 80

Security Affairs

JULY 23, 2021

This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types of unique documents, it is difficult to estimate the number of people exposed in this breach. Pictured: Example of Leaked Documents: Real Estate Tax Bill. Original post at [link].

Personal data 99

Personal data Data breaches Phishing Government 99

Security Affairs

JULY 12, 2023

The issue, tracked as CVE-2023-36884 , was exploited by nation-state actors and cybercriminals to gain remote code execution via malicious Office documents. The company revealed that it is aware of high-targeted attacks that attempt to exploit these issues through specially-crafted Office documents. ” reads the post.

Phishing 86

Phishing Security Government IT 86

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. backed media outlet that ran stories examining the Chinese government’s treatment of Uyghur people living in its Xinjian region. Image: FBI.

Government 353

Government Mining Big data Phishing 353

Security Affairs

JUNE 6, 2022

A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in Europe and the U.S. An alleged nation-state actor is attempting to exploit the recently disclosed Microsoft Office Follina vulnerability in attacks aimed at government entities in Europe and the U.S.

Phishing 98

Phishing Archiving Cybersecurity Government 98