Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. OpenSSH is also used for external access.

Phishing 102

Phishing Manufacturing Libraries IT 102

Data Breach Today

FEBRUARY 6, 2020

Inquiry Posing Interview Questions Designed to Steal Credentials In a recently discovered phishing campaign, hackers attempted to steal victims' passwords and credentials by posing as a former Wall Street Journal reporter and sending documents with potential interview questions, according to security firm Certfa.

Phishing 230

Phishing Passwords Security 230

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The operation was first documented on OSINT Fans by Gabor Szathmari in October 2020.

Phishing 115

Phishing Ransomware IT Access 115

IT Governance

SEPTEMBER 15, 2023

Welcome to our September 2023 catches of the month feature, which examines recent phishing scams and the tactics criminals use to trick people into compromising their data. Storm-0324’s phishing lures “typically reference invoices and payments, mimicking services such as DocuSign, Quickbooks, and others”.

Phishing 110

Phishing Mining Education Passwords 110

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption 105

Encryption Military Phishing Communications 105

IT Governance

JUNE 8, 2023

Phishing is one of the most common and dangerous forms of cyber crime. Despite an array of technological solutions designed to counter phishing attacks – from antimalware software to password protections – the main weapon in anyone’s arsenal should be knowledge and awareness. How common are phishing attacks?

Phishing 111

Phishing Data breaches Communications Ransomware 111

Security Affairs

MARCH 14, 2023

Microsoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime ecosystem Adversary-in-the-middle (AiTM) phishing kits are becoming an essential technology in the cybercrime ecosystem that is used by multiple threat actors to launch phishing attacks.

Phishing 74

Phishing Authentication Sales Passwords 74

IT Governance

AUGUST 7, 2023

Welcome to our August 2023 catches of the month feature, in which we explore the latest phishing scams and the tactics that cyber criminals use to trick people into handing over personal data. Check Point credits this rise to an extensive phishing campaign that told victims that there has been suspicious activity on their Microsoft account.

Phishing 98

Phishing Passwords Education Personal data 98

Data Breach Today

JULY 29, 2023

military job recruitment documents to lure Korean-speaking victims into downloading malware staged from legitimate but compromised South Korean websites, according to security researchers. Researchers Say APT37 Group Likely Behind Campaign Targeting South Koreans Government-backed North Korean hackers are posting convincing U.S.

Military 171

Military Phishing Government Security 171

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. ” concludes the report.

Military 93

Military Phishing Communications IT 93

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. CERT-UA discovered multiple phishing attacks aimed at government organizations between December 15 and December 25. file classified as MASEPIE.

Phishing 114

Phishing Computer and Electronics Communications Encryption 114

Security Affairs

JULY 9, 2021

Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in phishing attacks. Most of the phishing attacks leverage weaponized Microsoft Office documents and social engineering techniques to trick recipients into enabling the macros. Zeus OpenSSL).

Phishing 97

Phishing Security Passwords IT 97

IT Governance

JULY 6, 2023

Welcome to our July 2023 catches of the month feature, in which we explore the latest phishing scams and the tactics that cyber criminals use to trick people into handing over personal data. Quishing on the rise Cyber security researchers have discovered an extensive phishing campaign that uses QR codes as bait.

Phishing 98

Phishing Education Government Personal data 98

Security Affairs

JANUARY 6, 2022

Experts warn of a new phishing technique that abuses the commenting feature of Google Docs to send out emails that appear from a legitimate source. The attack chain is very simple, attackers create a Google Document using their Google account. SecurityAffairs – hacking, Phishing). The comment mentions the target with an @.

Phishing 108

Phishing Security IT Information Security 108

Security Affairs

JANUARY 28, 2021

Researchers from RiskIQ have discovered a new phishing kit dubbed LogoKit that dynamically compose phishing content. Researchers from RiskIQ discovered a new phishing kit that outstands for its ability to dynamically create phishing messages to target specific users. SecurityAffairs – hacking, Phishing).

Phishing 119

Phishing Cloud Passwords IT 119

Security Affairs

MAY 29, 2023

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials.

Encryption 88

Encryption Phishing Authentication Libraries 88

Security Affairs

APRIL 21, 2024

Every week the best security articles from Security Affairs are free for you in your email box. carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC.

Data breaches 95

Data breaches Security MDM Ransomware 95

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Here are four new phishing trends keeping businesses on their toes. Spear phishing. Phishing via texting.

Phishing 124

Phishing Passwords Cybersecurity Government 124

Security Affairs

AUGUST 15, 2022

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. More details + TTPs in this MSTIC blog: [link] — Microsoft Security Intelligence (@MsftSecIntel) August 15, 2022. Pierluigi Paganini.

Phishing 87

Phishing Education Security IT 87

Krebs on Security

NOVEMBER 2, 2018

Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. That phishing site prompted visitors to enter their account credentials — including usernames, passwords, one-time passcodes and PIN numbers — to unlock their accounts.

Phishing 233

Phishing Passwords IT 233

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? The post Researchers found alleged sensitive documents of NATO and Turkey appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Military 133

Military Manufacturing Phishing Government 133

Krebs on Security

APRIL 9, 2024

Microsoft today released updates to address 147 security holes in Windows, Office , Azure ,NET Framework , Visual Studio , SQL Server , DNS Server , Windows Defender , Bitlocker , and Windows Secure Boot. Yes, you read that right. “As far as I can tell, it’s the largest Patch Tuesday release from Microsoft of all time.”

Security 232

Security Phishing Authentication Passwords 232

Security Affairs

APRIL 21, 2023

Phishing attacks are a major threat to organizations, they remain a perennial choice of cybercriminals when it comes to hacking their victims. The infographic below outlines the most common types of phishing attacks used against individuals or businesses.

Phishing 78

Phishing Security awareness Passwords Education 78

Security Affairs

OCTOBER 24, 2021

Microsoft uncovered an extensive series of credential phishing campaigns that employed a custom phishing kit tracked as TodayZoo. Microsoft researchers uncovered a custom phishing kit, dubbed TodayZoo, that was used in an extensive series of credential phishing campaigns. com domain to send the phishing messages.

Phishing 114

Phishing Sales Archiving Passwords 114

IT Governance

JANUARY 11, 2023

Welcome to our January 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. This month, we delve into a scam that attempts to trick cyber security professionals and look at a new banking trojan that has experts worried.

Phishing 105

Phishing Education Access Personal data 105

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. The system does not hold any bank or credit card details.”

Phishing 132

Phishing Marketing Data breaches Personal data 132

Security Affairs

AUGUST 12, 2021

Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft revealed that a year-long spear-phishing campaign has targeted Office 365 customers in multiple attacks starting with July 2020. com , or api[.]statvoo[.]com Pierluigi Paganini.

Phishing 116

Phishing Passwords Encryption Security 116

IT Governance

AUGUST 10, 2021

Welcome to August’s review of phishing scams, in which we look at criminals’ latest tactics and provide examples of successful frauds. Microsoft issues alert about “crafty” phishing scams. Security researchers at Microsoft are again warning users about phishing scams imitating SharePoint.

Phishing 111

Phishing File names Security Risk 111

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Phishing Attacks: Phishing is the top cyber attack, causing 90% of data breaches. million unfilled cyber security jobs, showing a big need for skilled professionals. million per breach.

Security 120

Security Phishing IoT Ransomware 120

Security Affairs

DECEMBER 25, 2021

The phishing messages use weaponized Word or Excel attachments to install the Dridex banking Trojan. “This letter is to inform you that you have been exposed to a coworker who tested positive for OMICRON variant of COVID-19 sometime between December 18th and 20th,” reads a phishing message shared by Bleeping Computer.

Phishing 123

Phishing Passwords Security IT 123

IT Governance

MARCH 8, 2022

Welcome to our March 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal information. This month, we look at a phishing attack targeting Ukrainian citizens, the latest campaign imitating Tesco and a warning from HSBC.

Phishing 144

Phishing Military Access Education 144

Data Breach Today

APRIL 14, 2023

Pakistan-Linked APT Group Using Spear-Phishing to Plant Info Stealer Malware A suspected Pakistan espionage threat actor that relies on phishing emails is expanding to the education sector after years of focusing on the Indian military and government.

Education 144

Education Military Phishing Government 144

Security Affairs

JANUARY 21, 2021

Bad ops of operators of a phishing campaign exposed credentials stolen in attacks and made them publicly available through Google queries. . Check Point Research along with experts from cybersecurity firm Otorio shared details on their investigation into a large-scale phishing campaign that targeted thousands of global organizations.

Phishing 119

Phishing Passwords Manufacturing Cybersecurity 119

Security Affairs

MARCH 30, 2020

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. Upon opening the file, victims will need to ‘Enable Content’ to view the content of the protected document, but this action will trigger the infection process.

Phishing 137

Phishing Security IT Information Security 137

Security Affairs

AUGUST 9, 2020

Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. ” continues the analysis.

Phishing 143

Phishing Authentication Cybersecurity IT 143

The Last Watchdog

AUGUST 28, 2018

If there is a data breach or some other cybersecurity incident, a phishing attack was probably involved. Over 90 percent of incidents begin with a phishing email. One of the more infamous hacks in recent years, the DNC data breach , was the result of a phishing attack. Related: Carpet bombing of phishing emails endures.

Phishing 194

Phishing Data breaches Encryption Authentication 194

IT Governance

MAY 10, 2022

Welcome to our May 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. Cyber security researchers have identified a scam that targets people who are trying to gain verified accounts on Twitter.

Phishing 105

Phishing Education Government Personal data 105