Data Breach Today

SEPTEMBER 6, 2023

Phishing Platform Automates Big Business Email Compromise Attacks, Researchers Find A sophisticated phishing toolkit called W3LL Panel has been used to exploit at least 8,000 endpoints since the middle of last year to perpetrate costly business email compromise schemes, Group-IB reports.

Phishing 275

Phishing 275

Data Breach Today

APRIL 19, 2023

Russia's Invasion Tactics Include Creating Fake Hacktivist Groups, Researchers Find The Russian government continues to use an array of phishing attacks and information operations - including hack-and-leak efforts and running hacktivist groups such as CyberArmyofRussia - to support its illegal invasion of Ukraine, Google researchers report.

Phishing 268

Phishing Government IT 268

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. Another Internet address that showed up frequently in the Snatch server status page was 194.168.175[.]226 com and www-discord[.]com.

Ransomware 248

Ransomware Phishing Access Authentication 248

Krebs on Security

MAY 26, 2023

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta , which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.

Phishing 255

Phishing Mining IT 255

Data Breach Today

MARCH 22, 2024

Proofpoint Researchers Say Beware of Phishing Emails, Embedded Links in PDFs Iran-aligned threat actor TA450, also called MuddyWater, is using fake salary, compensation and financial incentive emails to trick Israeli employees at multi-national organizations into clicking malicious links, according to researchers at security firm Proofpoint.

Phishing 288

Phishing Security 288

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US This is noteworthy because.US is overseen by the U.S.

Phishing 228

Phishing Government Compliance Communications 228

Data Breach Today

MARCH 3, 2023

Mustang Panda Using MQsTTang Tool to Target Victims in Asia and Europe, Eset Finds Chinese APT group Mustang Panda is deploying a previously unseen malware backdoor dubbed MQsTTang as part of a spear-phishing campaign targeting governmental organizations, specifically in Ukraine and Taiwan, security firm Eset says.

Phishing 256

Phishing Security IT 256

Data Breach Today

JANUARY 16, 2021

Researchers: Charming Kitten Campaign Used SMS and Email Messages A recent phishing campaign tied to an Iranian hacking group known as Charming Kitten used SMS and email messages to spread malicious links to steal the email credentials of potential victims in the U.S.,

Phishing 176

Phishing Security 176

KnowBe4

MARCH 29, 2024

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.

Phishing 116

Phishing Security 116

Data Breach Today

MAY 28, 2021

Microsoft: Russians Used Malicious Messages Portrayed as Coming From USAID A Russian group that was behind the massive SolarWinds supply chain attack has returned with a fresh phishing campaign, according to Microsoft. This new campaign compromised a marketing firm used by the U.S.

Phishing 358

Phishing Marketing 358

Data Breach Today

APRIL 21, 2021

Group Used Fresh Tactic to Target South Korea Malwarebytes researchers report the North Korean APT group Lazarus rolled out a new weapon during a recent phishing campaign targeting South Korea in which the gang incorporated malicious BMP files in an image-laden document.

Phishing 313

Phishing 313

Data Breach Today

AUGUST 20, 2021

Spear-Phishing Campaign Exploits PowerPoint Vulnerability The Aggah APT group, believed to be of Pakistani origin, apparently was behind a recent spear-phishing campaign targeting manufacturing firms in Taiwan and South Korea, according to Anomali Threat Research.

Manufacturing 274

Manufacturing Phishing 274

Data Breach Today

JANUARY 16, 2021

Researchers Find Groups Hiding JavaScript Skimmers and Phishing Pages Several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a "bulletproof" hosting service called Media Land, according to researchers with RiskIQ.

Phishing 281

Phishing 281

Data Breach Today

JULY 9, 2020

Report: Little-Known Evilnum Group Relies on Spear-Phishing Emails A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K. and Europe over the past two years, using spear-phishing emails and social engineering to start their attacks, according to the security firm ESET.

Phishing 272

Phishing Security 272

Security Affairs

NOVEMBER 17, 2022

A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers from Cyjax reported that a China-based financially motivated group, dubbed Fangxiao, orchestrated a large-scale phishing campaign since 2017. Pierluigi Paganini.

Phishing 114

Phishing Retail Security IT 114

Data Breach Today

JULY 1, 2023

Attackers Updating Malware to Conduct Espionage by Distributing Phishing Links An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an updated version of the Powerstar backdoor, also known as CharmPower, which takes advantage of a distributed file protocol to distribute customized phishing links. (..)

Phishing 144

Phishing Government IT 144

Data Breach Today

MARCH 12, 2021

NimzaLoader Uses Nim Programming Language to Avoid Detection An ongoing spear-phishing campaign by the threat group TA800 is distributing a new malware loader based on the Nim programming language that's designed to help avoid detection, according to the cybersecurity company Proofpoint.

Phishing 307

Phishing Cybersecurity 307

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 190

Phishing Passwords Insurance Sales 190

Data Breach Today

MAY 3, 2021

Cybereason: Attack Used Previously Undocumented PortDoor Malware An attack group, likely based in China, recently conducted a spear-phishing attack against a defense contractor that develops nuclear submarine technology for the Russian Navy, according to the security firm Cybereason.

Phishing 287

Phishing Security 287

Data Breach Today

MAY 19, 2022

Review of 2021 Ransomware Attacks Also Finds Average Ransom Demand Was $247,000 Attackers who successfully infect targets with ransomware primarily first gain access by exploiting poorly secured remote desktop protocol or VPN connections or by using malware-laden phishing emails, reports security firm Group-IB, based on more than 700 attacks it investigated (..)

Phishing 245

Phishing Ransomware Access Security 245

Data Breach Today

DECEMBER 4, 2020

Researchers: 'Shadow Academy' Activity Coincided With Start of School Year A hacking group targeted 20 universities and other schools around the world earlier this year with a series of phishing campaigns designed to steal credentials, according to researchers at RiskIQ.

Phishing 275

Phishing 275

Data Breach Today

JULY 14, 2021

Proofpoint Describes Campaign That Uses Conference as a Lure The Iranian advanced persistent threat group TA453 has been conducting a series of spear-phishing attacks in an attempt to steal sensitive information from scholars who study the Middle East, according to Proofpoint.

Phishing 274

Phishing 274

Data Breach Today

JUNE 13, 2020

Suspected Russia-Linked Hackers Have Previously Focused on Ukraine The Gamaredon hacking group is now using a new set of malicious tools to compromise Microsoft Outlook as a way of sending spear-phishing emails to victims' contact lists, according to security firm ESET.

Phishing 321

Phishing Security 321

Data Breach Today

MAY 1, 2020

Top Victims Include Financial Services and Law Firms, Group-IB Warns A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB.

Phishing 332

Phishing Financial Services Security 332

Krebs on Security

AUGUST 9, 2021

The payment message displayed by the carding site phishing domain BriansClub[.]com. However, upon registering at the phishing site and clicking to fund my account, I was presented with the exact same Bitcoin address that Mitch said he paid. Shortly after it came online as a phishing site last year, BriansClub[.]com com, vclub[.]cards,

Phishing 354

Phishing Blockchain IT Marketing 354

Data Breach Today

MARCH 31, 2021

Proofpoint: Attackers Tried to Harvest Microsoft Office Credentials The Iranian-linked threat group TA453, also known as Charming Kitten and Phosphorus, conducted a phishing campaign, dubbed "BadBlood," in late 2020 that targeted senior U.S.

Phishing 280

Phishing 280

Security Affairs

NOVEMBER 20, 2023

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. The economically motivated APT group used specially crafted archives in phishing attacks against forum users through online trading forum posts. ” reads the report published by NSFOCUS.

Phishing 139

Phishing Archiving Financial Services Cybersecurity 139

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. ua-passport[.]space space and id[.]bigmir[.]space.

Military 111

Military Phishing CMS Government 111

Data Breach Today

MARCH 31, 2022

Actors From China, Iran, North Korea and Russia Using Ukraine War-Related Themes Researchers have observed a growing number of threat actors using the Russia-Ukraine war as a lure in phishing and malware campaigns to target the military of multiple Eastern European countries, as well as a NATO Center of Excellence, according to Google's Threat Analysis (..)

Phishing 241

Phishing Military 241

Security Affairs

APRIL 18, 2024

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign.

Phishing 112

Phishing Manufacturing Libraries IT 112

Data Breach Today

NOVEMBER 24, 2020

Researchers: TA416 Ramping Up Phishing Emails Targeting Diplomatic Missions A Chinese advanced persistent threat group has recently begun ramping up its activities with a new phishing campaign leveraging updated malware that's targeting diplomatic missions around the world to collect data and monitor communications, according to Proofpoint.

Phishing 243

Phishing Communications IT 243

Data Breach Today

DECEMBER 10, 2020

Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.

Phishing 293

Phishing Security 293

Data Breach Today

DECEMBER 10, 2020

Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.

Phishing 287

Phishing Security 287

Data Breach Today

JUNE 25, 2020

Researchers: 'CryptoCore' Group Used Spear-Phishing Emails to Lure Victims A hacking group dubbed CryptoCore has stolen more than $200 million in virtual currency from several cryptocurrency exchanges over the past two years, the security firm ClearSky Cyber Security reports.

Phishing 261

Phishing Security 261

Security Affairs

JULY 22, 2021

Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. A typical attack, analyzed by Group-IB researchers, started with an email, SMS, or WhatsApp message impersonating a real financial organization.

Phishing 108

Phishing Sales Access IT 108

Data Breach Today

MAY 28, 2020

Google: Hackers Using COVID-19 Phishing Themes to Target Businesses "Hack-for-hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group.

Financial Services 284

Financial Services Phishing 284

Data Breach Today

MARCH 21, 2024

Also: UnitedHealth Group, Nemesis Market, Phishing Tricks and AceCryptor This week, Flipper Devices petitioned Canada, UnitedHealth Group dealt with its attack, Nemesis Market was seized, phishers fooled ML, AceCryptor returned to Europe, Brazil and Ukraine made arrests, another Ivanti flaw, London rebuked for possible data exposure, and Fujitsu reported (..)

Phishing 291

Phishing Marketing IT 291