Most major economies in Africa experienced fewer overall cyber threats in 2023, but there were some dramatic exceptions: Kenya suffered a 68% rise in ransomware attacks, while South Africa saw a 29% jump in phishing attacks targeting sensitive information.
The overall trend is one of change.…
New research from Recorded Future’s Insikt Group examines newly discovered infrastructure related to the operators of Predator, a mercenary mobile spyware. This infrastructure is believed to be in use in at least eleven countries, including Angola, Armenia, Botswana, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, the Philippines, Saudi Arabia, and Trinidad and Tobago.…
Brave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called “Leo” is rolling out on the Android version of its browser through the latest release, version 1.63.
Leo can perform a wide range of tasks, including summarizing webpages or videos, answering questions on given content, translating pages, writing code, creating transcriptions from video or audio clips, and generating written content.…
Lookout recently discovered an advanced phishing kit exhibiting novel tactics to target cryptocurrency platforms as well as the Federal Communications Commission (FCC) via mobile devices. Following the tactics of groups like Scattered Spider, this kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs and even photo IDs from hundreds of victims, mostly in the United States.…
Today Mandiant is releasing a blog post about suspected Iran-nexus espionage activity targeting the aerospace, aviation and defense industries in Middle East countries, including Israel and the United Arab Emirates (UAE) and potentially Turkey, India, and Albania.
Mandiant attributes this activity with moderate confidence to the Iranian actor UNC1549, which overlaps with Tortoiseshell—a threat actor that has been publicly linked to Iran’s Islamic Revolutionary Guard Corps (IRGC).…
The folder also contained an LNK file and a __MACOS folder with payload, this time timestamped Dec. 22, 2023.
Similar to the previously analyzed archive, several stages lead to this last stage (namely Cobalt Strike), only with different configurations. The C&C server name abuses the name of the cybersecurity company Cybereason.…
The figures above are based on detection statistics received from Kaspersky users who consented to sharing usage data with Kaspersky Security Network. The data for years preceding 2023 may differ from that published previously, as the calculation methodology was refined, and the data was retrospectively revised in 2023.…
Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals.
The security breach occurred on Sunday 18 February 2024, but Tangerine management became aware of the incident on Tuesday 20 February 2024.
The telco notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. …
DCSO CyTec Blog
·
Follow
14 min read ·Feb 21, 2024
—
Earlier this year, DCSO observed an intriguing malware sample first uploaded to VirusTotal in mid-January 2024 that we believe to be part of North Korea-linked activity targeting the Russian Ministry of Foreign Affairs.…
We are connected to the digital world that provides us with numerous utilities and entertainment, but sometimes it presents us with undesirable encounters. Online frauds and scams are examples of such encounters. Online scams are not simply at the level of disrupting individuals’ daily lives like mass-marketed commercial spam emails.…
Scattered Spider (aka UNC3944, Scatter Swine, Muddled Libra, Octo Tempest, Oktapus, StarFraud) is a lucrative intrusion set active since at least May 2022, primarily engaged in social engineering, ransomware, extortion campaigns and other advanced techniques.
The intrusion set employs state-of-the-art techniques, particularly related to social engineering, such as impersonation of IT personnel to deceive employees for targeted phishing, SIM swapping, leverage of MFA fatigue, and contact with victims’ support teams.…
Today’s attackers are taking advantage of changing business dynamics to target people everywhere they work. Staying current on the latest cybersecurity attack vectors and threats is an essential part of securing the enterprise against breaches and compromised data.…
Affected Platform: AndroidImpacted Users: Android users with mobile crypto wallet or banking applicationsImpact: Financial LossSeverity Level: Medium
Spynote is a Remote Access Trojan that initially surfaced in 2020. Since then, it has grown into one of the most common families of malware for Android, with multiple samples, integration of other RATs (e.g.…
Identifier: TRR240201.
SummaryFollowing an X post by IntezerLab about an attack campaign that they dubbed “SameCoin”, we analyzed the samples they discovered and found a few identical variants. The infection vector appears to be an email impersonating the Israeli National Cyber Directorate, which tricks the reader into downloading malicious files which are presented as ‘security patches’.…
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their bills or look for ways to save money, scammers are just a phone call away.
Enter the utility scam, where crooks pretend to be your utility company so they can threaten and extort as much money from you as they can.…
Though QR codes were once on the verge of extinction, many consumers are used to seeing them in the wild for ordering at restaurants, or as mainstays on storefront doors informing customers how they can sign up for a newsletter or score a sweet deal.
The use of QR codes saw a resurgence during the COVID-19 pandemic as a non-contact way for consumers to obtain important information.…
Authored by Dexter Shin
MoqHao is a well-known Android malware family associated with the Roaming Mantis threat actor group first discovered in 2015. McAfee Mobile Research Team has also posted several articles related to this malware family that traditionally targets Asian countries such as Korea and Japan. …