COBALT DICKENS Launched New Phishing Operation against Universities

The COBALT DICKENS threat group stayed busy over the summer by launching a new global phishing operation targeting universities. In July and August 2019, Secureworks’ Counter Threat Unit (CTU) researchers observed COBALT DICKENS using compromised… Continue reading COBALT DICKENS Launched New Phishing Operation against Universities

‘Cobalt Dickens’ group is phishing universities at scale again, researchers say

An Iran-linked hacking group whose operatives the U.S. government indicted last year has launched a phishing operation to steal login credentials against computer users at over 60 universities in the United States, the United Kingdom, and elsewhere, researchers said Wednesday. The campaign, whose aim is likely intellectual property theft, sees victims redirected to spoofed login pages, where their passwords are stolen, said Secureworks, a Dell-owned cybersecurity company that discovered the activity. “The threat actors have not changed their operations despite law enforcement activity, multiple public disclosures, and takedown activity,” Secureworks said in a blog post. The most high-profile attempt to disrupt the hackers was the charges the U.S. Department of Justice announced in March 2018 against nine Iranian nationals for breaching the networks of multiple U.S. universities, federal government agencies and U.S. companies. And yet the hacking group, which Secureworks dubs Cobalt Dickens, has used some of the same domains in their new […]

The post ‘Cobalt Dickens’ group is phishing universities at scale again, researchers say appeared first on CyberScoop.

Continue reading ‘Cobalt Dickens’ group is phishing universities at scale again, researchers say

Security Boulevard’s 5 Most Read Stories for the Week, August 20-24

A new week, a new crop of security stories. Last week, malware complacency, Russian cyberspies, GDPR compliance and Mirai IoT malware made the headlines. In addition, we analyzed top security threats for web apps. Be sure to check Security Boulevard d… Continue reading Security Boulevard’s 5 Most Read Stories for the Week, August 20-24

A week in security (August 20 – 26)

A roundup of the security news from August 20 – 26, including a look at insider threats, several breaches, and what tech giants Google and Facebook are doing about their privacy issues.
Categories:

Security world
Week in security

Tags: a … Continue reading A week in security (August 20 – 26)

Mirai IoT Malware Variant Abuses Linux Cross-Compilation Framework

Researchers have found a malware program based on Mirai that has binaries for many platforms and CPU architectures, allowing it to run even on Linux servers or Android phones. The difficulty of compiling malware that works out of the box on the large … Continue reading Mirai IoT Malware Variant Abuses Linux Cross-Compilation Framework

Cobalt Dickens threat group looks to be similar to indicted hackers

A mass credential-stealing campaign by hackers linked to the Iranian government and targeting 76 universities around the world was discovered this month by Secureworks, an Atlanta-based cybersecurity company owned by Dell. The campaign involved 16 domains, 300 spoofed websites and fake login pages, 76 targeted universities and 14 countries including the United States, Canada, United Kingdom and Japan, the company announced. “Universities are attractive targets for threat actors interested in obtaining intellectual property,” Secureworks’ researchers said on Friday. “In addition to being more difficult to secure than heavily regulated finance or healthcare organizations, universities are known to develop cutting-edge research and can attract global researchers and students.” The campaign is ongoing with the most recent domain having been registered on Aug. 19. Carried out by hackers that Secureworks researchers dub Cobalt Dickens, this campaign used some of the same infrastructure as the Iranian hackers indicted by the United States in […]

The post Cobalt Dickens threat group looks to be similar to indicted hackers appeared first on Cyberscoop.

Continue reading Cobalt Dickens threat group looks to be similar to indicted hackers