Threat Actors Target Accounting Software Used by Construction Contractors

Malicious hackers are caught brute-forcing Foundation Accounting Software at scale, compromising organizations in the construction industry.
The post Threat Actors Target Accounting Software Used by Construction Contractors appeared first on SecurityWe… Continue reading Threat Actors Target Accounting Software Used by Construction Contractors

Server-side attacks, C&C in public clouds and other MDR cases we observed

This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. We hope that it helps you to stay up to date on the modern threat landscape and to be better prepared for attacks. Continue reading Server-side attacks, C&C in public clouds and other MDR cases we observed

Russian hackers using stolen corporate email accounts to mask their phishing attempts

Hackers working for Russian military intelligence have long relied on zero-days and malware to target their victims, but in the last year they’ve kept it simple — using previously hacked email accounts to send a wide array of phishing attempts, according to new research from security firm Trend Micro. Since at least May of last year, the group known as Fancy Bear, APT28, or Pawn Storm, has used hacked email accounts belonging to high-profile personnel working at defense firms in the Middle East to carry out the operation, according to Feike Hacquebord, a senior threat researcher at Trend Micro. “The actor connects to a dedicated server using the OpenVPN option of a commercial VPN provider and then uses compromised email credentials to send out credential spam via a commercial email service provider,” Hacquebord writes in the research. The group, which the U.S. Department of Justice linked with Russia’s Main Intelligence Directorate […]

The post Russian hackers using stolen corporate email accounts to mask their phishing attempts appeared first on CyberScoop.

Continue reading Russian hackers using stolen corporate email accounts to mask their phishing attempts