Defending Against State and State-Sponsored Threat Actors
State and state-sponsored threat actors are the apex predators of the cybersecurity world. Continue reading Defending Against State and State-Sponsored Threat Actors
Category Archives: spearphishing
Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users
It remains unknown as to why Microsoft is allowing a spoof of their very own domain against their own email infrastructure. Continue reading Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users
Kaspersky catches hacker-for-hire group using ‘PowerPepper’ malware
The hack-for-hire business is thriving. Following the revelation in November that a new mercenary group had targeted organizations in South Asia, researchers on Thursday outlined how another suspected hack-for-hire shop has used malicious code to try to breach organizations in Europe and the Americas. It’s the latest innovation in a bustling market for buying access to government and corporate networks in a range of industries. The new code, uncovered by analysts at security firm Kaspersky, can be used to remotely take over victim devices, and it interacts with the attackers via a communications-concealing protocol. The group responsible for the malware, known theatrically as DeathStalker, has been around for at least eight years but has only drawn public scrutiny in recent months, according to Kaspersky. And researchers have more digging to do. “PowerPepper,” as the new malware is known, “is already the fourth malware strain affiliated with the actor, and we have discovered […]
The post Kaspersky catches hacker-for-hire group using ‘PowerPepper’ malware appeared first on CyberScoop.
Continue reading Kaspersky catches hacker-for-hire group using ‘PowerPepper’ malware
Think-Tanks Under Attack by Foreign APTs, CISA Warns
The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors. Continue reading Think-Tanks Under Attack by Foreign APTs, CISA Warns
Hacker-for-hire group targeting South Asian organizations, research says
There’s a new cyber mercenary group on the block, and they’re going after targets in more than a dozen countries around the globe, according to BlackBerry research published Thursday. The hack-for-hire shop, which BlackBerry is calling “CostaRicto,” has largely gone after targets in South Asia, especially in India, Bangladesh and Singapore, according to BlackBerry. Some of its targeting has also been located in Africa, the Americas, Australia and Europe, including in Austria, the Bahamas, France, Mozambique, the Netherlands and Portugal, the researchers write in a blog on the group. It isn’t exactly clear who the hackers-for-hire are, but given that their targets tend to be focused in South Asia, BlackBerry researchers suggest they may be based in that region. The disparate targeting and characteristics of their toolset suggest they are working on behalf of clients, BlackBerry reachers write. CostaRicto targets victims with a custom backdoor that appeared last October, but has […]
The post Hacker-for-hire group targeting South Asian organizations, research says appeared first on CyberScoop.
Continue reading Hacker-for-hire group targeting South Asian organizations, research says
Munich Security Conference attendees targeted with Iran-linked spearphishing, Microsoft says
Iranian government-linked hackers have been sending spearphishing emails to large swaths of high-profile potential attendees of upcoming the Munich Security Conference as well as the Think 20 Summit in Saudi Arabia, according to Microsoft research. The Iranian attackers, known as Phosphorous, have disguised themselves as conference organizers and have sent fake invitations containing PDF documents with malicious links to over 100 possible invitees of the conferences, both of which are prominent summits dedicated to international security and policies of the world’s largest economies, respectively. In some cases the attackers have been successful in guiding some victims to those links, which lead victims to credential-harvesting pages, Tom Burt, corporate vice president of Microsoft Security and Trust announced in blog published Wednesday morning. “We believe Phosphorus is engaging in these attacks for intelligence collection purposes,” Burt wrote in the blog. “The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape […]
The post Munich Security Conference attendees targeted with Iran-linked spearphishing, Microsoft says appeared first on CyberScoop.
Five Cloud Security Considerations for CISOs
Discover How You Can Protect Users and the Organization in Today’s New Normal
The past six months have been a whirlwind of change. Security teams across the world have scrambled to empower distributed users with the tools and information they need… Continue reading Five Cloud Security Considerations for CISOs
Feds Sound Alarm Over Emotet Attacks on State, Local Govs
CISA warned already-strained public-sector entities about disturbing spikes in Emotet phishing attacks aimed at municipalities. Continue reading Feds Sound Alarm Over Emotet Attacks on State, Local Govs
PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict
Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to the current conflict with Armenia. Continue reading PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict
OldGremlin Ransomware Group Bedevils Russian Orgs
The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March. Continue reading OldGremlin Ransomware Group Bedevils Russian Orgs