August 21, 2024 at 02:27AM The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks with the objective to infect devices with malware, attributed to the threat cluster UAC-0020 (Vermin). The attacks involve phishing messages with photos of prisoners of war, leading to the installation of spyware SPECTR and new malware … Read more
August 20, 2024 at 02:22AM Cybersecurity researchers have reported ongoing attacks by Blind Eagle, an adaptable threat actor targeting entities and individuals in Latin American nations. The group employs spear-phishing tactics, geographical redirection, and process injection techniques to distribute trojans like AsyncRAT and NjRAT, enabling cyber espionage and financial credential theft campaigns. Kaspersky warns of … Read more
August 19, 2024 at 09:15AM Cyberint Research Team discovered a new malware, UULoader, being used by threat actors to deliver Gh0st RAT and Mimikatz. It’s distributed through malicious installers targeting Korean and Chinese speakers. Additionally, threat actors are using cryptocurrency-themed lure sites for phishing attacks and leveraging popular AI platforms for malicious activities, prompting a … Read more
August 15, 2024 at 09:21AM Google has disrupted an Iranian state-sponsored hacking campaign targeting individuals linked to the US elections. The campaign, attributed to APT42, targeted personal email accounts of former US officials and affiliates of President Biden and former President Trump. Google has proactively referred the activity to law enforcement and observed the use … Read more
August 15, 2024 at 06:39AM Google’s threat intelligence has uncovered an Iranian-linked group’s attempt to infiltrate the personal email accounts of individuals connected to President Biden and former President Trump. The group targeted Biden, Trump, and Vice President Harris, and its activities align with a broader pattern of attempts to disrupt the U.S. election. This … Read more
August 15, 2024 at 03:21AM A new threat actor, known as Actor240524, has launched cyber attacks targeting Azerbaijan and Israel to steal sensitive data, using spear-phishing emails and malware like ABCloader and ABCsync. The attacks aim to avoid detection through anti-sandbox and anti-analysis techniques. NSFOCUS attributes the attacks to disrupt the cooperative relationship between the … Read more
August 14, 2024 at 02:52PM Russia’s FSB cyberspies and a new group conducted a phishing campaign targeting US and European entities, including opposition figures, media outlets, and defense-industrial targets. Named “River of Phish,” the campaign aimed to steal user credentials and influence Western elections. The attackers impersonated colleagues and used encrypted PDFs to trick victims … Read more
August 14, 2024 at 11:16AM Email attacks have dramatically increased, with Abnormal Security’s H1 2024 analysis showing a 50% rise from H2 2023. CISO Mike Britton discusses the limitations of Multi-Factor Authentication (MFA), reasons for email attacks’ popularity, and the potential impact of AI on phishing. The report also highlights the surge in file-sharing attacks … Read more
August 12, 2024 at 08:36AM In 2023, phishing attacks impacted 94% of businesses, a 40% increase from the previous year. The surge is attributed to AI, particularly generative AI, facilitating the creation of malicious content, and PhaaS enabling easy access to skilled attackers. Threat actors now respond more quickly to evolving and planned events, capitalizing … Read more
August 8, 2024 at 12:21PM Kimsuky, a North Korea-linked threat actor, has been identified in new cyber attacks targeting university staff for intelligence gathering. The attacks involve spear-phishing campaigns and use of a web shell to capture credentials and stage phishing pages. To combat this, users are advised to enable multi-factor authentication and scrutinize URLs … Read more