August 14, 2024 at 02:15PM An ongoing social engineering campaign linked to the Black Basta ransomware group involves multiple intrusion attempts aiming at credential theft and deploying the SystemBC malware dropper. Threat actors use tactics such as email bombing, phone calls, and fake solutions to persuade users to download legitimate remote access software for deploying … Read more
May 4, 2024 at 12:19PM APT42, an Iranian state-backed threat actor, is using social engineering, specifically posing as journalists, to breach Western and Middle Eastern corporate networks and cloud environments. The group, affiliated with Iran’s IRGC-IO, targets NGOs, media outlets, and more. They employ custom backdoors “Nicecurl” and “Tamecat” to gain access and exfiltrate data. … Read more
November 2, 2023 at 03:24PM The Lazarus hacking group, believed to be linked to North Korea, has been targeting blockchain engineers of a cryptocurrency exchange platform with a new macOS malware called ‘KandyKorn’. The attackers use social engineering to trick victims into downloading a malicious ZIP file disguised as a legitimate arbitrage bot. The malware, … Read more