May 3, 2024 at 03:24PM The NSA and FBI warned of APT43, a North Korea-linked hacking group exploiting weak DMARC policies to launch spearphishing attacks. The attacks aim to gather intelligence on geopolitical events and gain access to private documents and communications. To mitigate this, organizations are advised to update their DMARC policies to prevent … Read more
May 3, 2024 at 12:15PM The US government warns of North Korea-linked hacking group Kimsuky exploiting weak email DMARC settings to conceal spear phishing attacks. They collect intelligence on geopolitical events and maintain access to information affecting North Korean interests. Kimsuky has been engaging in cyber activities since 2012 and conducts well-researched spear phishing campaigns. … Read more
May 3, 2024 at 05:45AM The U.S. government issued a cybersecurity advisory about North Korean threat actors using spear-phishing campaigns to gather intelligence. They exploit weak DMARC policies to send spoofed emails, targeting foreign policy experts. The group, known as Kimsuky, engages targets in prolonged, benign conversations to build trust and uses fake email addresses … Read more
April 26, 2024 at 10:23AM A campaign named “Dev Popper” is targeting developers with fake job interviews to trick them into downloading and running a Python remote access trojan (RAT), enabling the threat actors to gather system information and gain remote access. Analysts suspect North Korean involvement based on observed tactics. Similar tactics have been … Read more
April 24, 2024 at 10:48AM An elite team of Iranian hackers infiltrated US companies and government agencies’ employee accounts in a multiyear cyber espionage campaign, aiming to steal military secrets. Entities including the US Departments of Treasury and State, defense contractors, and a hospitality company were compromised. Four Iranian nationals have been indicted, but their … Read more
April 24, 2024 at 10:10AM The US has charged and sanctioned four Iranian nationals for their alleged roles in cyber attacks on US companies and government departments. They worked for fake companies linked to Iran’s military, carrying out multiple computer intrusions using methods like spearphishing and social engineering. The accused face up to 35 years … Read more
April 23, 2024 at 04:00PM Four Iranian nationals were indicted in Manhattan federal court for conducting a cyber-espionage campaign targeting U.S. government departments, defense contractors, and private firms, using sophisticated hacking techniques to access and compromise critical systems. The group, still at large, is accused of targeting over a dozen private US companies, primarily cleared … Read more
March 2, 2024 at 12:18AM The U.S. Department of Justice unsealed an indictment against an Iranian national, Alireza Shafie Nasab, for his alleged involvement in a cyber campaign targeting U.S. entities. The campaign involved spear-phishing and hacking techniques, leading to more than 200,000 victim devices being infected. Nasab faces significant prison time if convicted and … Read more
March 1, 2024 at 09:57AM The US Justice Department announced charges against Iranian national Alireza Shafie Nasab, accused of involvement in hacking operations targeting government and private sector organizations. His firm, Mahak Rayan Afraz, linked to cyberespionage, had ties to the IRGC. Nasab, now at large, faces charges carrying up to 20-year prison sentences, with … Read more
February 22, 2024 at 02:49PM Russian-linked threat actors carried out Operation Texonto, a multi-wave campaign targeting Ukraine. The operation involved PsyOps and spear-phishing to spread misinformation and steal Microsoft 365 credentials across Europe. It ran in two waves from October-December 2023. The tactics employed aimed to influence Ukrainian citizens and featured fake Microsoft login pages … Read more