28 Jul 2021

Praying Mantis Threat Group Targeting US Firms in Sophisticated Attacks

Security researchers at Sygnia reported observing attacks originating from a sophisticated threat actor that bore resemblance to the hallmarks of an Australian campaign that targeted high-profile public and private entities. According to the researchers, the campaign targeting Australia last year seems to have shifted its focus to the US. The

Read More
15 Jul 2021

Chinese Hackers Target Government Entities in Widespread Campaign

According to a new report from Kaspersky, a recently discovered advanced persistent threat (APT) dubbed LuminousMoth is targeting a large number of organizations in South Asia. The campaign involves cyberespionage attacks on organizations and government entities and has been ongoing since at least October 2020. Contrary to similar attacks that

Read More
12 Jul 2021

Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign

Researchers have discovered a global effort to steal information from international companies in the oil and gas sector. According to experts, the campaign has been underway for more than a year and uses sophisticated social engineering tactics to deliver Agent Tesla and other remote access trojans (RATs). Researchers at Intezer

Read More
11 Jun 2021

‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the

Read More
04 May 2021

Suspected Iranian Ransomware Group Targets Israeli Firms

Hackers suspected to have ties to Iran have reportedly targeted multiple Israeli companies with ransomware, representing a new campaign of attacks against the nation. The group calls itself N3tw0rm, or Networm, publishing evidence of different attacks to a dark website where they take responsibility for their hacks. On Sunday, the

Read More
13 Apr 2021

Microsoft Warns of Malware Delivery via Google URLs

Microsoft has warned of a new campaign utilizing legitimate website contact forms to target victims with URLs that ultimately deliver a banking Trojan. The attack campaign is delivering the IcedID banking Trojan to businesses via emails containing fake legal threats, creating a sense of urgency and luring victims into clicking

Read More
02 Apr 2021

Venezuelan military offensive sends thousands fleeing, recharging one of the world’s worst refugee crises

A campaign by Venezuelan military near the western border is causing a new wave of refugees. Thousands are defying the pandemic to pack into makeshift camps in Arauquita, Colombia. The Venezuelan refugees represent the world’s second largest group of internationally displaced people. The mounting tensions between left-wing Venezuela and right-wing

Read More
18 Mar 2021

$4,000 COVID-19 ‘Relief Checks’ Cloak Dridex Malware

Cybercriminals have been taking advantage of the American Rescue Plan, the recently signed Covid-19 relief legislation. Researchers at Cofense found that threat actors are impersonating the IRS to distribute emails donning the agency’s official logo originating from a spoofed domain. The emails ask users to click on a malicious link

Read More
16 Mar 2021

REvil Group Claims Slew of Ransomware Attacks

The REvil ransomware threat group has claimed responsibility for a recent campaign in which nine organizations were impacted. The threat group has allegedly infected nine different organizations located across Africa, Europe, Mexico, and the US. The REvil group uses the Sodinokibi ransomware to compromise networks and devices. The organizations include

Read More
26 Jan 2021

Google reveals North Korean-backed campaign targeting security researchers

A new ongoing campaign targeting security researchers has been uncovered by Google’s Threat Analysis Group. The attackers are going to great lengths to gain the victims’ trust, posing as researchers or students themselves. The campaign consists of sophisticated social engineering techniques to persuade the security researcher to open a Microsoft

Read More