A new campaign impersonating Proofpoint has successfully avoided Microsoft email security. The campaign consists of phishers attempting to fool targets into believing the email comes from Proofpoint, a well-known cybersecurity company, in an attempt to steal Microsoft Office 365 and Google email credentials. According to researchers at Armorblox, one such

On Thursday, former French President Nicolas Sarkozy was sentenced to one year in prison due to illegal campaign financing in his failed 2012 re-election campaign. This marks the first time that a former French head of state received two jail terms. However, Sarkozy is unlikely to spend this time behind

Microsoft has warned that the Nobelium APT is currently compromising single-sign-on services to install a post-exploitation backdoor. The backdoor maintains network persistence and steals data from victims. Nobelium, the threat actors behind the SolarWinds supply-chain attacks, are using a backdoor called FoggyWeb to conduct the attacks. The attacks target Active

Sophos researchers have detailed a new Racoon Stealer campaign that underscores the evolution of the information-stealer. According to Sophos, the Racoon Stealer has been distributed through a dropper campaign with the goal of stealing cryptocurrencies, cookies, and other valuable information located on target machines. Researchers confirmed that the campaign had

Security researchers at Sygnia reported observing attacks originating from a sophisticated threat actor that bore resemblance to the hallmarks of an Australian campaign that targeted high-profile public and private entities. According to the researchers, the campaign targeting Australia last year seems to have shifted its focus to the US. The

According to a new report from Kaspersky, a recently discovered advanced persistent threat (APT) dubbed LuminousMoth is targeting a large number of organizations in South Asia. The campaign involves cyberespionage attacks on organizations and government entities and has been ongoing since at least October 2020. Contrary to similar attacks that

Researchers have discovered a global effort to steal information from international companies in the oil and gas sector. According to experts, the campaign has been underway for more than a year and uses sophisticated social engineering tactics to deliver Agent Tesla and other remote access trojans (RATs). Researchers at Intezer

APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the

Hackers suspected to have ties to Iran have reportedly targeted multiple Israeli companies with ransomware, representing a new campaign of attacks against the nation. The group calls itself N3tw0rm, or Networm, publishing evidence of different attacks to a dark website where they take responsibility for their hacks. On Sunday, the

Microsoft has warned of a new campaign utilizing legitimate website contact forms to target victims with URLs that ultimately deliver a banking Trojan. The attack campaign is delivering the IcedID banking Trojan to businesses via emails containing fake legal threats, creating a sense of urgency and luring victims into clicking