Google reveals North Korean-backed campaign targeting security researchers
A new ongoing campaign targeting security researchers has been uncovered by Google’s Threat Analysis Group. The attackers are going to great lengths to gain the victims’ trust, posing as researchers or students themselves. The campaign consists of sophisticated social engineering techniques to persuade the security researcher to open a Microsoft
‘LuckyBoy’ Malvertising Campaign Hits iOS, Android, XBox Users
A new campaign is targeting mobile and other connected device users through utilizing cloaking and obfuscation techniques to evade detection. The malvertising campaign has been named LuckyBoy and consists of a multi-stage, tag-based approach and attack method. Andriod, Xbox, and iOS users are being targeted in the attacks. According to
Hack May Have Exposed Deep US Secrets; Damage Yet Unknown
Authorities say that some of America’s deepest secrets may have been stolen in a months-long espionage campaign that just came to light. The operation has been blamed on Russian government hackers and occurred when threat actors were able to slip malicious code into a software update issued by popular provider
Treasury Sanctions Iranian Entities for Attempted Election Interference
On October 22, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) determined to impose sanctions on five distinct Iranian entities known to have attempted to conduct election interference on the US and its voters. These attempts include spreading disinformation and executing malign influence campaigns aimed to mislead
Facebook Pulls Trump Campaign Ad Featuring Nazi Symbol
Facebook has made the decision to remove advertising for Donald Trump’s re-election campaign because it featured a symbol that is heavily associated with Nazi Germany. The advertisements, which stated that left-wing activists he calls Antifa should be branded a terrorist organization, had an inverted red triangle. The inverted red triangle
New PipeMon malware uses Windows print processors for persistence
The Winnti hacking group has targeted video game companies again in a new campaign that utilizes recent malware called PipeMon, a modular backdoor that was identified earlier this year. PipeMon was discovered on servers belonging to video game developers of games that feature multiplayer options (massively multiplayer online) games. The
RATicate Group Hits Industrial Firms With Revolving Payloads
According to researchers, a new threat group called RATicate is targeting industrial companies with revolving payloads and is behind several malspam attacks against companies such as LokiBot, Agent Tesla, Netwire, FormBook, and BetaBot. Researchers have attributed at least six separate campaigns to the group, with the first starting in November
Microsoft Sway Abused in Office 365 Phishing Attack
According to an analysis released by Group-IB on Thursday, a threat actor group called PerSwaysion has attacked Microsoft services, compromising at least 150 executives in a targeted phishing campaign. The attacks were effective in gathering the Office 365 credentials of the executives since mid-2019. The campaign’s success was attributed to
NASA under ‘significantly increasing’ hacking, phishing attacks
NASA reported that they have been observing increasing malicious activity originating from both cybercriminals and nation-state hackers targeting their personnel and systems while their employees telecommute during the COVID-19 pandemic. The agency stated that they had successfully blocked a wave of malicious cyberattacks with pre-existing mitigation tools and measures. However,
Intricate Phishing Scam Uses Support Chatbot to ‘Assist’ Victims
A recent phishing scam is targeting consumers by utilizing a malicious customer service chatbot function that steals victims’ information by prompting them to fill out various forms including credit card numbers and bank account information. The campaign was discovered by MalwareHunterTeam and is targeting Russian citizens. The threat actors are