20 Apr 2022

Crypto-related phishing and how to avoid it

In this video for Help Net Security, Michael Aminov, Chief Architect at Perception Point, talks about a recent Binance impersonation attack and, more broadly, the ongoing threat landscape impacting the cryptocurrency industry. Cryptocurrencies aren’t new, but they have become more mainstream: their use has increased significantly thanks to DeFi, gaming, NFTs,

Read More
20 Apr 2022

UK Government Staff Hit with Billions of Malicious Emails in 2021

The UK government was reportedly targeted with billions of malicious emails in 2021, and employees may have clicked on tens of thousands of suspicious or fraudulent links. Comparitech recently conducted a report into these malicious emails, and received answers from 260 government organizations in the form of freedom of information

Read More
08 Apr 2022

Thousands of Android users downloaded this password-stealing malware disguised as anti-virus from Google Play

Cybersecurity researchers at Check Point have identified six different fraudulent anti-virus applications that have since been removed from the Google Play store. The applications are parading as tools that help to protect users from cybercrime, however, they actually deliver malware to steal passwords, bank details, and other personal information. The

Read More
07 Apr 2022

Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info

Threat actors have targeted both Microsoft Office 365 and Google Workspace in a new campaign that leverages a legitimate domain associated with a road-safety organization in Moscow to distribute messages. The attackers are spoofing voice message notifications from WhatsApp in the malicious phishing campaign. Their ultimate goal is to trick

Read More
06 Apr 2022

South African and US Officers Swoop on Fraud Gang

American and South African investigators have teamed up to crack down on fraud that is persistent in the latter country, recently arresting several members linked to a suspected fraud gang. The individuals arrested consisted of three South Africans and four Nigerians, and are believed to be linked to an infamous

Read More
05 Apr 2022

Ukraine spots Russian-linked ‘Armageddon’ phishing attacks

The Computer Emergency Response Team of Ukraine (CERT-UA) has spotted new phishing attempts attributed to the Russian threat group tracked as Armageddon (Gamaredon). The malicious emails attempt to trick the recipients with lures themed after the war in Ukraine and infect the target systems with espionage-focused malware. CERT-UA has identified two separate

Read More
01 Apr 2022

Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks

A threat actor previously linked to the Belarusian Ministry of Defense, Ghostwriter, has recently adopted nearly invisible Browser-in-the-Browser (BitB) credential phishing techniques. The tool is likely being leveraged in its attacks against Ukraine and exploitation of the war being waged in the country. Ghostwriter is currently using war-themed attacks to

Read More
31 Mar 2022

Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

According to cybersecurity research from Google’s Threat Analysis Group (TAG), government backed hackers from Russia, China, Iran, and North Korea are exploiting Russia’s invasion of Ukraine. The attacks leverage public interest in the conflict and are designed to steal login credentials, sensitive information, and money from victims spanning several countries.

Read More
30 Mar 2022

MSHTML Flaw Exploited to Attack Russian Dissidents

A Ukrainian-based threat actor has launched a spearphishing attack against Russians that are using services that have been banned for use by the Kremlin. The attack targets Russian cities and governments that are not aligned with the actions of the Russian government. MalwareBytes identified the campaign last week, stating that

Read More
24 Mar 2022

Malicious npm packages target Azure developers to steal personal data

Microsoft has confirmed that a large scale cyberattack is targeting its Azure developers through malicious npm packages. JFrog cybersecurity researchers released a report on Wednesday detailing how hundreds of malicious packages have been identified. The packages were designed to steal personally identifiable information from developers. According to researchers, the campaign

Read More