Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
According to researchers, the threat actor APT group known as TA410 has added a new tool to its arsenal, a modular remote-access trojan (RAT). Proofpoint researchers have connected the group to attacks on the United States’ utility sector, targeting Windows devices. The RAT is called FlowCloud and can access installed
Phishing Attack Hits German Coronavirus Task Force
An ongoing phishing attack has been targeting executives of a company working to provide the German coronavirus task force with protective gear. The company is multinational and more than 100 high-profile executives have received phishing emails. The name of the company is unknown at this time, however, sources have revealed
Iranian And Chinese Hackers Targeted Trump And Biden Campaigns, Google Says
According to Google, Iranian and Chinese threat actors have already attempted to breach the Trump and Biden presidential campaigns. In a statement released on Thursday, Google illustrated how state-backed hackers are already interfering in the US 2020 presidential election, although there is no evidence these attacks have been successful to
Crooks Tap Google Firebase in Fresh Phishing Tactic
Researchers have uncovered a new series of phishing campaigns that use Google Firebase storage URLs, stating that the threat actors are leveraging the reputation of cloud infrastructure created by Google to lure victims. The phishing campaign begins with spam emails that prompt victims to click on a Firebase link inside
Microsoft warns of ‘massive’ phishing attack pushing legit RAT
Microsoft’s Security Intelligence team has recently warned users of a phishing campaign with a COVID-19 theme that installs NetSupport Manager remote, an administration tool. The campaign is spreading the tool through various malicious Excel attachments on emails pretending to be from the Johns Hopkins Center, providing information on the number
New Microsoft 365 Sign-in Pages Already Spoofed for Phishing
Microsoft’s newly updated sign-in pages have already been succumbed to phishing campaigns by attackers. The new sign-in page update was created in an attempt to lower the bandwidth requirements of the pre-existing Azure AD sign-in pages. Additionally, it allowed Microsoft users to more easily determine if they were the potential
Healthcare giant Magellan Health hit by ransomware attack
Yesterday, Magellan Health Inc. disclosed that it was the victim of a ransomware attack occurring on April 11, which resulted in theft of personal information from a corporate server. Magellan Health is a Fortune 500 for-profit managed health care and insurance firm whose customers include other managed care organizations, labor
Coronavirus-related cyberattacks surge to 192,000 in one week
Cyberattackers have been capitalizing on the ongoing pandemic, using it to lure new victims, often through enticing malicious links advertising fraudulent vaccine or treatment information. They have also been creating phishing emails, suspicious or malicious websites, infected downloads such as apps and files, and other content that aim to trap
Microsoft Teams Impersonation Attacks Flood Inboxes
According to security researchers at Abnormal Security, Microsoft Teams has been hit by two separate attacks targeting as many as 50,000 users. The campaigns reportedly aim to phish Office 365 logins. The cyberattacks impersonate notifications from Microsoft Teams in order to prompt the victim to enter login credentials, which are
TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy
IBM X-Force recently disclosed that malicious actors are spreading the TrickBot trojan through fake messages that are COVID-19 themes. The new campaign capitalizes on public concern and interest in the Department of Labor’s Family and Medical Leave Act (FMLA). IBM X-Force stated that they uncovered the campaign after the analysis