30 Jul 2020

North Korean Hackers Sniffing for US Defense Secrets

According to McAfee, North Korea was behind a cyber-espionage campaign that occurred earlier this year and targeted US defense and aerospace firms. McAfee’s Advanced Threat Research group claimed they detected similarities between the recent campaign and previous ones that linked the espionage to Hidden Cobra, a term used to refer

Read More
19 Jun 2020

Phishing Campaign Targeting Office 365, Exploits Brand Names

A new sophisticated phishing campaign has been discovered, targeting Office 365 and utilizing recognized brand names to bypass security filters. The campaign aims to trick victims into handing over Microsoft Office 365 credentials to gain access to corporate networks. Check Point Software published a report detailing the attacks, which largely

Read More
17 Jun 2020

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

A recent malware campaign has been uncovered, targeting victims in Europe and the Middle East through LinkedIn spear-phishing messages. The targets are in the aerospace and military fields, and the attackers are impersonating human resource employees from Collins Aerospace and General Dynamics. Targets receive messages advertising fake job offers that

Read More
24 Apr 2020

Phishers exploiting employees’ layoff, payroll concerns

Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about termination” in the headline, scaring recipients into clicking malicious links that then harvest Zoom passwords. Abnormal Security discovered

Read More
23 Apr 2020

Oil and Gas Companies Targeted With Agent Tesla Malware

Recent spearphishing campaigns have targeted the oil and gas industry, using the so-called Agent Tesla spyware Trojan. According to security firm Bitdefender, attackers impersonated an Egyptian state oil company called Enppi, (Engineering for Petroleum and Process Industries) to launch attacks against organizations in several countries including Malaysia, the US, Iran,

Read More
21 Apr 2020

267 million Facebook profiles sold for $600 on the dark web

Security researcher Bob Diachenko discovered 267 million Facebook profiles being sold on dark web sites and hacker forums for over $600 apiece. Diachenko uncovered the stolen account credentials for sale last month. However, none of the records include passwords, instead containing information that could allow attackers to conduct spear-phishing or

Read More
06 Apr 2020

Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

A new spear-phishing attack using the World Health Organization (WHO) trademark to lure users has been discovered by researchers at FortiGaurd Labs. The researchers first observed the COVID-19 themed scam on March 27, reporting that threat actors have created a new spearphishing email campaign that spreads the LokiBot trojan. The

Read More
01 Apr 2020

Millions of Guests Impacted in Marriott Data Breach, Again

Marriott hotel empire has suffered from its second major data breach in the span of two years. The most recent was disclosed by Marriott on Tuesday. The breach affected 5.2 million customers after an attack was carried out on the chain via third-party software that Mariott uses to provide guest

Read More
27 Mar 2020

667% spike in email phishing attacks due to coronavirus fears

Amid the coronavirus pandemic, attackers are capitalizing on public fear and taking advantage of heightened emotions by targeting victims in email phishing attacks related to COVID-19. The number of email attacks related to COVID-19 has been increasing since January according to data collected by cybersecurity firm Barracuda Networks. However, the

Read More
23 Mar 2020

Russian APT28 Group Changes Tack to Probe Email Servers

Russian threat actor group APT28 has recently been probing email servers, scanning for vulnerable email, Microsoft SQL Servers and Directory servers, changing its tactics from its previous attacks. The APT group is responsible for some major cybercrime campaigns over the past few years, including stealing information from the Democratic National

Read More