08 Sep 2022

‘DangerousSavanna’ Hackers Targeted Financial Institutions in Africa For Two Years

Check Point research has identified a persistent cyber-attack campaign it calls DangerousSavanna targeting major financial institutions in French-speaking African countries. According to the cybersecurity firm, the campaign has been active for the past two years and focuses on spear phishing techniques to initiate infection chains. The threat actors behind the

Read More
12 Jul 2021

Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign

Researchers have discovered a global effort to steal information from international companies in the oil and gas sector. According to experts, the campaign has been underway for more than a year and uses sophisticated social engineering tactics to deliver Agent Tesla and other remote access trojans (RATs). Researchers at Intezer

Read More
01 Jun 2021

Hackers Exploit Post-COVID Return to Offices

As Covid-19 restrictions begin to lift and thousands of employees return back to offices, ending the work-from-home movement, threat actors are ramping up spear-phishing campaigns. The latest campaign consisted of sending employees emails posing as CIOs welcoming employees back into offices. The emails outline a targeted company’s post-pandemic cubicle protocols,

Read More
06 Apr 2021

LinkedIn Spear-Phishing Campaign Targets Job Hunters

A new campaign has been observed to target job hunters seeking opportunities via Linkedin. A threat group named Golden Chickens is allegedly behind the campaign, which creates fake job offers to lure professionals into downloading a backdoor Trojan called more_eggs. The spear-phishing campaign was discovered by researchers at eSentire. The

Read More
02 Oct 2020

Emotet Emails Strike Thousands of DNC Volunteers

On Thursday, hundreds of US organizations received emails masquerading as the Democratic National Committee but secretly containing the Emotet malware in an attempted spear-phishing attack. The email claimed to be recruiting Democratic volunteers, with the subject line “Team Blue Take Action.” The operators behind Emotet malware keep up with current

Read More
04 Sep 2020

Evilnum APT Group Employs New Python RAT

An APT group called Evilnum has reportedly adopted a new Python remote access Trojan (RAT). The new RAT was designed to target financial tech organizations through the creation of highly specific and sophisticating spear phishing attacks. Over the past few weeks, researchers have detected noticeable shifts in Evilnum’s tools, techniques,

Read More
30 Jul 2020

North Korean Hackers Sniffing for US Defense Secrets

According to McAfee, North Korea was behind a cyber-espionage campaign that occurred earlier this year and targeted US defense and aerospace firms. McAfee’s Advanced Threat Research group claimed they detected similarities between the recent campaign and previous ones that linked the espionage to Hidden Cobra, a term used to refer

Read More
19 Jun 2020

Phishing Campaign Targeting Office 365, Exploits Brand Names

A new sophisticated phishing campaign has been discovered, targeting Office 365 and utilizing recognized brand names to bypass security filters. The campaign aims to trick victims into handing over Microsoft Office 365 credentials to gain access to corporate networks. Check Point Software published a report detailing the attacks, which largely

Read More
17 Jun 2020

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

A recent malware campaign has been uncovered, targeting victims in Europe and the Middle East through LinkedIn spear-phishing messages. The targets are in the aerospace and military fields, and the attackers are impersonating human resource employees from Collins Aerospace and General Dynamics. Targets receive messages advertising fake job offers that

Read More
24 Apr 2020

Phishers exploiting employees’ layoff, payroll concerns

Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about termination” in the headline, scaring recipients into clicking malicious links that then harvest Zoom passwords. Abnormal Security discovered

Read More