10 Jun 2020

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

According to researchers, the threat actor APT group known as TA410 has added a new tool to its arsenal, a modular remote-access trojan (RAT). Proofpoint researchers have connected the group to attacks on the United States’ utility sector, targeting Windows devices. The RAT is called FlowCloud and can access installed

Read More
07 Feb 2020

Iranian Hackers Target Journalists in New Phishing Campaign

A threat group in Iran known as “Charming Kitten” has launched a new campaign that aims to steal email account credentials. The campaign is a phishing attack discovered by Certfa Labs that targets journalists and human rights activists. The group is also widely known as APT35 and is notorious for

Read More
18 Dec 2019

Industrial Cyber-Espionage Campaign Targets Hundreds of Companies

An advanced threat actor, nicknamed Gangnam Industrial Style, targeted hundreds of industrial companies across the globe, using a new version of an old info-stealer to extract sensitive data. The spear-phishing campaign comprises of malicious attachments disguised as PDF files, which drop Separ malware when clicked. Separe malware steals login data

Read More
12 Nov 2019

TrickBot Malware Uses Fake Sexual Harassment Complaints as Bait

Recently, attackers have formulated fake sexual harassment complaints that appear to come from the U.S. Equal Employment Opportunity Commission to disperse TrickBot malware, which targets financial data and acts to deploy other malware. This spearphishing campaign utilizes social engineering tactics to convince targets into exposing sensitive information. The customized phishing

Read More
12 Dec 2018

Hackers Steal Over 40k Logins for Gov Services in 30 Countries

“More than 40,000 users victims of phishing attacks had their credentials for unlocking online accounts for government services stolen…the login data offered access to services in 30 countries around the world. Most of the victims are in Europe. More than half of the victims are from Italy (52%), followed by

Read More
28 Nov 2018

Half of all Phishing Sites Now Have the SSL Padlock

Once recommended as a sign of online safety, data suggests that around half of all phishing websites in Q3 2018 boasted the SSL padlock security icon next to its domain name, an increase of 35% over Q2. A likely reason for the increase is that users strongly associate the icon

Read More
21 Nov 2018

Russian Hackers impersonated State Department spokeswoman Heather Nauert, cybersecurity firm says

“Hackers impersonated State Department spokeswoman Heather Nauert and another official, Susan Stevenson, as part of an effort to target hundreds of people in U.S. law enforcement and defense and law enforcement agencies, according to cybersecurity research firm FireEye Inc. The hackers are likely connected to Russian intelligence services, FireEye wrote

Read More
22 Oct 2018

What Spammers Could Do with Your Hacked Facebook Data

Recently leaked data from 15 million Facebook accounts included names, email addresses, and phone numbers, while a further 14 million accounts had their usernames, date of births, gender, devices used, language settings, and possibly their relationship statuses, religion, hometown, current city, work, education, past 10 location checkins, and past 15

Read More
21 Sep 2018

Foreign government hackers target US senators, aides’ Gmail

Google and the U.S. Senate have announced that the Gmail accounts of U.S. Senators’ and their aides are being “targeted by foreign government hackers.” While no information has been given regarding the political entity behind the attempts or whether specific political parties or staffers have been especially targeted, the attempts

Read More
17 Sep 2018

Companies Wary of Cyberattacks, Phishing During Hurricanes

Disruptions caused by natural disasters make organizations more vulnerable to cyberattacks, a reality that has many companies scrambling to ensure asset security as Hurricane Florence forces them to move computers, switch to backup networking equipment, and other non-routine practices that provide would-be hackers weak points to target. Experts point out

Read More