Tag: spear-phishing
-
Earth Koshchei’s Rogue RDP Campaign: A Sophisticated APT Attack Targets Governments and Enterprises
by
in SecurityNewsTrend Micro has unveiled a large-scale rogue remote desktop protocol (RDP) campaign conducted by the threat group Earth Koshchei. Known for their espionage operations, Earth Koshchei leveraged spear-phishing emails and... First seen on securityonline.info Jump to article: securityonline.info/earth-koshcheis-rogue-rdp-campaign-a-sophisticated-apt-attack-targets-governments-and-enterprises/
-
Mobile Spear Phishing Targets Executive Teams
by
in SecurityNewsOver the past few months, enterprises have observed a pattern of sophisticated spearphishing attempts targeting their executives, with some specifically targeting their mobile devices. Our blog shares the details. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/mobile-spear-phishing-targets-executive-teams/
-
KI-gestützte Cybersicherheit 10 Prognosen für das Jahr 2025
by
in SecurityNewsSchon seit vielen Jahren warnen Cybersicherheitsexperten auf der ganzen Welt vor den Gefahren KI-gestützter Cyberangriffe. Langsam werden diese Warnungen nun Realität. In diesem Jahr kam KI noch vor allem in Deepfake-, Phishing- und Spear Phishing-Kampagnen zum Einsatz. Für die kommenden Jahre ist aber mit einem deutlichen Anstieg der Anwendungsfälle zu rechnen. KI-gestützte Cyberangriffe werden mehr…
-
Five Ways Spear Phishing Tactics are Evolving in 2025
by
in SecurityNewsWhat type of phishing became very effective around 2010 and still worries security teams today? Spear phishing. Spear phishing remains highly effective and is getting more dangerous by the day. What is spear phishing? What new technologies and methods will attackers use to get around common defenses? How will they become more precise and convincing?……
-
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
by
in SecurityNewsThe threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop.The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group said…
-
ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan
by
in SecurityNewsThe China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024.The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis.”An interesting aspect of this campaign is…
-
Iranische Angreifer missbrauchen Backdoor für SpearAngriffe
by
in SecurityNewsIn den meisten Beispielen erstellt BugSleep eine geplante Aufgabe mit demselben Namen wie die Mutex, die die Persistenz der Malware gewährleistet. Die… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/iranische-angreifer-missbrauchen-backdoor-fuer-phishing-angriffe/a37886/
-
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
by
in SecurityNewsFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/
-
ANEL Backdoor Reactivated in Earth Kasha Cyber-Espionage Campaign
by
in SecurityNewsIn June 2024, Trend Micro identified a new spear-phishing campaign targeting political organizations, research institutions, and think tanks in Japan. This operation, attributed to the cyber-espionage group Earth Kasha, marks... First seen on securityonline.info Jump to article: securityonline.info/anel-backdoor-reactivated-in-earth-kasha-cyber-espionage-campaign/
-
Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations
by
in SecurityNewsEarth Kasha, a threat actor linked to APT10, has expanded its targeting scope to India, Taiwan, and Japan, leveraging spear-phishing and exploiting vulnerabilities in public-facing applications like SSL-VPN and file storage services. The group has deployed various backdoors, including Cobalt Strike, LODEINFO, and the newly discovered NOOPDOOR, to maintain persistent access to compromised networks, which…
-
Phishing-Angriffswelle auf LinkedIn nimmt Arbeitssuchende ins Visier
by
in SecurityNewsLaut einem kürzlich von Malwarebyte-Forschern veröffentlichten Bericht sind Cyberkriminelle zunehmend auf LinkedIn aktiv. Mit Phishing- und Spear-Phishing-Kampagnen versuchen sie, an die Anmeldedaten ihrer Opfer, die auf LinkedIn nach einer (besseren) Anstellung suchen, zu gelangen. Hierzu erstellen die Betrüger gefälschte Recruiter-Profile. Sie nutzen die Namen real existierender Personen und deren Profilbilder oder lassen sich welche von…
-
Industrial companies in Europe targeted with GuLoader
by
in SecurityNewsA recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/07/industrial-europe-spear-phishing-guloader/
-
Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations
by
in SecurityNewsFirst seen on techrepublic.com Jump to article: www.techrepublic.com/article/midnight-blizzard-spearphishing-us-officials/
-
Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files
by
in SecurityNewsResearchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors. The attacks inv… First seen on gbhackers.com Jump to article: gbhackers.com/midnight-blizzard-rdp-attack/
-
Midnight Blizzard Targets 100+ Organizations in RDP Phishing Attack
by
in SecurityNewsMicrosoft Threat Intelligence has issued a warning about a new spear-phishing campaign orchestrated by the Russian state-sponsored threat actor Midnig… First seen on securityonline.info Jump to article: securityonline.info/midnight-blizzard-targets-100-organizations-in-rdp-phishing-attack/
-
Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files
by
in SecurityNewsMicrosoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scal… First seen on securityaffairs.com Jump to article: securityaffairs.com/170398/apt/midnight-blizzard-apt-targeted-100-organizations.html
-
Global Midnight Blizzard spear-phishing operation underway
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/global-midnight-blizzard-spear-phishing-operation-underway
-
Microsoft Warns of Russian Spear-Phishing Attacks Targeting Over 100 Organizations
by
in SecurityNewsMicrosoft says a new spear-phishing campaign by Russia’s Midnight Blizzard uses RDP files, a new vector for this threat group. The post Microsoft Warn… First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-warns-of-russian-spear-phishing-attacks-targeting-over-100-organizations/
-
UK on high alert over Iranian spear phishing attacks, says NCSC
by
in SecurityNewsThe NCSC and counterpart agencies in the US have issued a warning over enhanced Iranian spear phishing activity targeting politicians, journalists, ac… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366612026/UK-on-high-alert-over-Iranian-spear-phishing-attacks-says-NCSC
-
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
by
in SecurityNewsA new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated J… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/astaroth-banking-malware-resurfaces-in.html
-
Brazil subjected to Astaroth malware-deploying spear-phishing campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/brazil-subjected-to-astaroth-malware-deploying-spear-phishing-campaign
-
>>Water Makara<< Employs Astaroth Malware in Targeted Attacks on Brazilian Organizations
by
in SecurityNewsIn a new report by Trend Micro Research, a spear-phishing campaign has emerged in Brazil, using a combination of obfuscated JavaScript and Astaroth ma… First seen on securityonline.info Jump to article: securityonline.info/water-makara-employs-astaroth-malware-in-targeted-attacks-on-brazilian-organizations/
-
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
by
in SecurityNewsA spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to s… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/fake-job-applications-deliver-dangerous.html
-
Chinese national accused by Feds of spear-phishing for NASA, military source code
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/09/17/chinese_national_nasa_phishing_indictment/
-
Cyberattackers Use HR Targets to Lay More_Eggs Backdoor
by
in SecurityNewsThe FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after … First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-targeting-recruiters-more_eggs-backdoor
-
US, Microsoft Seize Domains Used in Russian Spear-Phishing
by
in SecurityNewsFSB Hackers Stripped of 107 Domains Used to Steal Credentials. The U.S. Department of Justice and Microsoft seized more than 100 websites allegedly us… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-microsoft-seize-domains-used-in-russian-spear-phishing-a-26443
-
UK and US Warn of Growing Iranian Spear Phishing Threat
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-us-warn-iranian-spearphishing/
-
China’s ‘Earth Baxia’ Spies Exploit Geoserver to Target APAC Orgs
by
in SecurityNewsThe APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippine… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-earth-baxia-spies-geoserver-apac-orgs