KnowBe4

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) has published a report describing the activities of “ARCHIPELAGO,” a subset of the North Korean state-sponsored threat actor APT43. ARCHIPELAGO’s operators frequently impersonate real journalists or experts in order to make initial contact with their targets.

Phishing 95

Phishing 95

Security Affairs

OCTOBER 20, 2021

A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. ” reads the analysis published by Google TAG.

Phishing 136

Phishing Archiving Encryption Authentication 136

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. TAG believes that the ARCHIPELAGO group is a subset of a threat actor tracked by Mandiant as APT43. The attack chain associated with ARCHIPELAGO starts with phishing emails that embed malicious links.

Phishing 93

Phishing Passwords Military Education 93

KnowBe4

DECEMBER 7, 2022

A Russia-linked threat actor tracked as TAG-53 is running phishing campaigns impersonating various defense, aerospace, and logistic companies, according to The Record by Recorded Future. Recorded Future’s Insikt Group identified overlaps with a threat actor tracked by other companies as Callisto Group, COLDRIVER, and SEABORGIUM.

Phishing 99

Phishing 99

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing 121

Manufacturing Phishing Passwords Military 121

Security Affairs

MARCH 9, 2022

Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. Google announced to have blocked a phishing campaign originating conducted by China-linked cybereaspionage group APT31 (aka Zirconium , Judgment Panda, and Red Keres) and aimed at Gmail users associated with the U.S.

Government 97

Government Phishing Military IT 97

Security Affairs

DECEMBER 1, 2019

Google’s Threat Analysis Group (TAG) revealed that it has detected and blocked attacks carried out by nation-state actors on 12,000 of its users in the third quarter of this year. ” reads the report published by Google TAG.”We SecurityAffairs – Google TAG, state-sponsored hacking). Pierluigi Paganini.

Phishing 141

Phishing Authentication Passwords Risk 141

Security Affairs

OCTOBER 14, 2021

Google revealed to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers since January. Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021. ” wrote Ajax Bash, a Google security engineer from the TAG.

Phishing 95

Phishing Military Government Security 95

Security Affairs

MARCH 18, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine’s government for intelligence purposes. Below is the tweet published by TAG chief, Shane Huntley, who cited the Google TAG Security Engineer Billy Leonard. ” wrote Leonard. China is working hard here too. government.

Government 105

Government File names Phishing Security 105

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 353

Phishing Authentication Access Security 353

Threatpost

MAY 29, 2020

Google TAG report reveals that "hack for hire" firms are tapping into the coronavirus pandemic via WHO phishing lures.

Phishing 97

Phishing Security 97

Security Affairs

OCTOBER 17, 2020

Google delivered 33,015 alerts to its users during the first three quarters of 2020 to warn them of phishing attacks, launched by nation-state actors, targeting their accounts. Google sent 11,856 government-backed phishing warnings during Q1 2020, 11,023 in Q2 2020, and 10,136 in Q3 2020. SecurityAffairs – hacking, Google TAG).

Healthcare 95

Healthcare Phishing Authentication Government 95

Security Affairs

DECEMBER 14, 2022

Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a phishing campaign distributing the QBot malware using a new technique that leverages Scalable Vector Graphics (SVG) images embedded in HTML email attachments.

Archiving 98

Archiving Phishing Passwords Security 98

KnowBe4

MARCH 24, 2022

Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, including FIN12 and the Conti ransomware gang.

Access 81

Access Phishing Ransomware IT 81

Security Affairs

SEPTEMBER 8, 2022

Researchers from Google’s Threat Analysis Group (TAG) reported that some former members of the Conti cybercrime group were involved in five different campaigns targeting Ukraine between April and August 2022. ” reads the TAG’s report. ” concludes TAG.

Ransomware 135

Ransomware Government Phishing IT 135

Security Affairs

OCTOBER 8, 2021

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . SecurityAffairs – hacking, spear-phishing).

Phishing 102

Phishing Military Government Security 102

Security Affairs

OCTOBER 25, 2023

The analysis of the email HTML source code revealed the presence of a SVG tag at the end, which contains a base64-encoded payload. The messages were sent from team.managment@outlook[.]com com and had the subject Get started in your Outlook. ” reads the analysis published by ESET.

Military 120

Military Government Phishing IT 120

Security Affairs

APRIL 17, 2023

Google Threat Analysis Group (TAG) team reported that the China-linked APT41 group used the open-source red teaming tool Google Command and Control ( GC2 ) in an attack against an unnamed Taiwanese media organization. China-linked APT41 group used the open-source red teaming tool GC2 in an attack against a Taiwanese media organization.

Phishing 98

Phishing Cloud Government Education 98

Security Affairs

MARCH 13, 2022

March 8 – Google TAG: Russia, Belarus-linked APTs targeted Ukraine. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. March 8 – Ukraine’s CERT-UA warns of phishing attacks against Ukrainian citizens.

Blockchain 97

Blockchain Phishing Military Passwords 97

Security Affairs

MARCH 19, 2022

Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware gang. Google’s Threat Analysis Group (TAG) researchers linked a new initial access broker, named Exotic Lily, to the Conti ransomware operation.

Access 95

Access Ransomware Communications Phishing 95

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security 134

Security Phishing Information Security Communications 134

The Last Watchdog

OCTOBER 24, 2022

Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them. One of the best ways to increase employee security awareness is to provide frequent training and communication about the risks of phishing and other cyberattacks. Use a corporate VPN.

Cybersecurity 191

Cybersecurity Security awareness Passwords Data breaches 191

Security Affairs

APRIL 23, 2020

Google’s Threat Analysis Group (TAG) shared its latest findings related to state-backed attacks and revealed that it has identified more than a dozen state-sponsored groups using COVID-19 lures. Across Google products, we’re seeing bad actors use COVID-related themes to create urgency so that people respond to phishing attacks and scams.”

Phishing 137

Phishing Government Communications IT 137

Security Affairs

JULY 10, 2023

Threat actors are targeting NATO and groups supporting Ukraine in a spear-phishing campaign distributing the RomCom RAT. On July 4, the BlackBerry Threat Research and Intelligence team uncovered a spear phishing campaign aimed at an organization supporting Ukraine abroad. ” reads the report published by BlackBerry.

Phishing 91

Phishing Government IT Security 91

Security Affairs

APRIL 3, 2022

Mar 31 – Google TAG details cyber activity with regard to the invasion of Ukraine. The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group.

Personal data 98

Personal data Phishing Security IT 98

Security Affairs

JANUARY 9, 2023

Threat actors created fake login pages for each organization and sent spear-phishing messages to nuclear scientists in an attempt to trick them into providing their passwords. In March 2022, the Google Threat Analysis Group (TAG) spotted phishing and malware attacks targeting Eastern European and NATO countries, including Ukraine.

Military 91

Military Phishing Cybersecurity Passwords 91

Krebs on Security

SEPTEMBER 6, 2021

The Manipulaters’ core brand in the underground is a shared cybercriminal identity named “ Saim Raza ,” who for the past decade across dozens of cybercrime sites and forums has peddled a popular spamming and phishing service variously called “ Fudtools ,” “ Fudpage ,” “ Fudsender ,” etc.

Phishing 226

Phishing IT Passwords Cloud 226

Krebs on Security

JUNE 8, 2021

“The ‘exploit detected’ tag means attackers are actively using them, so for me, it’s the most important piece of information we need to prioritize the patches.” “There are no workarounds for these vulnerabilities, patching as soon as possible is highly recommended.”

Security 288

Security Ransomware Phishing Cloud 288

Security Affairs

JANUARY 18, 2024

In the past, the group’s activity involved persistent phishing and credential theft campaigns leading to intrusions and data theft. Google TAG researchers warn that COLDRIVER is evolving tactics, techniques and procedures (TTPs), to improve its detection evasion capabilities. ” reads TAG’s analysis.

Phishing 107

Phishing Encryption Military Archiving 107

Security Affairs

JUNE 11, 2020

Citizen Lab first uncovered the activity of the group in 2017 while investigating phishing attacks against a journalist. Attackers used a phishing link associated with a custom URL shortener, which was tied to a larger network of almost 28,000 URL shorteners containing the email addresses of targets. Holi, Rongali and Pochanchi). .”Previous

Phishing 100

Phishing Communications Government IT 100

Security Affairs

AUGUST 6, 2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug Russian APT29 conducts phishing attacks through Microsoft Teams Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign Burger King forgets to put a password (..)

Security 91

Security Military Phishing Sales 91

KnowBe4

MARCH 10, 2023

A look back at the last year of attacks on Ukraine by Google’s Threat Analysis Group (TAG) provides insight into attacks on NATO countries to gain a cyberspace advantage.

Security awareness 69

Security awareness Phishing Security 69

Security Affairs

AUGUST 19, 2022

The malware is distributed through phishing messages using a malicious attachment or a link to the malicious archive containing Bumblebee. The Cybereason Global Security Operations Center (GSOC) Team analyzed a cyberattack that involved the Bumblebee Loader and detailed how the attackers were able to compromise the entire network.

Access 116

Access Archiving Phishing Passwords 116

The Last Watchdog

SEPTEMBER 7, 2022

Likewise, lookalike and spoofed web domains and well-crafted phishing emails now easily trick employees into thinking they’re dealing with trustworthy sources. Ransomware usually starts with a phishing email. A typical attack. Sometimes ransom payments are recovered, but not always. The impact of ransomware.

Ransomware 124

Ransomware Education Phishing Financial Services 124

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Security 92

Security Data breaches Phishing Ransomware 92

Security Affairs

MAY 9, 2022

In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. The attacks were also reported by Google’s TAG team, which confirmed they were for intelligence purposes.

Phishing 91

Phishing Government Archiving Cybersecurity 91

Security Affairs

OCTOBER 25, 2022

), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!”

Phishing 97

Phishing Privacy IT Security 97