Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US government overall, nor to the US public.”

Phishing 217

Phishing Government Compliance Communications 217

Data Breach Today

NOVEMBER 15, 2019

Proofpoint Research Points to More Sophisticated Techniques A newly discovered hacking group is using an array of sophisticated spoofing and social engineering techniques to imitate government agencies, including the U.S.

Phishing 171

Phishing Government 171

Security Affairs

JANUARY 9, 2023

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than 1,330 emails to accounts belonging to the country’s state services.

Phishing 82

Phishing Government Cybersecurity Access 82

KnowBe4

SEPTEMBER 16, 2022

Attackers are exploiting a legitimate French government website to send phishing messages, according to researchers at Vade. The website, Pôle Emploi, is a career site for companies looking for job recruits.

Phishing 97

Phishing Government 97

KnowBe4

JUNE 27, 2023

Russia’s APT28 (also known as “Fancy Bear” or “BlueDelta”) is using spear phishing to compromise Ukrainian government and military entities, according to researchers at Recorded Future. The phishing emails are designed to exploit vulnerabilities in the open-source webmail software Roundcube.

Military 85

Military Phishing Government 85

Data Breach Today

OCTOBER 14, 2022

Stopping Cyberattacks by Moving Away From Password-Based Authentication The January memorandum from President Biden’s Office of Management and Budget calls for adopting multifactor authentication that includes the verification of device-based security controls, continuous monitoring, and authentication and mandates a switch to phishing-resistant MFA (..)

Phishing 130

Phishing Government Authentication Passwords 130

Data Breach Today

APRIL 10, 2024

Survey: SMBs, Charities Mostly Targeted With Phishing, Online Impersonation in 2023 Cybercriminals launched 7.78 government survey report. million attacks against U.K. businesses and nearly 1 million against charity organizations, according to the latest U.K.

Phishing 291

Phishing Government 291

KnowBe4

JANUARY 12, 2023

Government workers are prime targets for social engineering attacks, according to Kaitlyn Levinson at GCN. Attackers use different tactics to target government employees in specific roles.

Government 103

Government Phishing 103

Data Breach Today

FEBRUARY 27, 2023

Hackers Uses Same FTP Server as Earlier OneNote Phishing Campaign A campaign targeting government entities in the Asia-Pacific and North America regions with an info stealer hosted on a Discord server shares infrastructure with a campaign that used Microsoft OneNote to deliver malware.

Government 162

Government Phishing Security 162

KnowBe4

DECEMBER 11, 2023

The US Justice Department has indicted two individuals for launching spear phishing attacks against the US, the UK, Ukraine and various NATO member countries on behalf of the Russian government.

Phishing 119

Phishing Government Security 119

Data Breach Today

AUGUST 14, 2020

ClearSky: Operation 'DreamJob' Lures Defense Workers With Fake Job Opportunities Hackers with suspected ties to North Korea's government are conducting a cyber espionage campaign that's circulating "job opportunity" spear-phishing emails targeting employees of defense contractors, according to the security firm ClearSky.

Phishing 299

Phishing Government Security 299

Data Breach Today

JULY 31, 2020

Attacks Target Government Agencies and a Variety of Others The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere.

Phishing 264

Phishing Ransomware Education Government 264

Data Breach Today

AUGUST 27, 2021

Meanwhile, Breaches Involving Military Secrets and CCTV Footage Beset UK Government Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports.

Data breaches 195

Data breaches Phishing Ransomware Military 195

Krebs on Security

MARCH 25, 2020

government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Census Bureau website [link] carries a message that reads, “An official Web site of the United States government.

Government 270

Government Security Phishing Encryption 270

Security Affairs

SEPTEMBER 20, 2021

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . SecurityAffairs – hacking, phishing).

Phishing 83

Phishing Government Cybersecurity Access 83

IT Governance

JULY 21, 2022

This week, we discuss NCSC and ICO advice to the legal profession, a new phishing campaign that bypasses multifactor authentication, and the huge increase in the number of ransomware and phishing attacks this year. Plus, we talk to Gary Hibberd about his new book, The Art of Cyber Security.

Phishing 105

Phishing Ransomware Government IT 105

IT Governance

SEPTEMBER 1, 2022

This week, we discuss two zero-day vulnerabilities affecting Apple devices, the further effects of a ransomware attack on an NHS digital services provider and a large-scale phishing campaign affecting users of secure services such as Okta, Authy and Signal.

Phishing 105

Phishing Ransomware Government IT 105

KnowBe4

JANUARY 22, 2024

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO governments,” according to researchers at Google’s Threat Analysis Group (TAG).

Phishing 109

Phishing Military Government Security 109

Data Breach Today

DECEMBER 29, 2023

Ukrainian Cyber Defenders Trace Government Agency Hits to Phishing Campaign Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister.

Military 281

Military Phishing Government 281

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Phishing 95

Phishing e-Delivery Government Passwords 95

Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Phishing 333

Phishing Blockchain Marketing Government 333

Data Breach Today

MARCH 14, 2024

Also: Bitcoin Fog; EU's Sanctions Violation Law This week, amounts for crypto and phishing losses were released, the Bitcoin Fog operator was convicted, the EU approved rules to strengthen sanctions, the federal government sought to recover losses linked to pig butchering, and the Philippines blocked unlicensed crypto websites.

Phishing 283

Phishing Government 283

Data Breach Today

JANUARY 17, 2023

Push Technology and One-Time Passcodes for MFA Just Aren't Secure Enough Attackers have caught up with legacy multifactor authentication tools that use push technology or one-time passcodes, boosting the need for phishing-resistant MFA, says Jeremy Grant.

Government 130

Government Phishing Authentication Security 130

KnowBe4

JANUARY 5, 2023

The UK’s National Cyber Security Centre (NCSC) has outlined the top six most impersonated UK government agencies in 2022. The most impersonated entity was the National Health Service (NHS), followed by TV Licensing, HM Revenue & Customs, Gov.uk, DVLA, and Ofgem.

Government 86

Government Phishing Security 86

Data Breach Today

DECEMBER 7, 2023

Both Governments Sanction 2 'Star Blizzard' Hackers; US Indicts Them The U.K. government accused Russia's domestic intelligence agency of running a yearslong campaign to interfere in British politics.

Phishing 292

Phishing Government Security 292

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The APT group was spotted exploiting public-facing servers, it was observed sending spear phishing emails to deliver previously undetected backdoors. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government 73

Government Phishing Access Passwords 73

Data Breach Today

MARCH 31, 2020

and other nations adopting economic stimulus packages as a result of the global COVID-19 pandemic, fraudsters are now using the promise of government checks as phishing lures to spread banking Trojans, according to a pair of new security research reports.

Phishing 222

Phishing Government Security 222

IT Governance

JUNE 8, 2023

Phishing is one of the most common and dangerous forms of cyber crime. Despite an array of technological solutions designed to counter phishing attacks – from antimalware software to password protections – the main weapon in anyone’s arsenal should be knowledge and awareness. How common are phishing attacks?

Phishing 111

Phishing Data breaches Communications Ransomware 111

IT Governance

FEBRUARY 7, 2023

Welcome to our February 2023 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. The researchers are most concerned about spear phishing, which is a sophisticated form of fraud.

Phishing 112

Phishing Government Education Personal data 112

IT Governance

OCTOBER 13, 2023

Given the huge proportion of cyber attacks that rely on phishing to gain a foothold in victims’ systems, it’s hardly surprising that one of the four ways of staying safe online advocated by the US campaign is recognising and reporting phishing. You can find everything you might want to know about phishing on our website.

Phishing 105

Phishing Financial Services Manufacturing Personal data 105

IT Governance

SEPTEMBER 15, 2023

Welcome to our September 2023 catches of the month feature, which examines recent phishing scams and the tactics criminals use to trick people into compromising their data. Storm-0324’s phishing lures “typically reference invoices and payments, mimicking services such as DocuSign, Quickbooks, and others”.

Phishing 110

Phishing Mining Education Passwords 110

Data Breach Today

JULY 29, 2023

Researchers Say APT37 Group Likely Behind Campaign Targeting South Koreans Government-backed North Korean hackers are posting convincing U.S. military job recruitment documents to lure Korean-speaking victims into downloading malware staged from legitimate but compromised South Korean websites, according to security researchers.

Military 221

Military Phishing Government Security 221

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing 279

Phishing Encryption Passwords Sales 279

Data Breach Today

JANUARY 27, 2020

Researchers Suspect Konni APT Group Involved A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42.

Phishing 194

Phishing Government 194

IT Governance

NOVEMBER 17, 2023

Welcome to our November 2023 catches of the month feature, which examines recent phishing scams and the tactics criminals use to trick people into compromising their data. You can find everything you might want to know about phishing on our website. You can find everything you might want to know about phishing on our website.

Phishing 96

Phishing Artificial Intelligence Cloud Cybersecurity 96

KnowBe4

JANUARY 17, 2023

Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. Most of the attacks were focused on countries in Southeast Asia, though one of them targeted an entity in Bosnia and Herzegovina.

Phishing 92

Phishing Military Government 92

Data Breach Today

FEBRUARY 14, 2023

The Tonto Team Used Spear-Phishing Emails to Target Group-IB Employees Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Malwarebytes says the group has ramped up spying against Russian government agencies.

Phishing 334

Phishing Government IT 334