Spear Phishing Campaign Targets the US Military

KnowBe4

Researchers at Zscaler warn that a spear phishing campaign is targeting the US military and other sectors with phishing emails that purport to be voicemail notifications. The emails contain links to a phishing page designed to harvest Microsoft Office 365 credentials.

Spear-Phishing Campaign Uses Military-Themed Documents

Data Breach Today

Cisco Talos Researchers Find Hackers Using New Dropper Called IndigoDrop A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Security Affairs

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. Attackers spear-phishing messages have been sent from email accounts using the domains i[.]ua-passport[.]space Warning A phishing #attack has started against Ukrainians!

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. military against foreign targets, Barr said the DOJ did so in this case because the accused “indiscriminately” targeted American civilians on a massive scale. The U.S.

Data Breach Culprits: Phishing and Ransomware Dominate

Data Breach Today

Meanwhile, Breaches Involving Military Secrets and CCTV Footage Beset UK Government Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports.

SideWinder Targets Pakistani Entities With Phishing Attacks

KnowBe4

The India-aligned APT SideWinder is using a variety of social engineering techniques to target Pakistani government and military entities, according to researchers at Group-IB. The threat actor is using phishing emails as well as a malicious VPN app placed in the Google Play Store.

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

Threatpost

A recent malware campaign targeted victims at European and Middle East aerospace and military companies - via LinkedIn spear-phishing messages. Hacks Web Security aerospace espionage LinkedIn Middle East Military operation in(ter)ception Spear Phishing

State-Sponsored Phishing Attack Targeted Israeli Military Officials

Threatpost

Analysts have uncovered an Iran-linked APT sending malicious emails to top Israeli government officials. Government

Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government

Threatpost

Government Malware Vulnerabilities apt crimson RAT Cyberattacks cyberespionage data theft military targets Spear Phishing spy campaign transparent tribe usbwormThe group has added a management console and a USB worming function to its main malware, Crimson RAT.

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast Asia, India, and the U.S.

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The post Chinese APT CactusPete targets military and financial orgs in Eastern Europe appeared first on Security Affairs.

Catches of the Month: Phishing Scams for March 2022

IT Governance

Welcome to our March 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal information. Ukrainian citizens targeted by phishing attacks.

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed.

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The post Phishing attacks using the topic “Azovstal” targets entities in Ukraine appeared first on Security Affairs.

Nation-State Spear Phishing Attacks Remain Alive and Well

Data Breach Today

Russians Tied to Hack Attacks, But 'Two-Factor' No Silver Bullet, Google Warns Spear phishing attacks are in the news again following the Justice Department's indictment of Russian military intelligence officers for alleged attacks against U.S. Here's how to play better phishing defense

Phishing Campaign Targeted Those Aiding Ukraine Refugees

Threatpost

A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians. Malware Web Security

DoD Scammed Out of $23M in Phishing Attack on Jet-Fuel Vendors

Dark Reading

A California man faces prison time and steep fines stemming from cybertheft of US military funds intended to pay jet-fuel suppliers

US Cyber Command Reveals Malware Indicators Targeting Ukraine

Data Breach Today

Cyberecurity Firm Mandiant Analyzes Phishing Campaigns with ties to Belarus and Russia U.S. military, published a detailed analysis of phishing campaigns with links to Belarus and Russia

Russia Linked Group Resurfaces With Large-Scale Phishing Campaign

Dark Reading

APT29/Cozy Bear is targeting individuals in military, government, and other sectors via email purporting to be from US State Department

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

Threatpost

Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership

Threatpost

InvisiMole is back, targeting Eastern Europe organizations in the military sector and diplomatic missions with an updated toolset and new APT partnership. Hacks Malware apt backdoor cyberattack ESET gamaredon hack invisimole malware Spear Phishing threat group

US Air Force Veteran Charged in Iran Hacking Scheme

Data Breach Today

Monica Witt Allegedly Aided Spear-Phishing Attacks Against US Military A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government

Phishing: The simple attack that shreds the defenses of sensitive networks

Information Management Resources

Diplomatic networks carry some of the world’s most sensitive information: communications between world leaders, key technical intellectual property, trade strategies and military plans. Data security Cyber security Cyber attacks

Charming Kitten Iranian Espionage Campaign Thwarts 2FA

Threatpost

The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. Government Web Security apt Charming Kitten espionage Irán Phishing political targets Sanctions Two Factor Authentication

Google TAG details cyber activity with regard to the invasion of Ukraine

Security Affairs

The Google TAG uses uncovered phishing attacks targeting Eastern European and NATO countries, including Ukraine. Google experts pointed out that this is the first time that the cyberspies target NATO and military of multiple Eastern European countries.

Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

DHS – Russian APT groups are inside US critical infrastructure

Security Affairs

Russians APT Groups carried out spear-phishing attacks against utilities’ equipment vendors and sub subtractors to gather intelligence and collect information to penetrate the infrastructure. APT Breaking News Cyber warfare Hacking Intelligence Malware critical infrastructure DHS military Pierluigi Paganini Russia Security AffairsThe US Government is warning of continuous intrusions in National critical infrastructure and it is blaming the Kremlin for the cyber attacks.

Paper 51

MY TAKE: Let’s not lose sight of why Iran is pushing back with military, cyber strikes

The Last Watchdog

cybersecurity vendors CrowdStrike and FireEye point to Iran-backed hacking collectives targeting US government agencies, as well as finance and energy companies with spear-phishing emails. companies about increased cyber-activity from Iranian hackers, and urged them to take proactive steps to detect and deter data-wiping malware, credential stuffing attacks, password spraying and spear-phishing.

LUCKY ELEPHANT campaign targets South Asian governments

Security Affairs

The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign use doppelganger webpages to mimic legitimate entities such as foreign governments, telecommunications, and military. According to the experts, threat actors carried out a phishing campaign to lure victims to the websites and provide their credentials, at the time of writing the researchers did not detect any malware associated with LUCKY ELEPHANT campaign.

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement.

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals.

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” The group targeted government and military organizations in Ukraine.

Suit against Estée Lauder spotlights 401k Distribution Fraud

The Security Ledger

ZestAI’s Quest to make Artificial Intelligence Explainable Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military. Consumer fraud Legal News Malware Phishing Threats Top Stories 401k identity theft retirement savingsA former Estée Lauder employee is suing the company after $99,000 in retirement savings disappeared from her account.

Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict

Security Affairs

February 25 – Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing. The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel.

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

The attack chain starts with spear-phishing messages, pretending to come from a Ukrainian telecommunication provider, sent to the victims in an attempt to trick them into visiting the malicious domains.

Google blocked China-linked APT31’s attacks targeting U.S. Government

Security Affairs

Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages.

Ransomware Protection in 2021

eSecurity Planet

But what distinguishes Ryuk’s deadliness is its military-grade levels of encryption, ability to delete shadow copies on the endpoint , and encrypt network drives and resources.

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

” The Jiangsu Province Ministry of State Security (JSSD) is a foreign intelligence unit that is coordinated by China’s Ministry of State Security (MSS), the agency that is tasked for non-military foreign intelligence and domestic counterintelligence operations. The cyberspies used spear phishing, watering hole attacks, and domain hijacking to deliver various malware families, including Sakula and IsSpace, to the target organization. According to the U.S.