Spear-Phishing Campaign Uses Military-Themed Documents

Data Breach Today

Cisco Talos Researchers Find Hackers Using New Dropper Called IndigoDrop A spear-phishing campaign is using military-themed malicious Microsoft Office documents to infect devices, according to researchers at Cisco Talos.

Data Breach Culprits: Phishing and Ransomware Dominate

Data Breach Today

Meanwhile, Breaches Involving Military Secrets and CCTV Footage Beset UK Government Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

LinkedIn ‘Job Offers’ Targeted Aerospace, Military Firms With Malware

Threatpost

A recent malware campaign targeted victims at European and Middle East aerospace and military companies - via LinkedIn spear-phishing messages. Hacks Web Security aerospace espionage LinkedIn Middle East Military operation in(ter)ception Spear Phishing

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

as members of the PLA’s 54 th Research Institute, a component of the Chinese military. military against foreign targets, Barr said the DOJ did so in this case because the accused “indiscriminately” targeted American civilians on a massive scale. The U.S.

Transparent Tribe Mounts Ongoing Spy Campaign on Military, Government

Threatpost

Government Malware Vulnerabilities apt crimson RAT Cyberattacks cyberespionage data theft military targets Spear Phishing spy campaign transparent tribe usbwormThe group has added a management console and a USB worming function to its main malware, Crimson RAT.

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Chinese APT CactusPete targets military and financial orgs in Eastern Europe

Security Affairs

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The post Chinese APT CactusPete targets military and financial orgs in Eastern Europe appeared first on Security Affairs.

Nation-State Spear Phishing Attacks Remain Alive and Well

Data Breach Today

Russians Tied to Hack Attacks, But 'Two-Factor' No Silver Bullet, Google Warns Spear phishing attacks are in the news again following the Justice Department's indictment of Russian military intelligence officers for alleged attacks against U.S. Here's how to play better phishing defense

Russia Linked Group Resurfaces With Large-Scale Phishing Campaign

Dark Reading

APT29/Cozy Bear is targeting individuals in military, government, and other sectors via email purporting to be from US State Department

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

Threatpost

Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets.

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership

Threatpost

InvisiMole is back, targeting Eastern Europe organizations in the military sector and diplomatic missions with an updated toolset and new APT partnership. Hacks Malware apt backdoor cyberattack ESET gamaredon hack invisimole malware Spear Phishing threat group

US Air Force Veteran Charged in Iran Hacking Scheme

Data Breach Today

Monica Witt Allegedly Aided Spear-Phishing Attacks Against US Military A former U.S. Air Force counterintelligence agent was indicted for disclosing classified information and helping Iran compromise the computers of other U.S. intelligence agents. The case marks another damaging leak for the American government

Phishing: The simple attack that shreds the defenses of sensitive networks

Information Management Resources

Diplomatic networks carry some of the world’s most sensitive information: communications between world leaders, key technical intellectual property, trade strategies and military plans. Data security Cyber security Cyber attacks

Charming Kitten Iranian Espionage Campaign Thwarts 2FA

Threatpost

The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. Government Web Security apt Charming Kitten espionage Irán Phishing political targets Sanctions Two Factor Authentication

MY TAKE: Let’s not lose sight of why Iran is pushing back with military, cyber strikes

The Last Watchdog

cybersecurity vendors CrowdStrike and FireEye point to Iran-backed hacking collectives targeting US government agencies, as well as finance and energy companies with spear-phishing emails. companies about increased cyber-activity from Iranian hackers, and urged them to take proactive steps to detect and deter data-wiping malware, credential stuffing attacks, password spraying and spear-phishing.

DHS – Russian APT groups are inside US critical infrastructure

Security Affairs

Russians APT Groups carried out spear-phishing attacks against utilities’ equipment vendors and sub subtractors to gather intelligence and collect information to penetrate the infrastructure. APT Breaking News Cyber warfare Hacking Intelligence Malware critical infrastructure DHS military Pierluigi Paganini Russia Security AffairsThe US Government is warning of continuous intrusions in National critical infrastructure and it is blaming the Kremlin for the cyber attacks.

Russia-linked Gamaredon group targets Ukraine officials

Security Affairs

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement.

LUCKY ELEPHANT campaign targets South Asian governments

Security Affairs

The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign use doppelganger webpages to mimic legitimate entities such as foreign governments, telecommunications, and military. According to the experts, threat actors carried out a phishing campaign to lure victims to the websites and provide their credentials, at the time of writing the researchers did not detect any malware associated with LUCKY ELEPHANT campaign.

Suit against Estée Lauder spotlights 401k Distribution Fraud

The Security Ledger

ZestAI’s Quest to make Artificial Intelligence Explainable Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military. Consumer fraud Legal News Malware Phishing Threats Top Stories 401k identity theft retirement savingsA former Estée Lauder employee is suing the company after $99,000 in retirement savings disappeared from her account.

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

Google revealed to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers since January. Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021.

Ransomware Protection in 2021

eSecurity Planet

But what distinguishes Ryuk’s deadliness is its military-grade levels of encryption, ability to delete shadow copies on the endpoint , and encrypt network drives and resources.

Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

Security Affairs

” The Jiangsu Province Ministry of State Security (JSSD) is a foreign intelligence unit that is coordinated by China’s Ministry of State Security (MSS), the agency that is tasked for non-military foreign intelligence and domestic counterintelligence operations. The cyberspies used spear phishing, watering hole attacks, and domain hijacking to deliver various malware families, including Sakula and IsSpace, to the target organization. According to the U.S.

Apple AirTag Bug Enables ‘Good Samaritan’ Attack

Krebs on Security

But according to new research, this same feature can be abused to redirect the Good Samaritan to an iCloud phishing page — or to any other malicious website. military computers in history” was traced back to a USB flash drive left in the parking lot of a U.S.

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

The Last Watchdog

Phishing scams, malware, ransomware and data breaches are just some of the examples of cyberthreats that can devastate business operations and the protection of consumer information. military officials hired data analysts to crack the Japanese secret code known as JN-25. military and the analysts who worked to gather intelligence and relay these critical, decoded messages to prevent further attack.

Pakistan-linked Transparent Tribe APT expands its arsenal

Security Affairs

The Operation Transparent Tribe (Operation C-Major, APT36, and Mythic Leopard) was first spotted by Proofpoint Researchers in Feb 2016, in a series of cyber espionage operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan.

WIRTE APT group targets the Middle East since at least 2019

Security Affairs

A threat actor named WIRTE targets government, diplomatic entities, military organizations, law firms, and financial institutions in Middle East. The group launched spear-phishing campaigns using weaponized Microsoft Office documents to deploy VBS/VBA implants.

GUEST ESSAY: Silence on the front lines of strategic cyber assaults belies heightening tensions

The Last Watchdog

It is in these moments, in the last “situation reports” from the military frontlines where a false state of calm and security that belied the coming death of the story’s protagonist. Diversity – Hacker creativity is at an all time high, with actors bringing in waves of zero-day threats into supply chain software attacks, phishing, and ransomware. Spin up more security awareness training to help minimize social engineering, phishing and other user-focused attacks. •If

Germany protests to Russia over attacks ahead of the upcoming election

Security Affairs

The alleged state-sponsored hackers conducted phishing attacks against federal and state lawmakers to steal their personal login details. The attackers are suspected to be hackers of the tracked as Ghostwriter group that works under the control of the Russian military secret service GRU.

Catches of the month: Phishing scams for February 2020

IT Governance

We’re back for our second ‘catches of the month’ feature of the new decade, where we review recent phishing attacks and help you understand the threat of cyber crime. This month, we look at a school district that was scammed out of millions of dollars thanks to a phony invoice, an attack allegedly tied to the 2020 US presidential election, and a report that found that the number of phishing attacks being disclosed in the UK is on the rise. million in phishing scam.

German Election body hit by a cyber attack

Security Affairs

The alleged state-sponsored hackers conducted phishing attacks against federal and state lawmakers to steal their personal login details. The attackers are suspected to be hackers of the tracked as Ghostwriter group that works under the control of the Russian military secret service GRU.

German Parliament Bundestag targeted again by Russia-linked hackers

Security Affairs

The attackers are suspected to be hackers of the tracked as Ghostwriter group that works under the control of the Russian military secret service GRU.

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. “In November, we uncovered COVID-19 phishing lures that were used to deliver the Go version of Zebrocy.

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

Researchers from the US-based firm Cyble recently came across a post shared by an unknown threat actor that goes online with the moniker Spectre123, where he has allegedly leaked the sensitive documents of NATO and Havelsan (Turkish Military/defence manufacturer).

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Gamaredon group uses a new Outlook tool to spread malware

Security Affairs

The group targeted government and military organizations in Ukraine. In December 2019, the APT group targeted several Ukrainian diplomats, government and military officials, and law enforcement.

Operation North Star – North-Korea hackers targeted US defense and aerospace companies

Security Affairs

The threat actors’ job postings messages were crafted to target the following specific US defense programs and groups: F-22 Fighter Jet Program Defense, Space and Security (DSS) Photovoltaics for space solar cells Aeronautics Integrated Fighter Group Military aircraft modernization programs.

NATO will send a counter-hybrid team to Montenegro to face Russia’s threat

Security Affairs

The Chairman of the NATO Military Committee announced that the alliance has sent a counter-hybrid team to Montenegro to face Russian hybrid attacks. United States Army General Mark Milley, the highest military officer and military adviser to the President, Minister of Defence and U.S.

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

” The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.