Security Affairs

DECEMBER 5, 2023

Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. It allows an attacker to provide covert, unauthorized access to email correspondence and was used after gaining access to email accounts through CVE-2023-23397 (Microsoft Outlook Vulnerability) or password-spraying.”

Accountability 104

Accountability Government Phishing Authentication 104

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Phishing 135

Phishing Accountability Advertising DNS 135

Security Affairs

APRIL 17, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. The attack took place in October 2022, threat actors sent phishing emails that contained links to a password-protected file hosted in Drive.

Media 94

Media Accountability Government Malware 94

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The wAgent backdoor allows the attackers to executed various shell commands to gather information from the infected device.

Cryptocurrency 123

Cryptocurrency Malware Hacking Phishing 123

Security Affairs

FEBRUARY 25, 2021

The attack chain starts with COVID19-themed spear-phishing messages that contain either a malicious Word attachment or a link to one hosted on company servers. . The experts discovered the custom backdoor while investigating an incident, it was used by attackers for lateral movements and data exfiltration.

Malware 94

Malware Cryptocurrency Password Management Encryption 94

Duo's Security Blog

MARCH 28, 2023

Our documentary, “ The Life and Death of Passwords ,” explores with industry experts the history of passwords, why passwords have become less effective over time, and how trust is established in a passwordless future. Humans are not the weakest link in information security. Today: Jayson E.

Passwords 63

Passwords Social Engineering Phishing Technology 63

Security Affairs

JANUARY 8, 2024

Reseachers from Fortinet observed a new variant of a remote access trojan dubbed Bandook that has been used in phishing attacks against Windows users. Bandook has been active since 2007, it has been continuously developed since then and was employed in several campaigns by different threat actors. 7z file.

Malware 109

Malware Phishing Passwords Hacking 109