Krebs on Security
APRIL 6, 2022
“Someone was trying to phish employee credentials, and they were good at it,” Wired reported. “They were calling up consumer service and tech support personnel, instructing them to reset their passwords. ” Twitter revealed that a key tactic of the group was “phone spear phishing” (a.k.a.
SecureList
MAY 12, 2021
Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. The ransomware is now distributed mainly through compromised RDP accesses, phishing, and software vulnerabilities. Access sellers.
SecureList
APRIL 23, 2021
In certain cases, they used spear-phishing campaigns to install Cobalt Strike RAT, while other attacks involved exploiting a vulnerable internet-facing service (e.g., Citrix ADC/NetScaler or Pulse Secure VPN) or weak RDP credentials to breach the network. Maze primarily targeted businesses and large organizations. Conclusion.
Expert insights. Personalized for you.
231 
Let's personalize your content