Document, Phishing and Security Intelligence

North Korea-linked APT Emerald Sleet is using a new tactic

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. The IT giant recommends training users about phishing and employing attack surface reduction rules. LNK shortcut files, disguised as Office documents.

Phishing

Phishing Malware Security Intelligence Hacking

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Phishing

Phishing Malware Security Intelligence Hacking

Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

Security Affairs

APRIL 21, 2025

While investigating a security breach, the AhnLab SEcurity intelligence Center (ASEC) researchers discovered a North Korea-linked group Kimsuky ‘s campaign, tracked as Larva-24005. Experts observed Kimsuky sending phishing emails targeting Korea and Japan from compromised systems.

Phishing

Phishing Malware Security Intelligence Hacking

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

The Hacker News

FEBRUARY 6, 2025

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).

Malware

Malware Phishing Security Intelligence Hacking

Microsoft warns of phishy OAuth apps

Malwarebytes

JANUARY 26, 2022

This is only the beginning of a potentially very nasty scaling of the security ladders. Any phish is bad, but here we have the scammers driving their way into the network and grabbing as many permissions as they can manage. According to Microsoft Security Intelligence, the campaign has “targeted hundreds of organisations”.

Phishing

Phishing Security Intelligence Scams Passwords

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. In April, these Excel 4.0

Security Intelligence

Security Intelligence Advertising Phishing Malware

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020.

Government

Government Banking Advertising Malware

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

Threatpost

MAY 22, 2020

documents to spread the weaponized NetSupport RAT in a spear-phishing campaign. Attackers used malicious Excel 4.0

Phishing

Phishing Security Intelligence

RevengeRAT and AysncRAT target aerospace and travel sectors

SC Magazine

MAY 14, 2021

Microsoft Security Intelligence earlier this week tweeted out that it has been tracking a campaign of remote access trojans (RATs) targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT. Photo by Joe Raedle/Getty Images).

Phishing

Phishing Scams Security Awareness Security Intelligence

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

APRIL 18, 2020

This week’s campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message from a non-profit offering free COVID-19 test. pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020.

Malware

Malware Advertising Security Intelligence Phishing

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware

Malware Security Intelligence Banking Phishing

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware

Malware Phishing DNS Cybercrime

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

To understand the basis for these recommendations, read the documents mentioned at the end of the post. Campaign attackers have been highly effective at fooling victims into revealing their logon credentials to copycat websites (phishing). Attackers stole sensitive documents. campaigns from around 2016. government.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

That could be through common hacking techniques like phishing, bait and switch, cookie theft, deep fake , password cracking , social engineering , and so on. Security intelligence comes with a high pay off. Numerous studies have documented how men and women gauge risk differently. INSIGHT #3.

Cyber Risk

Cyber Risk Risk Cybersecurity Technology

Is G Suite HIPAA Compliant? An Admin Guide For Configuring G Suite for HIPAA Compliance

Spinone

JULY 8, 2020

This ensures that information contained in emails is secured as it is transmitted across the Internet. However, S/MIME encryption relies on your organization using the G Suite Enterprise plan as documented in Google’s S/MIME administration guide. To configure alert center email notifications, follow the documentation found here.

Encryption

Encryption Backups Ransomware Accountability

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. More details + TTPs in this MSTIC blog: [link] — Microsoft Security Intelligence (@MsftSecIntel) August 15, 2022. Pierluigi Paganini.

Phishing

Phishing Accountability Hacking Surveillance

Cyber Security Informer

North Korea-linked APT Emerald Sleet is using a new tactic

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Trending Sources

Kimsuky APT exploited BlueKeep RDP flaw in attacks against South Korea and Japan

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

Microsoft warns of phishy OAuth apps

Microsoft warns of “massive campaign” using COVID-19 themed emails

CISA alert warns of Emotet attacks on US govt entities

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

RevengeRAT and AysncRAT target aerospace and travel sectors

Trickbot is the most prolific malware operation using COVID-19 themed lures

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Threat actor has been targeting the aviation industry since at least 2018

Cybersecurity Checklist for Political Campaigns

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Is G Suite HIPAA Compliant? An Admin Guide For Configuring G Suite for HIPAA Compliance

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Stay Connected