Government, Hacking, Information Security and Phishing

Phishing campaign targets government institution in Moldova

Security Affairs

JANUARY 9, 2023

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than 1,330 emails to accounts belonging to the country’s state services.

Phishing

Phishing Government DDOS Scams

Large phishing campaign targets EMEA and APAC governments

Security Affairs

SEPTEMBER 20, 2021

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . email service. Pierluigi Paganini.

Phishing

Phishing Government Cybercrime Hacking

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams

Scams Phishing Government Passwords

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

The Crown Princess Mary Cancer Center is the healthcare facility that is in discussion and federal government agencies are trying to contain the incident on the servers of the facility, which is part of the Sydney West Cancer Network. According to sources, a hack has exposed data of over 780,000 children who were patients of Brightline.

Information Security

Information Security Healthcare Social Engineering Ransomware

Earth Krahang APT breached tens of government organizations worldwide

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The APT group was spotted exploiting public-facing servers, it was observed sending spear phishing emails to deliver previously undetected backdoors. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government

Government Phishing Accountability VPN

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

government and defense entities. Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. private sector and government computer systems,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division.

Hacking

Hacking Identity Theft Social Engineering Accountability

Zimbra zero-day exploited to steal government emails by four groups

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government

Government Authentication Phishing Hacking

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. According to Mandiant, starting as early as October 10, 2022, the UNC4841 group sent spear-phishing emails to victim organizations. reads the report published by Mandiant. At the end of July, the U.S.

Government

Government Hacking Malware Accountability

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks.

Phishing

Phishing Malware Computers and Electronics Internet

Google blocked China-linked APT31’s attacks targeting U.S. Government

Security Affairs

MARCH 9, 2022

Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. government. government. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. government. Pierluigi Paganini.

Government

Government Phishing DDOS Hacking

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. GhostPulse), and other forms of phishing campaigns. The researchers did not observe newer variants utilizing older methods. .”Once

Education

Education Government Business Services Software

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing

Phishing Accountability Hacking Scams

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Phishing

Phishing Social Engineering Government Accountability

Unknown APT group is targeting Russian government entities

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the third campaign, threat actors targeted the Rostec defense conglomerate, the phishing messages used build_rosteh4.exe SecurityAffairs – hacking, Unknown APT group). exe for its malware. Pierluigi Paganini.

Government

Government Malware Phishing Hacking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

US offers a $10 million reward for information on four Iranian nationals

Security Affairs

APRIL 24, 2024

government, defense contractors, and private companies. The Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) is an organization within the Iranian government responsible for cybersecurity and cyber warfare. companies and government entities. entities using spear phishing and social engineering.

Government

Government Phishing Social Engineering Hacking

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking

Hacking Government Phishing Malware

Russia behind a massive spear-phishing campaign that hit Ukraine

Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year. SecurityAffairs – hacking, Ukraine).

Phishing

Phishing Government Antivirus Passwords

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. SecurityAffairs – hacking, Asylum Ambuscade). Pierluigi Paganini.

Phishing

Phishing Accountability Government Malware

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The threat actors leverage spear-phishing emails to deliver archive files utilizing DLL side-loading schemes. appeared first on Security Affairs. Is it linked to ToddyCat APT?

Government

Government Encryption Phishing Malware

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. SecurityAffairs – hacking, Ukraine).

Phishing

Phishing Cybercrime Ransomware Encryption

China-linked threat actors are targeting the government of Ukraine

Security Affairs

MARCH 18, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine’s government for intelligence purposes. Below is the tweet published by TAG chief, Shane Huntley, who cited the Google TAG Security Engineer Billy Leonard. government. government. SecurityAffairs – hacking, Ukraine).

Government

Government Engineering Phishing Hacking

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government

Government Malware Phishing Software

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing

Phishing Malware Government Small Business

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

MAY 28, 2021

Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Phishing

Phishing Threat Detection Telecommunications Malware

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” reads the joint advisory.

Government

Government Energy and Utilities Malware Hacking

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

The security breach took place on on May 14, and the institute discovered it only on May 31, then the research institute reported the incident to the government and launched an investigation. Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ?

Hacking

Hacking VPN Internet Internet

China-linked APT Sharp Panda targets government entities in Southeast Asia

Security Affairs

MARCH 8, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia.

Government

Government Malware Architecture Healthcare

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

Security Affairs

JULY 5, 2022

The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks. The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks. SecurityAffairs – hacking, Cyber Police of Ukraine).

Phishing

Phishing Computers and Electronics Banking Mobile

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The threat that API security breaches pose to enterprises should not be taken lightly.

Hacking

Hacking Penetration Testing Data breaches Authentication

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Malware

Malware Phishing Government Passwords

China-linked RedAlpha behind multi-year credential theft campaign

Security Affairs

AUGUST 17, 2022

The campaign targeted global humanitarian, think tank, and government organizations. Recorded Future identified a link between RedAlpha and a Chinese information security company, whose name appears in the registration of multiple RedAlpha domains. The company called “Nanjing Qinglan Information Technology Co.,

Phishing

Phishing Government Information Security Technology

COVID-19 – Phishing attacks target employees that come back to the office

Security Affairs

MAY 30, 2021

Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. SecurityAffairs – hacking, COVID-19).

Phishing

Phishing Authentication Government Accountability

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Hacking Malware Encryption

Maze Ransomware operators hacked Highways Authority Of India (Nhai)

Security Affairs

JULY 2, 2020

The National Highways Authority of India (NHAI) is an autonomous agency of the Government of India, set up in 1988, and is responsible for the management of a network of over 50,000 km of National Highways out of 1,15,000 km in India. SecurityAffairs – Maze ransomware, hacking). ” states the Economic Times. . Pierluigi Paganini.

Ransomware

Ransomware Hacking Government Cyber Attacks

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs

MAY 21, 2020

“Victims of the analyzed campaigns fit into the pattern preferred by this actor, such as air transport and government sectors in the Middle East,” reads the researcher paper published by the experts. Most of the hacking activity occurs on Friday and Saturday, coinciding with the weekend in the Middle East.

Government

Government Social Engineering Telecommunications Hacking

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC. Automotive Industry Chinese Organized Crime’s Latest U.S.

Data breaches

Data breaches Phishing Ransomware Malware

The Business Value of the Social-Engineer Phishing Service

Security Boulevard

JUNE 18, 2021

Phishing attacks continue to plague organizations across the globe with great success, but why? The post The Business Value of the Social-Engineer Phishing Service appeared first on Security Boulevard. Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an.

Social Engineering

Social Engineering Engineering Phishing Penetration Testing

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Emerging Threats and Trends The landscape of email threats continues to evolve, with VIPRE’s report shedding light on several alarming trends: Deepfake and AI Exploitation: Attackers increasingly leverage deepfake technology and AI to craft more convincing phishing emails, significantly raising the stakes for email security.

Phishing

Phishing Identity Theft Scams Malware

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government

Government Malware Computers and Electronics Advertising

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

Now experts from CISA are warning of phishing messages delivering weaponized Microsoft Word documents that contain malicious Visual Basic Application (VBA) macro code. Government experts warn that macro code could change the font color to trick the victim into enabling content and determine the system architecture. Pierluigi Paganini.

Phishing

Phishing Malware Advertising Architecture

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. Akira operators were also observed using external-facing services such as Remote Desktop Protocol (RDP), spear phishing, and the abuse of valid credentials.

Ransomware

Ransomware Encryption Antivirus VPN

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “I’ve never seen this volume of phishing,” Rogers told Reuters. .

Cybersecurity

Cybersecurity Cyber threats Government Phishing

National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

Security Affairs

MARCH 7, 2024

The director of the Information and Security Service (SIS) Alexandru Musteata during a press conference warned that Russia can carry out hybrid attacks against the country to destabilize the its government. The goal is to fuel discontent with the government of Moldova and promote protests against its politicians.

DDOS

DDOS Government Phishing Advertising

Phishing campaign targets government institution in Moldova

Large phishing campaign targets EMEA and APAC governments

Trending Sources

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Information Security News headlines trending on Google

Earth Krahang APT breached tens of government organizations worldwide

U.S. authorities charged an Iranian national for long-running hacking campaign

Zimbra zero-day exploited to steal government emails by four groups

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Russia-linked APT28 used new malware in a recent phishing campaign

Google blocked China-linked APT31’s attacks targeting U.S. Government

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Cybercriminals Use Azure Front Door in Phishing Attacks

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Unknown APT group is targeting Russian government entities

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

US offers a $10 million reward for information on four Iranian nationals

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia behind a massive spear-phishing campaign that hit Ukraine

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

China-linked threat actors are targeting the government of Ukraine

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

US indicted 4 Russian government employees for attacks on critical infrastructure

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

China-linked APT Sharp Panda targets government entities in Southeast Asia

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

China-linked RedAlpha behind multi-year credential theft campaign

COVID-19 – Phishing attacks target employees that come back to the office

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Maze Ransomware operators hacked Highways Authority Of India (Nhai)

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

The Business Value of the Social-Engineer Phishing Service

Unmasking 2024’s Email Security Landscape

Croatia government agencies targeted with news SilentTrinity malware

CISA warns of phishing attacks delivering KONNI RAT

Akira ransomware received $42M in ransom payments from over 250 victims

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

Stay Connected