Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams 113

Scams Phishing Government Passwords 113

Heimadal Security

APRIL 18, 2022

More Information about the IcedID Phishing Attacks According to the agency, the IcedID phishing attacks are linked to […]. The post IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government appeared first on Heimdal Security Blog.

Government 115

Government Social Engineering Malware Hacking 115

Security Affairs

MARCH 2, 2024

government and defense entities. Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. private sector and government computer systems,” said Assistant Attorney General Matthew G. defense contractors and private companies. Targeted entities include the U.S.

Hacking 111

Hacking Identity Theft Social Engineering Accountability 111

Security Boulevard

OCTOBER 24, 2021

Details on the F12 “hacking” incident of the Missouri state education website and the foolish response from the Missouri governor, Over 30 countries (except China and Russia) meet to fight ransomware globally, and the FBI’s warning about fake unemployment benefit websites. ** Links mentioned on the show ** Gov.

Government 108

Government Hacking Ransomware Education 108

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government 124

Government Authentication Phishing Hacking 124

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. According to Mandiant, starting as early as October 10, 2022, the UNC4841 group sent spear-phishing emails to victim organizations. reads the report published by Mandiant. At the end of July, the U.S.

Government 111

Government Hacking Malware Accountability 111

Bleeping Computer

AUGUST 2, 2023

Microsoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations worldwide, including government agencies, in Microsoft Teams phishing attacks. [.]

Phishing 83

Phishing Government Hacking 83

CyberSecurity Insiders

JANUARY 25, 2023

United States Cybersecurity and Infrastructure Security Agency (CISA) along with two other agencies; National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a warning to federal agencies against a phishing scam taking place through Remote Monitoring and Management (RMM) Software.

Scams 134

Scams Phishing Software Social Engineering 134

Schneier on Security

JUNE 19, 2020

Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents.

Hacking 257

Hacking Phishing Accountability Government 257

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing 279

Phishing DNS Social Engineering Accountability 279

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. CERT-UA discovered multiple phishing attacks aimed at government organizations between December 15 and December 25. unauthorized access to victims’ accounts within Exchange servers.

Phishing 125

Phishing Malware Computers and Electronics Internet 125

Security Affairs

MARCH 9, 2022

Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. government. government. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. government. Pierluigi Paganini.

Government 96

Government Phishing DDOS Hacking 96

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. GhostPulse), and other forms of phishing campaigns. The researchers did not observe newer variants utilizing older methods. .”Once

Education 119

Education Government Business Services Software 119

Bleeping Computer

JULY 14, 2022

A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos. [.].

Phishing 77

Phishing Hacking Government 77

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 131

Phishing Accountability Hacking Scams 131

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the third campaign, threat actors targeted the Rostec defense conglomerate, the phishing messages used build_rosteh4.exe SecurityAffairs – hacking, Unknown APT group). exe for its malware. Pierluigi Paganini.

Government 114

Government Malware Phishing Hacking 114

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Phishing 110

Phishing Social Engineering Government Accountability 110

Security Affairs

APRIL 24, 2024

government, defense contractors, and private companies. The Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) is an organization within the Iranian government responsible for cybersecurity and cyber warfare. companies and government entities. entities using spear phishing and social engineering.

Government 90

Government Phishing Social Engineering Hacking 90

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Related: The threat of ‘business logic’ hacks. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Spear phishing. Phishing via texting.

Phishing 124

Phishing Scams Cybercrime Passwords 124

The Hacker News

FEBRUARY 4, 2022

The Russia-linked Gamaredon hacking group attempted to compromise an unnamed Western government entity operating in Ukraine last month amidst ongoing geopolitical tensions between the two countries.

Government 90

Government Phishing Hacking 90

The Hacker News

APRIL 6, 2021

A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam.

Government 99

Government Phishing Hacking 99

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking 95

Hacking Government Phishing Malware 95

The Hacker News

APRIL 17, 2022

Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, the agency said the infection sequence begins with an email containing a Microsoft Excel document (

Social Engineering 91

Social Engineering Malware Government Hacking 91

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] us , a site unabashedly dedicated to helping people hack email and online gaming accounts. Don’t settle for a ‘hack’; this is your career, let’s do it right!

Hacking 185

Hacking Accountability Data breaches Marketing 185

CyberSecurity Insiders

APRIL 5, 2023

North Korea has established a hacking group named APT43 to fund its cybercrime activities, aimed at advancing Pyongyang’s geopolitical interests. Additionally, a new spying team named Archipelago, a subset of APT43, has emerged and is using phishing tactics to tar-get potential victims.

Hacking 105

Hacking Social Engineering Cryptocurrency Healthcare 105

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. SecurityAffairs – hacking, Asylum Ambuscade). Pierluigi Paganini.

Phishing 90

Phishing Accountability Government Malware 90

Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year. SecurityAffairs – hacking, Ukraine).

Phishing 99

Phishing Government Antivirus Passwords 99

Graham Cluley

DECEMBER 8, 2023

Two men have been charged with hacking into computer networks in the United States, UK, other NATO countries, and Ukraine, on behalf of the Russian government. Read more in my article on the Hot for Security blog.

Hacking 96

Hacking Government Data breaches Phishing 96

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. At the beginning of that year, we still observed phishing attacks that used the themes of infection and prevention as the bait.

Phishing 91

Phishing Scams Accountability Energy and Utilities 91

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. SecurityAffairs – hacking, Ukraine).

Phishing 95

Phishing Cybercrime Ransomware Encryption 95

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The threat actors leverage spear-phishing emails to deliver archive files utilizing DLL side-loading schemes. Is it linked to ToddyCat APT? appeared first on Security Affairs.

Government 111

Government Encryption Phishing Malware 111

CyberSecurity Insiders

JULY 6, 2022

The advisory states that the said hacking group has launched consistent hacking campaigns belonging to Bangladesh Military to conduct espionage and steal classical info. All such attacks take place through email phishing campaigns. And the latest detected by the experts was no exception.

Hacking 105

Hacking Phishing Government Malware 105

Security Affairs

MARCH 18, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine’s government for intelligence purposes. Google TAG team notified Ukrainian government organizations that were targeted by Chinese intelligence. government. government. SecurityAffairs – hacking, Ukraine). Pierluigi Paganini.

Government 104

Government Engineering Phishing Hacking 104

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. commercial and government interests.

Hacking 233

Hacking Identity Theft Government Phishing 233

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing 126

Phishing Malware Government Small Business 126

Security Affairs

MAY 28, 2021

Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Phishing 100

Phishing Threat Detection Telecommunications Malware 100

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. ” reads the joint advisory.

Government 102

Government Energy and Utilities Malware Hacking 102