Government, Information Security and Phishing

Phishing campaign targets government institution in Moldova

Security Affairs

JANUARY 9, 2023

The government institutions of Moldova have been hit by a wave of phishing attacks since the country offered support to Ukraine. The government institutions of Moldova have been hit by a wave of phishing attacks, threat actors sent more than 1,330 emails to accounts belonging to the country’s state services.

Phishing

Phishing Government DDOS Scams

Large phishing campaign targets EMEA and APAC governments

Security Affairs

SEPTEMBER 20, 2021

Security researchers uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . Researchers from cybersecurity firm Cyjax uncovered a large phishing campaign targeting multiple government departments in APAC and EMEA countries. . email service. Pierluigi Paganini.

Phishing

Phishing Government Cybercrime Hacking

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams

Scams Phishing Government Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Information Security News headlines trending on Google

CyberSecurity Insiders

MAY 4, 2023

The Crown Princess Mary Cancer Center is the healthcare facility that is in discussion and federal government agencies are trying to contain the incident on the servers of the facility, which is part of the Sydney West Cancer Network. The post Information Security News headlines trending on Google appeared first on Cybersecurity Insiders.

Information Security

Information Security Healthcare Social Engineering Ransomware

Earth Krahang APT breached tens of government organizations worldwide

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The APT group was spotted exploiting public-facing servers, it was observed sending spear phishing emails to deliver previously undetected backdoors. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government

Government Phishing Accountability VPN

Zimbra zero-day exploited to steal government emails by four groups

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government

Government Authentication Phishing Hacking

Russia-linked APT28 used new malware in a recent phishing campaign

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks.

Phishing

Phishing Malware Computers and Electronics Internet

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Phishing

Phishing Social Engineering Government Accountability

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing

Phishing Accountability Hacking Scams

Google blocked China-linked APT31’s attacks targeting U.S. Government

Security Affairs

MARCH 9, 2022

Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. government. government. Google Threat Analysis Group (TAG) director Shane Huntley confirmed that the IT giant was able to detect and block all phishing messages. government. Pierluigi Paganini.

Government

Government Phishing DDOS Hacking

Unknown APT group is targeting Russian government entities

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. In the third campaign, threat actors targeted the Rostec defense conglomerate, the phishing messages used build_rosteh4.exe This campaign primarily targeted RT TV employees. exe for its malware. Pierluigi Paganini.

Government

Government Malware Phishing Hacking

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

NOVEMBER 21, 2023

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The most impacted sectors are education, government, and business services. GhostPulse), and other forms of phishing campaigns. The researchers did not observe newer variants utilizing older methods.

Education

Education Government Business Services Software

Your Keys to Better Healthcare Information Security

Security Boulevard

JULY 10, 2022

Your Keys to Better Healthcare Information Security Read More ». The post Your Keys to Better Healthcare Information Security appeared first on TechSpective. The post Your Keys to Better Healthcare Information Security appeared first on Security Boulevard.

Healthcare

Healthcare Information Security Software Security Awareness

Russia behind a massive spear-phishing campaign that hit Ukraine

Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year. Pierluigi Paganini.

Phishing

Phishing Government Antivirus Passwords

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. net) that appears to belong to a compromised Ukranian armed service member.”

Phishing

Phishing Accountability Government Malware

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

Security Affairs

FEBRUARY 4, 2022

The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. In Mid January the Ukrainian government was hit with destructive malware, tracked as WhisperGate , and several Ukrainian government websites were defaced by exploiting a separate vulnerability in OctoberCMS.

Government

Government Malware Phishing Software

China-linked threat actors are targeting the government of Ukraine

Security Affairs

MARCH 18, 2022

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine’s government for intelligence purposes. Below is the tweet published by TAG chief, Shane Huntley, who cited the Google TAG Security Engineer Billy Leonard. government. government. China is working hard here too. Pierluigi Paganini.

Government

Government Engineering Phishing Hacking

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

APRIL 17, 2020

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days.

Phishing

Phishing Malware Government Small Business

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

A cyberespionage campaign, tracked as Stayin’ Alive, targeted high-profile government and telecom entities in Asia. The threat actors leverage spear-phishing emails to deliver archive files utilizing DLL side-loading schemes. appeared first on Security Affairs. Is it linked to ToddyCat APT?

Government

Government Encryption Phishing Malware

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:?

Phishing

Phishing Cybercrime Ransomware Encryption

China-linked APT Sharp Panda targets government entities in Southeast Asia

Security Affairs

MARCH 8, 2023

China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked APT group Sharp Panda that is targeting a high-profile government entity in the Southeast Asia.

Government

Government Malware Architecture Healthcare

US offers a $10 million reward for information on four Iranian nationals

Security Affairs

APRIL 24, 2024

government, defense contractors, and private companies. The Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) is an organization within the Iranian government responsible for cybersecurity and cyber warfare. companies and government entities. entities using spear phishing and social engineering.

Government

Government Phishing Social Engineering Hacking

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Security Affairs

MAY 28, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. The phishing campaign detected by MSTIC leveraged the Google Firebase platform to provide an ISO file containing the malicious code.

Phishing

Phishing Threat Detection Telecommunications Malware

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

Security Affairs

JULY 5, 2022

The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks. The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks. ” reads the advisory published by the Cyber Police of Ukraine.

Phishing

Phishing Computers and Electronics Banking Mobile

The Business Value of the Social-Engineer Phishing Service

Security Boulevard

JUNE 18, 2021

Phishing attacks continue to plague organizations across the globe with great success, but why? The post The Business Value of the Social-Engineer Phishing Service appeared first on Security Boulevard. Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an.

Social Engineering

Social Engineering Engineering Phishing Penetration Testing

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. According to Mandiant, starting as early as October 10, 2022, the UNC4841 group sent spear-phishing emails to victim organizations. reads the report published by Mandiant. At the end of July, the U.S.

Government

Government Hacking Malware Accountability

COVID-19 – Phishing attacks target employees that come back to the office

Security Affairs

MAY 30, 2021

Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. ” continues the analysis.

Phishing

Phishing Authentication Government Accountability

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. Pierluigi Paganini.

Government

Government Energy and Utilities Malware Hacking

China-linked RedAlpha behind multi-year credential theft campaign

Security Affairs

AUGUST 17, 2022

The campaign targeted global humanitarian, think tank, and government organizations. Recorded Future identified a link between RedAlpha and a Chinese information security company, whose name appears in the registration of multiple RedAlpha domains. The company called “Nanjing Qinglan Information Technology Co.,

Phishing

Phishing Government Information Security Technology

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

JULY 7, 2019

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. ” reads one of the alerts.

Government

Government Malware Computers and Electronics Advertising

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Malware

Malware Phishing Government Passwords

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “I’ve never seen this volume of phishing,” Rogers told Reuters. “I

Cybersecurity

Cybersecurity Cyber threats Government Phishing

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

Now experts from CISA are warning of phishing messages delivering weaponized Microsoft Word documents that contain malicious Visual Basic Application (VBA) macro code. Government experts warn that macro code could change the font color to trick the victim into enabling content and determine the system architecture. Pierluigi Paganini.

Phishing

Phishing Malware Advertising Architecture

Fraudster stole $870,000 from 2 US universities with spear-phishing mails

Security Affairs

AUGUST 5, 2019

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme.

Phishing

Phishing Banking Advertising Accountability

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs

MAY 21, 2020

“Victims of the analyzed campaigns fit into the pattern preferred by this actor, such as air transport and government sectors in the Middle East,” reads the researcher paper published by the experts. The post Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia appeared first on Security Affairs.

Government

Government Social Engineering Telecommunications Hacking

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

MAY 9, 2020

Nigerian cyber gang SilverTerrier, specialized in BEC attacks, used COVID-19 lures in recent attacks on healthcare and government organizations. “Disguised as COVID-19 relief materials coming from a “Thai Medical Department,” these phishing emails were delivered with one of two samples of Lokibot malware designed to call out to 185[.]126[.]202[.]111

Healthcare

Healthcare Government Energy and Utilities Insurance

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Emerging Threats and Trends The landscape of email threats continues to evolve, with VIPRE’s report shedding light on several alarming trends: Deepfake and AI Exploitation: Attackers increasingly leverage deepfake technology and AI to craft more convincing phishing emails, significantly raising the stakes for email security.

Phishing

Phishing Identity Theft Scams Malware

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. . “CrimsonRAT has been known to target diplomatic and government organizations in Southeast Asia.” Pierluigi Paganini.

Government

Government Malware Advertising Passwords

US Government concerned by cyber attacks on Czech hospitals during COVID19 crisis

Security Affairs

APRIL 20, 2020

” NUKIB representatives confirmed that a “preparatory phase” of the attacks was already underway, attackers launched spear-phishing attacks against operators of critical infrastructure in the healthcare industry. “However, we still have to be very cautious.” ” reported the Reuters agency. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Government Healthcare Advertising

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Security Affairs

MAY 17, 2024

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. However, evidence suggests possible spear-phishing and exploitation of misconfigured Zabbix network and application monitoring software. ” reads the report published by ESET.

Phishing

Phishing Software Government Malware

National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

Security Affairs

MARCH 7, 2024

The director of the Information and Security Service (SIS) Alexandru Musteata during a press conference warned that Russia can carry out hybrid attacks against the country to destabilize the its government. The goal is to fuel discontent with the government of Moldova and promote protests against its politicians.

DDOS

DDOS Government Phishing Advertising

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

DDOS

DDOS Phishing Government Hacking

Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 19, 2024

records on Chinese users Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea U.S. elections face more threats from foreign actors and artificial intelligence Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Artificial Intelligence

Artificial Intelligence Data breaches Ransomware Hacking

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . ” Huntley added. “If

Phishing

Phishing Government Hacking Accountability

Phishing campaign targets government institution in Moldova

Large phishing campaign targets EMEA and APAC governments

Webinars

Trending Sources

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Webinars

Information Security News headlines trending on Google

Earth Krahang APT breached tens of government organizations worldwide

Zimbra zero-day exploited to steal government emails by four groups

Russia-linked APT28 used new malware in a recent phishing campaign

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

Cybercriminals Use Azure Front Door in Phishing Attacks

Google blocked China-linked APT31’s attacks targeting U.S. Government

Unknown APT group is targeting Russian government entities

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Your Keys to Better Healthcare Information Security

Russia behind a massive spear-phishing campaign that hit Ukraine

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Russia-linked Gamaredon APT targeted a western government entity in Ukraine

China-linked threat actors are targeting the government of Ukraine

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

China-linked APT Sharp Panda targets government entities in Southeast Asia

US offers a $10 million reward for information on four Iranian nationals

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict

The Business Value of the Social-Engineer Phishing Service

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

COVID-19 – Phishing attacks target employees that come back to the office

US indicted 4 Russian government employees for attacks on critical infrastructure

China-linked RedAlpha behind multi-year credential theft campaign

Croatia government agencies targeted with news SilentTrinity malware

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

CISA warns of phishing attacks delivering KONNI RAT

Fraudster stole $870,000 from 2 US universities with spear-phishing mails

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Unmasking 2024’s Email Security Landscape

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

US Government concerned by cyber attacks on Czech hospitals during COVID19 crisis

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

Google TAG: Russia, Belarus-linked APTs targeted Ukraine

Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

Google warns of APT28 attack attempts against 14,000 Gmail users

Stay Connected