Trend Micro

SEPTEMBER 28, 2023

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Phishing 144

Phishing Malware Government Cyber threats 144

The Hacker News

FEBRUARY 15, 2024

government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities.

Government 110

Government Phishing 110

Adam Levin

OCTOBER 8, 2020

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning of an increase in Emotet malware-based phishing attacks on state and local agencies. Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails.

Government 208

Government Antivirus Phishing Banking 208

The Hacker News

MARCH 17, 2024

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.

Phishing 120

Phishing Government 120

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Scams 107

Scams Phishing Government Passwords 107

Tech Republic Security

APRIL 1, 2022

A phishing technique called Browser in the Browser (BITB) has emerged, and it’s already aiming at government entities, including Ukraine. The post “Browser in the Browser” attacks: A devastating new phishing technique arises appeared first on TechRepublic. Find out how to protect against this new threat.

Phishing 210

Phishing Government 210

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The APT group was spotted exploiting public-facing servers, it was observed sending spear phishing emails to deliver previously undetected backdoors. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government 83

Government Phishing Accountability VPN 83

Penetration Testing

MARCH 8, 2024

According to the Hong Kong Computer Emergency Response Coordination Centre (HKCERT), Hong Kong is facing an increasingly complex phishing threat landscape.

Phishing 84

Phishing Penetration Testing Banking Government 84

Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Cryptocurrency 342

Cryptocurrency Phishing Accountability Cybercrime 342

Bleeping Computer

JUNE 6, 2022

European governments and US local governments were the targets of a phishing campaign using malicious Rich Text Format (RTF) documents designed to exploit a critical Windows zero-day vulnerability known as Follina. [.].

Phishing 143

Phishing Government 143

Security Boulevard

DECEMBER 8, 2023

TA446’s new TTPs: “Star Blizzard” FSB team called out by Five Eyes governments (again). The post Russian FSB Targets US and UK Politicians in Sneaky Spear-Phish Plan appeared first on Security Boulevard.

Phishing 83

Phishing Government Digital transformation Social Engineering 83

The Hacker News

NOVEMBER 20, 2023

Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT.

Government 110

Government Business Services Education Phishing 110

Adam Levin

JANUARY 15, 2019

citizens are more vulnerable to the effects of identity theft and scams as a result of the ongoing government shutdown. The two primary websites created by the government as resources for victims of identity theft, IdentityTheft.gov and FTC.gov/complaint , are currently offline as part of the partial shutdown of the Federal Trade Commission.

Identity Theft 219

Identity Theft Scams Government Phishing 219

Tech Republic Security

MAY 15, 2020

Spoofing government and health organizations, these templates help attackers create and customize their own phishing pages to exploit the COVID-19 pandemic, says Proofpoint.

Phishing 215

Phishing Government 215

The Hacker News

DECEMBER 22, 2023

Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE.

Government 81

Government Malware Engineering Encryption 81

Security Boulevard

NOVEMBER 2, 2022

local, state, and federal government organizations. The post BYOD and Phishing Attacks: Top Threats Facing US Government Organizations | Lookout appeared first on Security Boulevard. These devices are difficult to monitor and keep up to date, presenting a unique security challenge for U.S. On the one hand, bring-your-own-devi.

Government 52

Government Phishing Mobile 52

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government 118

Government Authentication Phishing Hacking 118

Tech Republic Security

JANUARY 19, 2022

A phishing campaign seen by email security provider Inky tries to trick its victims by inviting them to submit bids for alleged government projects.

Phishing 158

Phishing Accountability Government 158

The Last Watchdog

SEPTEMBER 21, 2022

Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Cybersecurity experts are discussing a new trend in the cybercrime community called phishing-as-a-service. Phishing-as-a-Service (PhaaS). Ready-to-use phishing kits with all necessary attack items are available on the web.

Phishing 198

Phishing Artificial Intelligence Cybercrime Social Engineering 198

Trend Micro

NOVEMBER 17, 2022

We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD.

Government 98

Government Phishing Malware 98

Heimadal Security

FEBRUARY 21, 2023

An updated version of a backdoor called ReverseRAT is being deployed through spear-phishing campaigns targeting Indian government entities. Cybersecurity firm ThreatMon attributed the activity to a threat actor called SideCopy.

Government 87

Government Phishing Malware Cybersecurity 87

Bleeping Computer

AUGUST 2, 2023

Microsoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations worldwide, including government agencies, in Microsoft Teams phishing attacks. [.]

Phishing 95

Phishing Government Hacking 95

Heimadal Security

JULY 15, 2022

Researchers have uncovered a new phishing kit that, under the guise of security controls, injects malware into legitimate WordPress sites and uses a fake PayPal-branded social engineering scam to trick targets into handing over their most sensitive data. This data includes government documents, photos, and even financial information.

Phishing 102

Phishing Social Engineering Scams Engineering 102

CyberSecurity Insiders

JUNE 7, 2023

A senior government official from UAE has alleged that the chat-based platform is being used by criminals to launch phishing and ransomware attacks. They are also using the platform to write phishing emails and launching them with a 63% suc-cess rate.

Phishing 113

Phishing Artificial Intelligence Ransomware Healthcare 113

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing 285

Phishing DNS Social Engineering Accountability 285

CyberSecurity Insiders

JANUARY 5, 2023

All the ministers and government employees working in the UK were issued a warning when their official contact details were publicly available online until March 2020. The post Data Security Threat to UK Government Ministers and Civil Servants appeared first on Cybersecurity Insiders.

Government 109

Government Social Engineering Advertising Media 109

The Hacker News

NOVEMBER 18, 2022

A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world.

Government 98

Government Education Phishing Cybersecurity 98

The Hacker News

MAY 1, 2023

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The agency attributed the phishing campaign to APT28, which is also known by the names Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, Sednit, and Sofacy.

Government 91

Government Cyber Attacks Phishing 91

Tech Republic Security

APRIL 7, 2023

These phishing campaigns are exploiting a Zimbra vulnerability and affecting internet-facing webmail services. The post Phishing from threat actor TA473 targets US and NATO officials appeared first on TechRepublic. Learn how to protect your organization from this security threat.

Phishing 128

Phishing Internet Internet Government 128

Identity IQ

AUGUST 31, 2023

How to Identify and Avoid Holiday Phishing Scams IdentityIQ The holiday season brings joy, celebrations, and… a surge in online scams. Holiday phishing scams are an ongoing issue that ramps up when folks are feeling the most festive. What Is a Phishing Scam? How Does Phishing Work? What Are the Types of Phishing Attacks?

Scams 98

Scams Phishing Identity Theft Banking 98

CyberSecurity Insiders

JANUARY 25, 2023

United States Cybersecurity and Infrastructure Security Agency (CISA) along with two other agencies; National Security Agency (NSA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a warning to federal agencies against a phishing scam taking place through Remote Monitoring and Management (RMM) Software.

Scams 134

Scams Phishing Software Social Engineering 134

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Here are four new phishing trends keeping businesses on their toes. Spear phishing. Phishing via texting.

Phishing 124

Phishing Scams Cybercrime Passwords 124

Bleeping Computer

MARCH 2, 2022

A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees. [.].

Phishing 113

Phishing Government 113

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. CERT-UA discovered multiple phishing attacks aimed at government organizations between December 15 and December 25.

Phishing 119

Phishing Malware Computers and Electronics Internet 119

The Hacker News

MAY 25, 2023

An unnamed government entity associated with the United Arab Emirates (U.A.E.) According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to the execution of a.NET

Government 85

Government Cyber Attacks Phishing 85

Heimadal Security

APRIL 18, 2022

More Information about the IcedID Phishing Attacks According to the agency, the IcedID phishing attacks are linked to […]. The post IcedID Malware Is Being Used in a New Hacking Campaign Targeting the Ukrainian Government appeared first on Heimdal Security Blog.

Government 121

Government Social Engineering Malware Hacking 121

Heimadal Security

MARCH 3, 2022

European government personnel involved in helping Ukraine refugees with logistics support has been the target of a spear-phishing campaign, a new report underlines. The post Countries Assisting Ukraine Refugees Targeted in Phishing Cyberattacks appeared first on Heimdal Security Blog.

Phishing 100

Phishing Government Accountability Cybersecurity 100