Search Results for: phishing attacks

July 14, 2023 Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023, leverages phishing lures and decoy documents …

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland Read More »

July 1, 2023 Charming Kitten, the nation-state actor affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. “There have been improved operational security measures placed in the malware to make it more difficult to analyze and …

Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks Read More »

May 25, 2023 The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign. The intrusion set, attributed to a threat actor tracked by the authority as UAC-0063 since 2021, leverages phishing lures to deploy a variety of malicious tools on infected …

Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation Read More »

May 14, 2023 A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. “Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment …

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages Read More »

May 13, 2023 Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany. “The attack campaign has …

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks Read More »

May 9, 2023 An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is a polyglot …

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine Read More »

May 6, 2023 The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. “[ReconShark] is actively delivered to specifically targeted individuals through spear-phishing emails, OneDrive links leading to document downloads, and the execution of malicious macros,” SentinelOne researchers Tom Hegel Article posted by: …

N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks Read More »

April 26, 2023 An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that’s designed to deploy an updated version of a backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated Manticore, which exhibits “strong overlaps” with a hacking crew …

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor Read More »