Tag: spear-phishing
-
Neue SpearKampagne fokussiert auf Führungskräfte
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/neu-spear-phishing-kampagne-fokus-fuehrungskraefte
-
Neue SpearKampagne fokussiert auf Führungskräfte
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/neu-spear-phishing-kampagne-fokus-fuehrungskraefte
-
Neue SpearWelle trifft Managementebene
Die aktuelle Angriffswelle zeigt eindrucksvoll, wie geschickt Cyberkriminelle psychologische Taktiken und scheinbar vertrauliche Informationen nutzen, um Vertrauen zu erschleichen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neue-spear-phishing-welle-trifft-managementebene/a42266/
-
Phishing-Kampagne zielt auf Führungskräfte
Sicherheitsforscher warnen vor einer gezielten Welle von Spear-Phishing-Angriffen, die insbesondere Führungskräfte und leitende Angestellte in verschiedenen Branchen ins Visier nehmen. Die Angreifer tarnen ihre Nachrichten als Benachrichtigungen zur Freigabe von Onedrive-Dokumenten und versehen sie mit Betreffzeilen wie ‘Gehaltsänderung” oder ‘FIN_SALARY”. Ein Klick auf den enthaltenen Link führt die Empfänger auf eine täuschend echt gestaltete Anmeldeseite…
-
Neue Phishing-Variante greift Gmail-Nutzer an
Tags: access, adobe, awareness, cio, ciso, cyberattack, hacker, intelligence, mail, malware, phishing, ransomware, risk, spear-phishing, threat, tool, zero-trustHacker haben gefälschte PDF-Dateien an Gmail-Nutzer verschickt, die täuschend echt wirken. Forscher des Sicherheitsunternehmens Varonis haben eine raffinierte Phishing-Methode entdeckt, die auf Gmail-Nutzer zielt. Dabei kommt eine Malware zum Einsatz, die sich nicht nur als PDF-Anhang tarnt, sondern die Opfer automatisch dazu auffordert, diesen zu öffnen.’Der Dateityp .PDF ist im privaten und geschäftlichen Bereich allgegenwärtig…
-
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware
The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor.”Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan using spear-phishing and malicious documents as initial First seen on…
-
Malicious ZIP Files Use Windows Shortcuts to Drop Malware
Cybersecurity firm Blackpoint Cyber reveals a new spear phishing campaign targeting executives. Learn how attackers use fraudulent document ZIPs containing malicious shortcut files, leveraging ‘living off the land’ tactics, and a unique Anti-Virus check to deliver a custom payload First seen on hackread.com Jump to article: hackread.com/malicious-zip-files-windows-shortcuts-malware/
-
New Spear-Phishing Attack Deploys DarkCloud Malware to Steal Keystrokes and Credentials
Tags: attack, credentials, cyber, detection, intelligence, malware, phishing, soc, spear-phishing, threatAdversaries don’t work 95 and neither do we. At eSentire, our 24/7 SOCs are staffed with elite threat hunters and cyber analysts who hunt, investigate, contain and respond to threats within minutes. Backed by threat intelligence, tactical threat response and advanced threat analytics from our Threat Response Unit (TRU), eSentire delivers rapid detection and disruption…
-
Nimbus Manticore Targets Defense and Telecom Industries with New Malware Attack
Check Point Research has identified a long-running campaign by the Iranian-aligned threat actor Nimbus Manticore”, also known as UNC1549, Smoke Sandstorm, and the “Iranian Dream Job” operation”, targeting defense manufacturers, telecommunications, and aviation entities aligned with IRGC priorities. Recent activity demonstrates a sharpened focus on Western Europe, notably Denmark, Sweden, and Portugal, with spear-phishing lures…
-
Nimbus Manticore Targets Defense and Telecom Industries with New Malware Attack
Check Point Research has identified a long-running campaign by the Iranian-aligned threat actor Nimbus Manticore”, also known as UNC1549, Smoke Sandstorm, and the “Iranian Dream Job” operation”, targeting defense manufacturers, telecommunications, and aviation entities aligned with IRGC priorities. Recent activity demonstrates a sharpened focus on Western Europe, notably Denmark, Sweden, and Portugal, with spear-phishing lures…
-
Breach Roundup: Microsoft, Cloudflare Dismantle RaccoonO365
Tags: ai, breach, china, data, data-breach, hacker, microsoft, phishing, privacy, service, spear-phishing, technologyAlso, Colt Services Outage Persists, Finland Charges Americans in Vastaamo Hack. This week, Microsoft hit RaccoonO365, Colt Technology Services, Finland charged a U.S. citizen in Vastaamo hack. RevengeHotels hackers used AI, Meta can’t overturn a privacy case verdict. Chinese hackers unleashed spear phishing emails. Prosper confirmed a data breach, as did Kering fashion houses. First…
-
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures.”In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well as…
-
Kimsuky Group Weaponizes AI Deepfakes in New Spear-Phishing Campaign
The post Kimsuky Group Weaponizes AI Deepfakes in New Spear-Phishing Campaign appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/kimsuky-group-weaponizes-ai-deepfakes-in-new-spear-phishing-campaign/
-
AI-Forged Military IDs Used in North Korean Phishing Attack
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-military-ids-north-korea/
-
Iran-Nexus Hackers Impersonate Omani MFA to Target Governments Entities
Tags: breach, communications, cyber, cybersecurity, exploit, government, group, hacker, intelligence, iran, malicious, mfa, phishing, spear-phishingCybersecurity researchers uncovered a sophisticated, Iran-linked spear-phishing operation that exploited a compromised Ministry of Foreign Affairs (MFA) mailbox in Oman to deliver malicious payloads to government entities worldwide. Analysts attribute the operation to the “Homeland Justice” group, believed to be aligned with Iran’s Ministry of Intelligence and Security (MOIS). Leveraging stolen diplomatic communications, encoded macros,…
-
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world.The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to broader offensive cyber activity undertaken by a group known as Homeland Justice.”Emails were sent to…
-
Iran-Nexus Hackers Exploit Omani Mailbox to Target Governments
Tags: authentication, communications, cyber, exploit, government, group, hacker, intelligence, iran, mfa, phishing, spear-phishingA sophisticated spear-phishing campaign that exploited a compromised mailbox belonging to the Ministry of Foreign Affairs of Oman. The operation, attributed to an Iranian-aligned group known as Homeland Justice and linked to Iran’s Ministry of Intelligence and Security (MOIS), masqueraded as legitimate multi-factor authentication (MFA) communications to infiltrate governments and diplomatic missions around the world.…
-
North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-apt37-spear-phishing/
-
Credential harvesting campaign targets ScreenConnect cloud administrators
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/credential-harvesting–screenconnect-cloud-administrators/758508/
-
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities.”Initial access is achieved through spear-phishing emails,” CYFIRMA said. “Linux BOSS environments are targeted via weaponized .desktop First seen on thehackernews.com…
-
Fake CoinMarketCap Journalists Targeting Crypto Executives in Spear-Phishing Campaign
Fake CoinMarketCap journalist profiles used in spear-phishing target crypto execs via Zoom interviews, risking malware, data theft, and… First seen on hackread.com Jump to article: hackread.com/fake-coinmarketcap-journalists-crypto-executives-spear-phishing/
-
MuddyWater APT Targets CFOs via OpenSSH; Enables RDP and Scheduled Tasks
A sophisticated spear-phishing campaign attributed to the Iranian-linked APT group MuddyWater is actively compromising CFOs and finance executives across Europe, North America, South America, Africa, and Asia. The attackers impersonate recruiters from Rothschild & Co, deploying Firebase-hosted phishing pages that incorporate custom math-based CAPTCHA challenges to evade detection and lend legitimacy. These lures lead victims…
-
DPRK, China Suspected in South Korean Embassy Attacks
Detailed spear-phishing emails sent to European government entities in Seoul are being tied to North Korea, China, or both. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-dprk-south-korean-embassy-attacks
-
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025.The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing meeting…
-
Noodlophile Stealer evolution
Noodlophile malware spreads via copyright phishing, targeting firms in the U.S., Europe, Baltics & APAC with tailored spear-phishing lures. The Noodlophile malware campaign is expanding globally, using spear-phishing emails disguised as copyright notices. Threat actors tailor lures with details like Facebook Page IDs and company ownership data. Active for over a year, it now targets…
-
Weaponized Copyright Documents Used by Threat Actors to Target Key Employees with Noodlophile Stealer
The Noodlophile Stealer malware, initially uncovered in campaigns leveraging fake AI video generation platforms, has evolved into a targeted spear-phishing operation that weaponizes copyright infringement notices to infiltrate enterprises with substantial Facebook presences. This updated variant, active for over a year, shifts from broad social media lures to highly personalized emails impersonating legal entities, incorporating…