Security News > 2023 > January > UK Cyber Security Centre's scary new story: One phish, two phish, Russia phish, Iran phish
The NSCS has attributed the campaigns to a Russia-based group called SEABORGIUM and the Iran-based TA453 group, also known as APT42.
The threat groups target individuals working in academia, defence, government, non-government organisations, and think-tanks.
"These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems," warned NCSC director of operations Paul Chichester.
The groups typically groom targets with emails or on platforms like LinkedIn, where the attackers create personalities with plausible back stories.
The target could then be led to a server controlled by the threat group that prompts the input of credentials.
The usual mitigation tactics are also recommended: strong passwords used only for email accounts, MFA, enabling built-in email scanning features, and ongoing vigilance.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/01/27/uk_warns_against_russian_and/
Related news
- Shape the future of UK cyber security (source)
- UK councils bat away DDoS barrage from pro-Russia keyboard warriors (source)
- A closer look at the 2023-2030 Australian Cyber Security Strategy (source)
- The ROI of Security Investments: How Cybersecurity Leaders Prove It (source)
- Australia Passes Groundbreaking Cyber Security Law to Boost Resilience (source)
- Top 5 Cyber Security Trends for 2025 (source)
- UK Cyber Risks Are ‘Widely Underestimated,’ Warns Country’s Security Chief (source)
- Strengthening security posture with comprehensive cybersecurity assessments (source)
- Overlooking platform security weakens long-term cybersecurity posture (source)