Security News > 2024 > June > Malicious emails trick consumers into false election contributions

"The last six months have been unprecedented - a state of polycrisis remains and everything from elections to warfare to law enforcement activity have accelerated cyber threat actor activity globally. We're seeing radical shifts in behavior," said John Fokker, Head of Threat Intelligence, Trellix.

China-linked threat groups, like Volt Typhoon, remain the most prolific originator of advanced persistent threat activities, generating 68.3% of all detections.

Iran-linked threat groups have also markedly ramped up cyber activities, with an 8% increase in detections and a 3.89% rise in proportional contribution.

Trellix found malicious emails aimed at tricking consumers into donating to elections.

Trellix observed a free ChatGPT 4.0 Jabber tool available in the cybercriminal underground, which allows threat actors to adopt GenAI into their operations and to create a GenAI knowledge base to learn from other cyber criminals or even steal their ideas and tools.

The changes in tool usage, including the notable rise in "Living off the land" tactics, emphasize the ongoing challenge of detecting and countering APT threats within a landscape where legitimate and malicious activities are increasingly intertwined.

News URL

https://www.helpnetsecurity.com/2024/06/17/global-cyber-threat-activities/