Security News

Russian hackers, known as Midnight Blizzard, launch targeted spear-phishing on U.S. officials, exploiting RDP files to gain access to data.

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails....

May have reeled in blueprints related to weapons development A Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army...

Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin...

Google has joined Microsoft in publishing intel on Iranian cyber influence activity following a recent uptick in attacks that led to data being leaked from the Trump re-election campaign. APT42 is largely relying on what Google's TAG calls "Cluster C" phishing activity - distinguished methods that have been in use since 2022, characterized by attempts to impersonate NGOs and "Mailer Daemon."

Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. While phishing is generalized in that one phishing email may be sent to millions of people, spear phishing is highly targeted.

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned...

The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from...

Spearphishing is a sliver of all email exploits, but the extent to which it succeeds is revealed in a new study from cybersecurity firm Barracuda Network, which analyzed 50 billion emails across 3.5 million mailboxes in 2022, unearthing around 30 million spearphishing emails. The survey queried companies about damages they experienced as a result of email attacks.

Microsoft's Digital Crimes Unit last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation. "Bohrium actors create fake social media profiles, often posing as recruiters," Amy Hogan-Burney of the DCU said in a tweet.