Security News

"Whether it's taking advantage of the buzz around cryptocurrency, stealing credentials to start a ransomware attack, or tailoring attacks to less suspicious targets in low profile roles, cybercriminals are constantly adapting their tactics and making their attacks more sophisticated," per the report. Among social engineering attacks analyzed by Barracuda researchers, phishing represented 49%, followed by scamming, BEC and extortion.

Security researchers at Kaspersky have identified a widespread cyberespionage campaign that targets government offices in Asia; the cybersecurity attack starts with a spearphishing email. Kaspersky analysts explained the LuminousMoth attack on the SecureList blog and suggested that the lopsided numbers between the two countries could be due to an additional and unknown infection vector used only in the Philippines.

Uncle Sam on Tuesday said it had seized two web domains used to foist malware on victims using spoofed emails from the US Agency for International Development. The malicious messages, masquerading as legitimate emails from USAID, went out to thousands of email accounts at over a hundred different organizations.

Threat actors impersonated Truist, the sixth-largest US bank holding company, in a spear-phishing campaign attempting to infect recipients with what looks like remote access trojan malware. In one of the attacks targeting a renewable energy company in February 2021, the phishing emails instructed the target to download a malicious Windows app mimicking the legitimate Truist Financial SecureBank App and supposedly needed to complete the process behind a $62 million loan.

A bug-hunting team at Technische Universität Darmstadt in Germany reverse engineered AirDrop - iOS and macOS's ad-hoc over-the-air file-sharing service - and found that senders and receivers may leak their contact details in the process. Despite the team alerting Apple to the oversight in May 2019, and suggesting ways to address it last October, the iGiant hasn't issued a fix.

A sub-group of the 'Molerats' threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security. In recent attacks targeting political opponents, APT-C-23 appears to have taken the spear-phishing to a new level, through the use of voice-changing software to pose as women.

A threat group called Golden Chickens is delivering the fileless backdoor more eggs through a spear-phishing campaign targeting professionals on LinkedIn with fake job offers, according to researchers at eSentire. "Upon opening the fake job offer, the victim unwittingly initiates the stealthy installation of the fileless backdoor, more eggs."

The TA800 threat group is distributing a malware loader, which researchers call NimzaLoader, via ongoing, highly-targeted spear-phishing emails. The malware loader is unique in that it is written in the Nim programming language.

Between October and January the average number of COVID-19 vaccine-related spear-phishing attacks grew 26 percent, said Barracuda Networks researchers. The types of cybercriminal activity varies, from sending malicious emails that purport to be from the Centers for Disease Control and Prevention, to posting advertisements on underground forums touting vaccine doses for sale.

In the past, most BEC emails have been written in English - meaning that defense systems can be tuned to recognise flag words and phrases written in this internationally recognized language. We have observed a rise in the number of BEC emails in recent months.