Tag: Phishing

Google AMP Exploited in Phishing Attacks Targeting Enterprise Users
Google AMP Exploited in Phishing Attacks Targeting Enterprise Users

Phishing remains one of the most prevalent attacker techniques as a response to a continuous surge in phishing campaigns across the globe, which creates a growing demand for detection content against related threats. Cyber defenders have observed the latest malicious campaigns leveraging the phishing attack vector, in which hackers exploit Google Accelerated Mobile Pages (AMP) […]

Read More
APT28 aka UAC-0001 Group Leverages Phishing Emails Disguised As Instructions for OS Updates Targeting Ukrainian State Bodies
APT28 aka UAC-0001 Group Leverages Phishing Emails Disguised As Instructions for OS Updates Targeting Ukrainian State Bodies

The infamous russian nation-backed hacking collective tracked as APT28 or UAC-0001, which has a history of targeted attacks against Ukrainian government agencies, reemerges in the cyber threat arena.  The latest CERT-UA#6562 alert confirms that over April 2023, the hacking collective has been leveraging the phishing attack vector to massively distribute spoofed emails among Ukrainian state […]

Read More
Armageddon APT Hacker Group aka UAC-0010 Spreads Phishing Emails Masquerading as the State Special Communications Service of Ukraine
Armageddon APT Hacker Group aka UAC-0010 Spreads Phishing Emails Masquerading as the State Special Communications Service of Ukraine

The russia-linked Armageddon APT aka Gamaredon or UAC-0010 has been launching a series of cyber attacks on Ukraine since the outbreak of the global cyber war. On November 8, 2022, CERT-UA released the latest alert detailing the ongoing spearphishing campaign of this russia-backed cyber-espionage hacking collective, in which adversaries massively distribute spoofed emails masquerading as […]

Read More
Fake Voicemail Campaign Detection: New-Old Phishing Attack Hits the U.S.
Fake Voicemail Campaign Detection: New-Old Phishing Attack Hits the U.S.

A new phishing campaign is on the rise, impacting a wide range of industries and organizations in the U.S., including critical infrastructures such as security, healthcare and pharmaceuticals, the military, and also manufacturing supply chain. The scam began sweeping across the U.S. in May 2022 and is still going on. The targets receive a phishing […]

Read More
NOBELIUM APT Targets Governments Worldwide in a Massive Spear-Phishing Campaign
NOBELIUM APT Targets Governments Worldwide in a Massive Spear-Phishing Campaign

Microsoft experts have revealed a significant shift in a spear-phishing campaign launched by Russia-affiliated NOBELIUM APT against major government agencies, think tanks, and NGOs globally. According to researchers, the hacker collective attacked more than 150 organizations across 24 countries with the intent to infect victims with malware and gain covert access to the internal networks. […]

Read More
New Zoom Phishing Abuses Constant Contact to Bypass SEGs
New Zoom Phishing Abuses Constant Contact to Bypass SEGs

The challenging year of 2020 saw many businesses increase their reliance on the internet, shifting to work-from-home workforces. Such a trend resulted in a blasting spike in video conferencing apps usage. Cyber criminals didn’t miss the chance to advantage their malicious perspectives. Starting from spring 2020, they registered many fake domains to deliver malicious ads […]

Read More
Threat Hunting Rules: Water Nue Phishing Campaign
Threat Hunting Rules: Water Nue Phishing Campaign

In today’s news, we want to warn you about the ongoing campaign by Water Nue targeting the business Office 365 accounts in the US and Canada. Notably, the fraudsters successfully reached a number of high-level managers in companies worldwide and harvested over 800 sets of credentials. Although their phishing toolset is limited, they do not […]

Read More
DanaBot targets Europe
DanaBot targets Europe

Delaware, USA – June 21, 2019 – Another phishing campaign with the upgraded DanaBot trojan is reported to target Poland and Italy. The new DanaBot strain comes with a Blitzkrieg ransomware module that changes the extension of the encrypted files to .non. Initially, the DanaBot malware was observed during the phishing campaign in Australia back […]

Read More
Stealthphish investigation: 528 domains involved in BEC attack against Fortune 500 companies
Stealthphish investigation: 528 domains involved in BEC attack against Fortune 500 companies

About a week ago we got this info from one of our partners “We are seeing phishing emails flying in our environment (Internal to Internal)” along with sharing an email sample with us. Today we’re going to analyze the recent phishing attacks targeted at Fortune 500 and Global 2000 companies dubbed “Stealthphish” aimed at compromising […]

Read More
Phishing of the DHL accounts: «DHL & PASSWORDS»
Phishing of the DHL accounts: «DHL & PASSWORDS»

Hello everyone! Today we will focus on the fresh example of the simple phishing from the actual practice as always. Let’s analyze the following letter:

Read More