spear-phishing Archives - Security Affairs

Pierluigi Paganini October 30, 2024

Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files

Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scale spear-phishing campaign by Russia-linked APT Midnight Blizzard (aka APT29, SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes), targeting 1,000+ users across 100+ organizations for intelligence gathering. The Midnight Blizzard group along with APT28 cyber espionage group was involved in the Democratic National […]

Pierluigi Paganini September 17, 2024

Chinese man charged for spear-phishing against NASA and US Government

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. Air Force, Navy, Army, and the FAA. The U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to target employees of NASA, the U.S. Air Force, Navy, Army, and the FAA.” The man, […]

Pierluigi Paganini November 18, 2023

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

An Israeli hacker has been sentenced to 80 months in prison in the US for his role in a massive spear-phishing campaign. Aviram Azari (52) was sentenced to 80 months in prison for computer intrusion, wire fraud, and aggravated identity theft in connection with his involvement in a massive spear-phishing campaign targeting companies and individuals […]

Pierluigi Paganini June 21, 2023

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and Recorded Future revealed that the Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 […]

Pierluigi Paganini March 02, 2022

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. Researchers from cybersecurity firm Proofpoint uncovered a spear-phishing campaign, likely conducted by a nation-state actor, that compromised a Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. The phishing messages […]

Pierluigi Paganini October 08, 2021

Google warns of APT28 attack attempts against 14,000 Gmail users

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. On Wednesday, Google announced to have warned approximately 14,000 Gmail users that they had been targeted by nation-state hackers. Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch […]

Pierluigi Paganini September 26, 2021

JSC GREC Makeyev and other Russian entities under attack

A cyberespionage campaign hit multiple Russian organizations, including JSC GREC Makeyev, a major defense contractor, exploiting a recently disclosed zero-day. Security researchers from Malwarebytes uncovered multiple attacks targeting many Russian organizations, including JSC GREC Makeyev, a company that develops liquid and solid fuel for Russia’s ballistic missiles and space rocket program. Threat actors behind the cyberespionage […]

Pierluigi Paganini May 28, 2021

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign conducted by NOBELIUM APT. The NOBELIUM APT is the threat actor that conducted supply chain attack against SolarWinds which involved multiple families of implants, including the SUNBURST […]

Pierluigi Paganini June 04, 2020

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

Hackers hijacked one of the domains of the Japanese cryptocurrency exchange Coincheck and used it for spear-phishing attacks. The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. Then the attackers used the hijacked domain to launch spear-phishing attacks against […]

Pierluigi Paganini May 19, 2020

Hackers Target Oil Producers During COVID-19 Slump

Recent research shows that the oil industry — already experiencing difficulties due to COVID-19 — must remain abreast of threats to stay safe from hackers. Spear-phishing is a rapidly emerging threat. It’s more specific than generic phishing attempts and often targets a single person or company. Recent research shows that the oil industry — already […]

spear-phishing

Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files

Chinese man charged for spear-phishing against NASA and US Government

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Asylum Ambuscade spear-phishing campaign targets EU countries aiding Ukrainian refugees

Google warns of APT28 attack attempts against 14,000 Gmail users

JSC GREC Makeyev and other Russian entities under attack

Microsoft details new sophisticated spear-phishing attacks from NOBELIUM

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

Hackers Target Oil Producers During COVID-19 Slump

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

Cisco fixed critical ISE flaws allowing Root-level remote code execution

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

QUICK LINKS

spear-phishing

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!