Organizations are increasingly relying on diverse digital communication channels for essential business operations.
The way employees interact with colleagues, access corporate resources, and especially, receive information technology (IT) support is often conducted through calls, chat platforms, and other remote technologies. While these various available methods enhance both efficiency and global accessibility, they also introduce an expanded attack surface that can pose a significant risk if overlooked. Prevalence of in-person social interactions has diminished and remote IT structures, such as an outsourced service desk, has normalized employees’ engagement with external or less familiar personnel. As a result, threat actors continue to use social engineering tactics.
Read more…
Source: Mandiant
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- OilRig Sends an OopsIE to Mideast Government Targets
September 5, 2018
The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity. The OilRig group is back, using a reboot of the OopsIE trojan to pump information from its favorite resource: entities in the Middle East region. OilRig, which is also called Cobalt Gypsy, Crambus, Helix Kitten or PT34, is suspected ...
- FIN6 returns to attack retailer point of sale systems in US, Europe
September 5, 2018
A new malware campaign has been detected which is targeting point-of-sale (PoS) systems across the United States and Europe. On Wednesday, researchers from IBM X-Force IRIS said the attacks have been attributed to the FIN6 cybercriminal group. This is only the second time that a campaign has been documented which appears to be the handiwork of FIN6. According to FireEye (.PDF), ...
- New Silence hacking group suspected of having ties to cyber-security industry
September 5, 2018
At least one member of a newly uncovered cybercrime hacking group appears to be a former or current employee of a cyber-security company, according to a new report released today. The report, published by Moscow-based cyber-security firm Group-IB, breaks down the activity of a previously unreported cyber-criminal group named Silence. According to Group-IB, the group has spent the ...
- Cybersecurity researchers double SCADA vulnerability finds
September 3, 2018
Independent cybersecurity researchers found nearly double the number of vulnerabilities in supervisory control and data acquisition (SCADA) systems in the first six months of 2018 as they did in the first half of 2017, according to a new report by Japanese multinational Trend Micro, amid rising concerns about infrastructure security. The 202 holes spotted in such ...
- Attackers Abuse WMIC to Download Malicious Files
August 30, 2018
Malware authors use WMIC and a host of other legitimate tools to deliver information-stealing malware, highlighting the continued use of living off the land tactics. We recently observed malware authors using a combination of a tool found on all Windows computers and a usually innocuous file type associated with modifying and rendering XML documents. While these ...
- How hackers managed to steal $13.5 million in Cosmos bank heist
August 27, 2018
Earlier this month, reports surfaced which suggested that Cosmos Bank, India’s oldest at 112 years old, had become the victim of a cyberattack which left the institution millions out of pocket. The attack reportedly took place in two stages been August 10 – 13. According to the Hindustan Times, malware was used on the bank’s ATM server ...