The infamous ScatteredSpider ransomware group is using VMware instances to target critical infrastructure organizations in the US, researchers have warned.
In the campaign, the hackers do not exploit any vulnerabilities, but instead go for “aggressive, creative, and particularly skilled” social engineering. They first reach out to their victim’s IT desk, impersonating an employee, and asking for a reset on the employee’s Active Directory account.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- What’s In Shodan? Analyzing Exposed Cyber Assets in the United States
March 15, 2017
The United States is home to millions of unsecured and exposed cyber assets. By “unsecured” and “exposed” we don’t necessarily mean that these devices have already been compromised. Rather, this means they are vulnerable to cyber attacks due to inadequate security or poor configuration. Some cyber assets may even have remote access enabled for troubleshooting ...
- NSA hacking chief’s mission impossible: Advising White House on cybersecurity
March 15, 2017
NSA hacking crew bossman Rob Joyce is set to join US President Donald Trump’s National Security Council as a cybersecurity adviser. Joyce headed up the NSA’s Tailored Access Operations division, the spy agency’s elite computer exploitation squad. Whispers have been sloshing around since the weekend that Joyce was tapped to shape cybersecurity policy for the Trump administration. ...
- US Military Security Clearance Files Leak Due to Unsecured Drive
March 13, 2017
US Air Force documents were left on an unsecured backup drive, exposing highly sensitive personnel files on over 4,000 senior and high-ranking officers. According to MacKeeper Security Researchers, the gigabytes of files were accessible to anyone because there was no password to protect the backup drive. It seems the information found there varied from names and ...
- Security Fail: Hackers Drawn to Energy Sector’s Lack of Controls
March 8, 2017
Oil and gas companies, including some of the most celebrated industry names in the Houston area, are facing increasingly sophisticated hackers seeking to steal trade secrets and disrupt operations, according to a newspaper investigation. A stretch of the Gulf Coast near Houston features one of the largest concentrations of refineries, pipelines and chemical plants in the ...
- WikiLeaks reveals CIA files describing hacking tools
March 6, 2017
WikiLeaks published thousands of documents Tuesday described as secret files about CIA hacking tools the government employs to break into users’ computers, mobile phones and even smart TVs from companies like Apple, Google, Microsoft and Samsung. The documents describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features intended to keep ...
- Boeing Notifies 36,000 Employees Following Breach
February 27, 2017
A Boeing employee inadvertently leaked the personal information of 36,000 of his co-workers late last year when he emailed a company spreadsheet to his non-Boeing spouse. News of the breach surfaced earlier this month after a letter (.PDF) from Boeing’s Deputy Chief Privacy Officer Marie Olson, to the Attorney General for the state of Washington Bob ...