Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments

Tropic Trooper, a threat actor group that targets government, military, healthcare, transportation, and high-tech industries in Taiwan, the Philippines, and Hong Kong, has been active since 2011. The group was reportedly using spear-phishing emails with weaponized attachments to exploit known vulnerabilities. Primarily Read More …

Academics demand answers from NHS over potential data timebomb ticking inside new UK contact-tracing app

A group of nearly 175 UK academics has criticised the NHS’s planned COVID-19 contact-tracing app for a design choice they say could endanger users by creating a centralised store of sensitive health and travel data about them. In the open Read More …

Studying How Cybercriminals Prey on the COVID-19 Pandemic

With the spread of the coronavirus worldwide, interest is high in related topics. Accordingly, Unit 42 researchers found an immense increase in coronavirus-related Google searches and URLs viewed since the beginning of February. Cybercriminals are looking to profit from such Read More …

State-backed phishing targets U.S. Government employees with fast food lures

More than a dozen state-backed hacking groups are actively targeting U.S. Government employees and healthcare organizations in phishing campaigns that use lures designed to take advantage of the fears surrounding the COVID-19 pandemic. “TAG has specifically identified over a dozen government-backed attacker Read More …

APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management

From at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis. Spear phishing messages were sent by the actor Read More …

Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns

Despite prior reporting by various sources indicating that some cyber threat attacker activity may subside in some respects during the COVID-19 pandemic, Unit 42 has observed quite the opposite with regard to COVID-19 themed threats, particularly in the realm of Read More …

Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization (WHO) with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure. Read More …

Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic

The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. Last week BleepingComputer contacted various ransomware groups and asked if they would target hospitals and other healthcare organizations during the pandemic. With the Read More …