Hackers Use Compromised Banks as Starting Points for Phishing Attacks

Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. In a report released today and shared with BleepingComputer, international security company Group-IB specialized in preventing cyber Read More …

Phishing template uses fake fonts to decode content and evade detection

Proofpoint researchers recently observed a phishing kit with peculiar encoding utilized in a credential harvesting scheme impersonating a major retail bank. While encoded source code and various obfuscation mechanisms have been well documented in phishing kits, this technique appears to be unique Read More …

Charming Kitten Iranian Espionage Campaign Thwarts 2FA

The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. A range of political and civil society targets are under fire in an APT attack dubbed the Return of Charming Read More …

GreyEnergy APT Delivers Malware via Phishing Attacks and Multi-Stage Dropper

The highly complex backdoor malware payload designed by the GreyEnergy advanced persistent threat (APT) group is being dropped on targeted machines using the common phishing infection vector as detailed by Nozomi Networks’ Alessandro Di Pinto. GreyEnergy attacked and infiltrated the Read More …

Russia’s Elite Hackers May Have New Phishing Tricks

A major question hanging over the United States midterm election season: Where was Russia? But while GRU hackersdidn’t directly interfere, they appear to be as active as ever. New research from two threat intelligence firms indicates that two prominent Russia-linked groups have been developing some Read More …