Europol: Phishing gang behind several million euros worth of losses busted in Belgium and the Netherlands

A cross-border operation, supported by Europol and involving the Belgian Police (Police Fédérale/Federale Politie) and the Dutch Police (Politie), resulted in the dismantling of an organised crime group involved in phishing, fraud, scams and money laundering. The action day on Read More …

Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware

The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. The APT28 hacking group is believed to Read More …

Microsoft 365 credentials targeted in new fake voicemail campaign

A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials. The operation is ongoing and the threat actor behind it uses Read More …

Qbot malware now uses Windows MSDT zero-day in phishing attacks

A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware. Proofpoint first reported Monday that the same zero-day Read More …

Ukraine warns of “chemical attack” phishing pushing stealer malware

Ukraine’s Computer Emergency Response Team (CERT-UA) is warning of the mass distribution of Jester Stealer malware via phishing emails using warnings of impending chemical attacks to scare recipients into opening attachments. As the war between Russia and Ukraine continues, the Read More …

UK: Phishing operation hits National Health Service email accounts to harvest Microsoft credentials

A phishing operation compromised over one hundred UK National Health Service (NHS) employees’ Microsoft Exchange email accounts for credential harvesting purposes, according to email security shop Inky. During the phishing campaign, which began in October 2021 and spiked in March Read More …

Trello From the Other Side: Tracking APT29 Phishing Campaigns

Since early 2021, Mandiant has been tracking extensive APT29 phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia. This blog post discusses our recent observations related to the identification of two new malware families in 2022, BEATDROP and Read More …