News • Insights • Analysis
Unit 42 researchers recently discovered two separate campaigns targeting job-seeking activities linked to state-sponsored threat actors associated with the Democratic People’s Republic of Korea (DPRK), commonly known as North Korea. The research team call the first campaign “Contagious Interview,” where Read More …
Microsoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages designed to steal users’ information for financial fraud. Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to Read More …
Based on Okta’s statement on October 20 regarding a recent security breach, it has been determined that the threat actor successfully gained access to Okta’s customer support system. Once inside the system, the threat actor was able to view files Read More …
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for organizations across multiple industries. Octo Tempest leverages broad social engineering campaigns to compromise organizations across the globe with Read More …
Crypto fraud has become the dominant form of Internet-based confidence schemes over the past three years, as demonstrated by the sha zhu pan (“pig butchering”) scams Sophos researchers recently investigated. But one variant has been growing at a particularly rapid Read More …
UNC3944 is a financially motivated threat cluster that has persistently used phone-based social engineering and SMS phishing campaigns (smishing) to obtain credentials to gain and escalate access to victim organizations. At least some UNC3944 threat actors appear to operate in Read More …
The group’s offensives first got on Kaspersky researchers radar in late 2020. Back then, the cybercriminals had not yet adopted the moniker “Cuba”; they were known as “Tropical Scorpius”. Cuba mostly targets organizations in the United States, Canada and Europe. Read More …
Classiscam was initially launched as a relatively straightforward scam operation. Cybercriminals created fake ads on marketplaces and classified sites, and leveraged social engineering techniques to trick users into “buying” the falsely-advertised goods or services, whether by transferring money directly to Read More …
In the course of performing a postmortem investigation of an infected computer, Sophos X-Ops discovered that the attack began with an innocent-sounding phone call. The caller prompted an employee of a Switzerland-based organization to initiate a complex attack chain Read More …
Germany’s Federal Office for the Protection of the Constitution (BfV) on Thursday warned critics of the Iranian leadership living in Germany that they might be targeted by hackers. The agency said the Charming Kitten online espionage group works by building Read More …
