Stone Wolf employs Meduza Stealer to hack Russian companies

BI.ZONE Threat Intelligence reports an increase in criminal activity employing commercial malware available on underground resources. Recently, the researchers identified a malicious campaign by a cluster later dubbed Stone Wolf. The adversaries send out phishing emails on behalf of a Read More …

Cloud Werewolf spearphishes Russian and Belarus government employees with fake spa vouchers and federal decrees

The BI.ZONE Threat Intelligence team has revealed another campaign by Cloud Werewolf aiming at Russian and Belarusian government organizations. According to the researchers, the group ran at least five attacks in February and March. The adversaries continue to rely on Read More …

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other geographical areas of interest, for information-gathering activity. The UK National Read More …

AeroBlade on the hunt targeting the U.S. Aerospace industry

BlackBerry has uncovered a previously unknown threat actor targeting an aerospace organization in the United States, with the apparent goal of conducting commercial and competitive cyber espionage. The BlackBerry Threat Research and Intelligence team is tracking this threat actor as Read More …

Updated MATA attacks industrial companies in Eastern Europe

In early September 2022, Kaspersky researchers discovered several new malware samples belonging to the MATA cluster. As they were collecting and analyzing the relevant telemetry data, they realized the campaign had been launched in mid-August 2022 and targeted over a Read More …

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

Trend Micro researchers have been observing malware families RedLine and Vidar since the middle of 2022, when both were used by threat actors to target victims via spear-phishing scams. Earlier this year, RedLine targeted the hospitality industry with its info Read More …

Germany says Charming Kitten hackers target Iran dissidents

Germany’s Federal Office for the Protection of the Constitution (BfV) on Thursday warned critics of the Iranian leadership living in Germany that they might be targeted by hackers. The agency said the Charming Kitten online espionage group works by building Read More …

North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack

In July 2023, Mandiant Consulting responded to a supply chain compromise affecting a US-based software solutions entity. Mandiant researchers believe the compromise ultimately began as a result of a sophisticated spear phishing campaign aimed at JumpCloud, a zero-trust directory platform Read More …

Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer

Recently, Trend Micro researchers noticed a spike in the number of emails received by one of our customers. After further investigation, they found that three other customers in the hospitality industry were also affected. The researchers observed that most of Read More …