Tag: spear-phishing

Healthcare Sector Still Sustains Phishing Campaigns

No one should take too seriously the high-minded things criminals sometimes say about how they’re restraining themselves during the pandemic, and that they’re going to avoid hitting hospitals and biomedical research organizations. If anything, attacks on such targets have increased in recent months, and phishing is the usual approach.The goal of the phishing attacks is […]

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code.I’ve written about phishing attacks targeting GitHub users previously. But this month, users of GitHub partner DeepSource were notified of a security incident in which at least one of DeepSource’s employee credentials had […]

Pyongyang’s Phishing with Job Offers

An attack campaign with possible ties to North Korea’s Lazarus Group targeted aerospace and military companies in Europe and the Middle East with spear phishing attacks late last year, according to researchers at ESET. The campaign, which the researchers call “Operation In(ter)ception,” used social engineering attacks on LinkedIn to trick employees into opening malware-laden documents.“To […]

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. Gen. Qassim Suleimani was killed by a U.S. airstrike at the Baghdad airport in Iraq.“Given recent developments, re-upping our statement from the summer,” Krebs said in a rare warning […]

WIRED: “The Decade Big-Money Email Scams Took Over”

Excellent article in WIRED, where they observed that In the last few years, the “Nigerian prince” scams have gotten a major upgrade. Here is an extract and a link to the full article:“For a long time cybercriminals believed that the money was within the masses,” says Crane Hassold, senior director of threat research at the […]

Whaling: Like Phishing, but After Bigger Game

Organizations have to acknowledge their responsibility for ensuring their employees are able to recognize targeted phishing attacks, according to James McGachie, Legal Director of DLA Piper Scotland. Writing in The Herald, McGachie explains that sophisticated spear phishing attacks designed to steal large amounts of money (also known as “whaling”), should be of special concern to […]

Spear Phishing in the Royal Canadian Mint

The Royal Canadian Mint, which produces Canada’s coins, nearly sent an employee’s paycheck to an attacker following a spear phishing attack, CBC News reports. The attacker sent an email to the Mint’s HR department while posing as an employee and requested that the department change the employee’s bank account details. The HR worker who received […]

Google Sent 12K Nation-State Phishing Warnings In Three Months

Google’s Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish gmail users over just a three-month period earlier this year, they reported.TAG director Shane Huntley revealed that from July to September 2019 his team sent 12,000 warnings to users in 149 countries. From a heat map attached to the blog post, […]