spear phishing

Pierluigi Paganini August 13, 2021
Microsoft warns of a evasive year-long spear-phishing campaign targeting Office 365 users

Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft revealed that a year-long spear-phishing campaign has targeted Office 365 customers in multiple attacks starting with July 2020. The attackers used invoice-themed XLS.HTML attachments, Microsoft reported that they changed obfuscation and encryption mechanisms every 37 […]

Pierluigi Paganini October 18, 2020
Iran-linked Silent Librarian APT targets universities again

Iran-linked cyberespionage group Silent Librarian has launched a new phishing campaign aimed at universities around the world. Iran-linked APT group Silent Librarian has launched another phishing campaign targeting universities around the world. The Silent Librarian, also tracked as Cobalt Dickens and TA407, targeted tens of universities in four continents in the last couple of years. In […]

Pierluigi Paganini September 27, 2020
Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT

Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18 […]

Pierluigi Paganini December 18, 2019
Gangnam Industrial Style APT campaign targets industrial firms worldwide

Experts discovered that at least 200 companies were the victims of a campaign, dubbed Gangnam Industrial Style, carried out by an advanced persistent threat (APT) group.  Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South […]

Pierluigi Paganini December 07, 2019
Russia-linked Gamaredon group targets Ukraine officials

Russia-linked Gamaredon cyberespionage group has been targeting Ukrainian targets, including diplomats, government and military officials. Russia linked APT group tracked as Gamaredon has been targeting several Ukrainian diplomats, government and military officials, and law enforcement. The Gamaredon attacks against Ukraine don’t seem to have stopped. In June malware researchers from Cybaze-Yoroi spotted a new suspicious […]

Pierluigi Paganini October 25, 2019
Spear-phishing attacks target United Nations and NGOs

Experts have uncovered an ongoing phishing campaign targeting the United Nations and NGOs, including UNICEF and UN World Food. Security firm Lookout uncovered an ongoing spear-phishing campaign aimed at NGOs, including human rights organizations such as the Red Cross, UNICEF, the UN World Food and the UN Development programs. The analysis of the server infrastructure […]

Pierluigi Paganini August 19, 2019
5 Common Phishing Attacks and How to Avoid Them?

Phishing is one of the oldest methods of cyberattacks. It uses deceptive and manipulated emails as a tool for gathering personal and organizational data. The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. People fell prey for these manipulative emails and provide […]

Pierluigi Paganini August 05, 2019
Fraudster stole $870,000 from 2 US universities with spear-phishing mails

A crook involved in a spear phishing scheme and that was in Kenya is facing up to 20 years in the US federal prison for stealing thousands of dollars from US universities. Amil Hassan Raage, 48, pleaded guilty last week in a southern California court to fraudulently receiving almost $750,000 as part of a spear phishing scheme. […]

Pierluigi Paganini October 31, 2018
Cyber mercenaries and insiders hired by Chinese intelligence to hack aerospace and tech firms

According to the U.S. Department of Justice, the Chinese intelligence officers recruited hackers and insiders to hack aerospace and tech firms. US DoJ accuses the Chinese intelligence to have recruited hackers and insiders to steal confidential information from companies in aerospace and tech companies. US intelligence believes that the cyber espionage operation was under the control of Zha […]

Pierluigi Paganini August 03, 2018
Industrial Sector targeted in surgical spear-phishing attacks

Industrial sector hit by a surgical spear-phishing campaign aimed at installing legitimate remote administration software on victims’ machines. Attackers carried out a spear-phishing campaign against entities in the industrial sector, the messages disguised as commercial offers where used by attackers to deliver a legitimate remote administration software on victims’ systems (TeamViewer or Remote Manipulator System/Remote […]