It seems we are finding out about new groups on a daily basis recently. Now Bill Toulas reports on another one: A new APT hacking group named ‘AtlasCross’ targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor malware. Cybersecurity firm NSFocus identified two previously undocumented trojans, DangerAds and AtlasAgent, associated with…
Category: Phishing
Facebook Messenger phishing wave targets 100K business accounts per week
Bill Toulas reports: Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware. The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in…
Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure
Seen on The Hacker News: The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting…
Kudos to North Mississippi Health Services for fast detection and disruption of attack
Kudos to the North Mississippi Health Services for rapid detection and interruption of a phishing attack. In a website notice dated September 1, NMHS explains that on July 3, they discovered unauthorized access through an employee’s email account after a phishing email was unintentionally opened. “Our Security Operation Committee (SOC) promptly shut down the system,…
Why is .US Being Used to Phish So Many of Us?
Brian Krebs reports: Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only…
Lawrence schools trying to recover $2.7 million ‘frozen’ by online phishing scheme, officials say
Travis Andersen reports: The Lawrence Public Schools are working to recover $2.7 million in funds that were recently “frozen” when a staffer responded to a phishing email sent by scammers posing as a vendor for the school district, city officials said. Mayor Brian A. DePeña’s office held an emergency meeting Thursday with informational technology specialists…