Remove 2013 Remove Information Security Remove Phishing
article thumbnail

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

article thumbnail

New phishing campaign targets bank customers with WSH RAT

Security Affairs

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Threat actors are using the RAT to deliver keyloggers and information stealers. Within five days, WSH RAT was observed being actively distributed via phishing.

Banking 110
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

The Kimsuky APT group breached Diehl Defence through a sophisticated phishing campaign, reported the German newspaper Der Spiegel. A spokesperson for Germany’s Federal Office for Information Security (BSI) confirmed that Kimsuky (aka APT43 ) is conducting a broader cyber campaign targeting Germany.

article thumbnail

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

UAC-0006 has been active since at least 2013. IT shared indicators of compromise for this campaign and is urging to implement proper security policies and protection mechanisms. In May 2023, Ukraine’s CERT-UA warned of another phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file.

Malware 139
article thumbnail

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013.

Phishing 139
article thumbnail

North Korea-linked APT used a new RAT called MoonPeak

Security Affairs

Kimsuky cyberespionage group (aka Springtail, ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. AhnLab recently reported a spear-phishing campaign involving an early variant of XenoRAT, which has evolved into a new RAT known as “MoonPeak.”

Malware 134
article thumbnail

N. Korean Kimsuky APT targets S. Korea-US military exercises

Security Affairs

North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre. North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South South Korea military exercise.