Interpol has dismantled the 16shop phishing-as-a-service platform following a law enforcement operation that resulted in the arrest of its Indonesian operator, as well as two other individuals, according to The Record, a news site by cybersecurity firm Recorded Future.
Ukraine's government agencies had their computer systems targeted by novel threat operation UAC-0154 in a phishing campaign delivering the open-source MerlinAgent malware, reports The Record, a news site by cybersecurity firm Recorded Future.
While malware and ransomware tend to dominate cybersecurity headlines, Fortra’s research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email i...
Microsoft has refuted a Wiz report concluding that Chinese state-sponsored hacking of the email accounts of leading officials through a stolen encryption key was more widespread than originally believed, with a spokesperson noting the findings of Wiz to describe "hypothetical attack scenarios," CyberScoop reports.
U.S. federal networks were reported by the Cybersecurity and Infrastructure Security Agency to have had their Barracuda Email Security Gateway compromised with the novel Submarine malware, also known as DepthCharge, in attacks by suspected China-linked threat operation UNC4841 involving the exploitation of a remote command injection vulnerability, tracked as CVE-2023-2868, in May, according to BleepingComputer.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
