News media organizations, academic entities, and think tanks have been warned by U.S. and South Korean intelligence agencies regarding the cyberespionage attacks by North Korean state-sponsored hacking operation Kimsuky, also known as TA406 and Thallium, reports The Record, a news site by cybersecurity firm Recorded Future.
Investigation began days after the company dismissed initial concerns about a vulnerability within an authentication feature rolled out to all Gmail and Google Workspace accounts.
BleepingComputer reports that several email accounts owned by Spanish-speaking users across Latin America have been hijacked by the newly-discovered ongoing Horabot botnet campaign, which has been delivering a banking trojan and spam tool since November 2020.
Brunei, Indonesia, and Vietnam had their education, government, and military organizations targeted by the advanced persistent threat group Dark Pink, which has been ramping up attacks this year, BleepingComputer reports.
Attackers have been leveraging the new "file archive in the browser" phishing technique that enables the creation of realistic phishing pages masquerading as legitimate file archive software, with hosting on a .ZIP domain further establishing the legitimacy of the scheme, reports The Hacker News.
BleepingComputer reports that recent phishing attacks by the QBot malware operation, also known as Qakbot, have involved the exploitation of a DLL hijacking flaw in the Windows 10 WordPad executable "write.exe."
Microsoft credentials targeted new phishing attacks with RPMSG files New phishing attacks involving compromised Microsoft 365 accounts and encrypted restricted permission message, or RPMSG, files, are being leveraged by threat actors to facilitate the stealthy exfiltration of Microsoft credentials, according to BleepingComputer.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
