Attacks spreading the EAGLET information-stealing backdoor have been deployed by the threat operation UNG0901 against aerospace and defense organizations across Russia, according to The Hacker News.
A new malware called CastleLoader has been targeting devices through campaigns delivering a variety of information stealers and remote access trojans, according to The Hacker News.
Zimperium warns of 'SarangTrap' malware disguised as dating, networking apps Zimperium released a report on Wednesday uncovering a large-scale malware campaign called SarangTrap that uses fake dating and social networking apps to steal sensitive personal data, Infosecurity Magazine reports.
Hackread reports that Microsoft has been spoofed in 25% of all phishing intrusions between April and June, making it the most phished brand during the second quarter.
Russian-linked threat groups UTA0352 and UTA0355 have been abusing Microsoft 365's OAuth workflows to compromise non-profit organizations' Microsoft accounts as part of targeted phishing intrusions, according to Infosecurity Magazine.
Cyber Security News reports that weaponized .LNK files have been used to facilitate the distribution of the DeerStealer malware as part of a novel phishing campaign.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
