Spear Phishing News, Articles and Updates

10 Ways to tell if that email is legitimate...or not

Phishing has become one of the most pervasive problems facing data security staff today. Generally speaking, a basic phishing attack is relatively easy to conduct and inexpensive for the attacker.

New Sanny info-stealer campaign features targets US government agencies

Researchers this month discovered a new spear phishing campaign targeting US government agencies with an evolved version of Sanny malware, a 5-year-old information-stealer that now features a multi-stage infection process.

The evolution of DarkHotel: From Wi-Fi to complex social engineering

Cyber-criminal group and malware variant DarkHotel has changed its tactics, and has been actively infecting political figures through spear phishing techniques, and via peer-to-peer networks explains Bogdan Botezatu.

Criminals probe US think tank and NGO networks after Trump win

Suspected Russian cyber-crime group, APT 29 or Cozy Bear, are suspected in a series of spear-phishing campaigns aimed at compromising US organisations.

ICYMI: AV halts op; Locky duped; HIV leak; Greek DdoS; Phishers strike

The latest In Case You Missed It (ICYMI) looks at AV halts op; Locky loses out; HIV leak fine; Bank of Greece DDoSed; Investment firm spearphished.

Spearphishing attack nets hundreds of thousands from investment firm

Spear-phishing attacks continue to make big profits for attackers and big losses for victims, according to a new Mimecast report.

Spear-phishing increasingly large concern for IT professionals

Cloudmark's new survey shows that spear-phishing is keeping IT pros up at night.

Hackers use Dropbox to target Hong Kong media

Hong Kong activists have been targetted via Dropbox according to FireEye, with the Chinese government the top suspects.

Russian hackers exploit unusual Java zero-day to hit unnamed NATO country

Cyber-espionage group 'Pawn Storm' has been exploiting an unusual Java zero-day vulnerability to carry out drive-by-download attacks on a NATO country and US defence company, according to Trend Micro.

Rocket Kitten phishing with woollen goldfish & GHOLE

Rocket Kitten hackers are spear-phishing in Germany and Israel using GHOLE and woollen goldfish attacks hosted on Microsoft products.

Cyber snipers: are you the target?

IT staff have greater access privileges - and ironically, even more so when they are junior - making them worthwhile researching by spear-phishers warns Kev Pearce.

Social engineering the new norm for hackers, nation-states

McAfee's new 'Hacking the Human Operating System' whitepaper focuses on the use of social engineering to attack home and business users, and finds once again that people are the weakest link.

'Skeleton Key' malware used to attack global HQ in London

Researchers have discovered malware, called "Skeleton Key," which bypasses authentication on Active Directory (AD) systems using only passwords (single-factor auth) for access.

Targeted spear phishing campaign targets governments, law enforcement

Kaspersky Lab claims to have identified a highly targeted spear phishing campaign that picks on high profile victims - including government, military, law enforcement agencies and embassies.

'Molerats' attack European governments with spear-phishing

The Molerats cyber-criminal gang has returned and is targeting various European governments, a US financial institution and the BBC with readily available remote access Trojans (RATs).

APT attacks use 'news of doomed flight MH370'

A series of advanced cyber attacks have used the lure of news about the disappearance of Malaysia Airlines flight MH370 to infiltrate nation-state and other targets, according to FireEye.

Hunt on for attackers after Kaspersky unmasks major APT campaign

The perpetrators behind the Mask, reportedly one of the most sophisticated APT attacks ever seen, may never be traced after they hurriedly shut down the attack once they realised information security specialist Kaspersky was onto them.

BAFTA film academy suffers website hack

BAFTA, which runs run the British film and TV 'Oscars', has had one of its websites attacked with usernames, emails and encrypted passwords possibly stolen.

Hackers infiltrate Israeli defence computer

Hackers broke into an Israeli defence ministry computer after the user clicked on a tainted email attachment containing malicious software.

Holiday shopping phishing attacks on the rise

As Royal Mail issues phishing warning, a Manchester-based phishing scammer is jailed for three-and-a-half years.

NetTraveler attacks compromise private sector and embassies

A series of advanced attacks have been detected against more than 350 high profile victims in 40 countries.