Phishing has become one of the most pervasive problems facing data security staff today. Generally speaking, a basic phishing attack is relatively easy to conduct and inexpensive for the attacker.
Researchers this month discovered a new spear phishing campaign targeting US government agencies with an evolved version of Sanny malware, a 5-year-old information-stealer that now features a multi-stage infection process.
Cyber-criminal group and malware variant DarkHotel has changed its tactics, and has been actively infecting political figures through spear phishing techniques, and via peer-to-peer networks explains Bogdan Botezatu.
Suspected Russian cyber-crime group, APT 29 or Cozy Bear, are suspected in a series of spear-phishing campaigns aimed at compromising US organisations.
The latest In Case You Missed It (ICYMI) looks at AV halts op; Locky loses out; HIV leak fine; Bank of Greece DDoSed; Investment firm spearphished.
Spear-phishing attacks continue to make big profits for attackers and big losses for victims, according to a new Mimecast report.
Cloudmark's new survey shows that spear-phishing is keeping IT pros up at night.
Hong Kong activists have been targetted via Dropbox according to FireEye, with the Chinese government the top suspects.
Cyber-espionage group 'Pawn Storm' has been exploiting an unusual Java zero-day vulnerability to carry out drive-by-download attacks on a NATO country and US defence company, according to Trend Micro.
Rocket Kitten hackers are spear-phishing in Germany and Israel using GHOLE and woollen goldfish attacks hosted on Microsoft products.
IT staff have greater access privileges - and ironically, even more so when they are junior - making them worthwhile researching by spear-phishers warns Kev Pearce.
McAfee's new 'Hacking the Human Operating System' whitepaper focuses on the use of social engineering to attack home and business users, and finds once again that people are the weakest link.
Researchers have discovered malware, called "Skeleton Key," which bypasses authentication on Active Directory (AD) systems using only passwords (single-factor auth) for access.
Kaspersky Lab claims to have identified a highly targeted spear phishing campaign that picks on high profile victims - including government, military, law enforcement agencies and embassies.
The Molerats cyber-criminal gang has returned and is targeting various European governments, a US financial institution and the BBC with readily available remote access Trojans (RATs).
A series of advanced cyber attacks have used the lure of news about the disappearance of Malaysia Airlines flight MH370 to infiltrate nation-state and other targets, according to FireEye.
The perpetrators behind the Mask, reportedly one of the most sophisticated APT attacks ever seen, may never be traced after they hurriedly shut down the attack once they realised information security specialist Kaspersky was onto them.
BAFTA, which runs run the British film and TV 'Oscars', has had one of its websites attacked with usernames, emails and encrypted passwords possibly stolen.
Hackers broke into an Israeli defence ministry computer after the user clicked on a tainted email attachment containing malicious software.
As Royal Mail issues phishing warning, a Manchester-based phishing scammer is jailed for three-and-a-half years.
A series of advanced attacks have been detected against more than 350 high profile victims in 40 countries.