Government, Passwords and Phishing - Information Management Today

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” Device code phishing attacks exploit authentication flows to steal tokens, granting attackers access to accounts and data. . ” continues the report.

Phishing

Phishing Authentication Access Government

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

Department of Justice refers to the cybercrime group as Saim Raza , after a pseudonym The Manipulaters communally used to promote their spam, malware and phishing services on social media. ” Manipulaters advertisement for Office 365 Private Page with Antibot phishing kit sold via Heartsender. Image: DomainTools. ” U.S.

Phishing

Phishing e-Delivery Sales Passwords

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Security Affairs

APRIL 21, 2022

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.

Phishing

Phishing e-Delivery Government Passwords

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Disabling unnecessary protocols and services, avoiding default passwords, and verifying software integrity bolster resilience. reported the WSJ.

Government

Government Communications Access Passwords

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing

Phishing Encryption Passwords Access

Russia behind a massive spear-phishing campaign that hit Ukraine

Security Affairs

JUNE 7, 2021

Ukraine warned of a “massive” spear-phishing campaign carried out by Russia-linked threat actors against its government and private businesses. This is the third massive spear-phishing campaign that the Ukrainian government attributed to Russia-linked threat actors this year.

Phishing

Phishing Archiving Government Passwords

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

FEBRUARY 23, 2020

Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. . “CrimsonRAT has been known to target diplomatic and government organizations in Southeast Asia.” Pierluigi Paganini.

Government

Government File names Passwords Phishing

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Spyware: the most likely COVID-19 payload.

Phishing

Phishing Archiving Analytics Access

Earth Krahang APT breached tens of government organizations worldwide

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The APT group was spotted exploiting public-facing servers, it was observed sending spear phishing emails to deliver previously undetected backdoors. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government

Government Phishing Access Passwords

Defense contractor Belcan leaks admin password with a list of flaws

Security Affairs

AUGUST 22, 2023

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions.

Passwords

Passwords Military Manufacturing Analytics

COVID-19 – Phishing attacks target employees that come back to the office

Security Affairs

MAY 30, 2021

Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. ” continues the analysis.

Phishing

Phishing Authentication Access Government

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Security Affairs

MARCH 27, 2020

Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts of state-sponsored phishing or malware attacks to its users during 2019.

Phishing

Phishing Passwords Risk Personal data

Experts found information of European politicians on the dark web

Security Affairs

JUNE 3, 2024

40% of 2,280 official government email addresses from the British, European, and French Parliaments were exposed, including passwords, birth dates, and other details. Many of these MPs, MEPs, deputies, and senators hold senior positions, including heads of committees, government ministers, and senior opposition leaders.

Passwords

Passwords Government Data breaches Risk

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

Security Affairs

DECEMBER 11, 2018

Group-IB, an international company that specializes in preventing cyberattacks , has detected more than 40 000 compromised user credentials of online government services in 30 countries around the world. Group-IB Threat Intelligence has detected government websites’ user accounts compromised by cyber criminals in 30 countries.

Government

Government Passwords Military Archiving

China-linked APT Curious Gorge targeted Russian govt agencies

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing

Manufacturing Phishing Passwords Military

Google warned 12K+ users targeted by state-sponsored hackers

Security Affairs

DECEMBER 1, 2019

Over 90 percent of the users identified by Google were targeted via “credential phishing emails” that attempt to trick victims into providing their password or other account credentials to hijack their Google account. “TAG tracks more than 270 targeted or government-backed groups from more than 50 countries.

Phishing

Phishing Passwords Authentication Risk

CISA warns of recent successful cyberattacks against cloud service accounts

Security Affairs

JANUARY 14, 2021

According to the agency, the attackers conducted phishing campaigns and exploited poor cyber hygiene practices of the victims in the management of cloud services configuration. Government experts confirmed that the threat actors initially attempted brute force logins on some accounts without success.

Cloud

Cloud Phishing Passwords Authentication

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures.

Phishing

Phishing Government Archiving Passwords

Gamblers’ data compromised after casino giant Strendus fails to set password

Security Affairs

NOVEMBER 15, 2023

Source: Cybernews Usernames Names Government ID numbers (CURP) Phone numbers Email addresses Home addresses Dates of Birth Gender KYC status IP addresses used to register for an account IP addresses used to log in Deposit amounts Withdrawal amounts Notes on users, submitted by admins and customer support agents. Amount of leaked data.

Passwords

Passwords Authentication Risk Access

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The cyberespionage group continues to target members of defense companies, embassies, governments, and the military.

Phishing

Phishing Military Government Passwords

Three APT groups have targeted at least seven COVID-19 vaccine makers

Security Affairs

NOVEMBER 13, 2020

Several organizations targeted by the APT groups that have contracts with or investments from government agencies for Covid-19 related work. Strontium hackers launched password spraying and brute-force attacks to break into victim accounts and steal sensitive information. ” concludes the post. ” Pierluigi Paganini.

Healthcare

Healthcare Phishing Government Passwords

FBI issued a flash alert about Netwalker ransomware attacks

Security Affairs

AUGUST 2, 2020

and foreign government organizations. and foreign government organizations. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors.” Use two-factor authentication with strong passwords. ” reads the alert. public health organization. .”

Ransomware

Ransomware Encryption Passwords Government

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. On July 28 and again on Aug. According to an Aug.

Passwords

Passwords Phishing Access Encryption

Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed

Security Affairs

JANUARY 22, 2024

The dataset is extremely dangerous as threat actors could leverage the aggregated data for a wide range of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts,” the researchers said. The leak’s scale is of yet unseen proportions.

Data breaches

Data breaches Phishing Passwords Cybersecurity

XDSpy APT remained undetected since at least 2011

Security Affairs

OCTOBER 2, 2020

The APT group, recently discovered by ESET, targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine, including militaries and Ministries of Foreign Affairs. Experts also noticed that hackers also used NirSoft utilities to recover passwords from web browsers and email clients.

Military

Military Phishing Passwords Government

Why Phishing-Resistant MFA Is on US Government Fast Track

Data Breach Today

OCTOBER 14, 2022

Stopping Cyberattacks by Moving Away From Password-Based Authentication The January memorandum from President Biden’s Office of Management and Budget calls for adopting multifactor authentication that includes the verification of device-based security controls, continuous monitoring, and authentication and mandates a switch to phishing-resistant MFA (..)

Phishing

Phishing Government Authentication Passwords

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. com usps.trckspost[.]com

Phishing

Phishing Analytics Passwords Government

Iran-linked APT group Charming Kitten targets journalists, political and human rights activists

Security Affairs

FEBRUARY 7, 2020

candidate , government officials, and expatriate Iranians. “ Certfa Lab has identified a new series of phishing attacks from the Charming Kitten 1 , the Iranian hacking group who has a close relationship with Iran’s state and Intelligence services. .” Israel, Iraq, and Saudi Arabia. ” concludes the report.

Phishing

Phishing Government Passwords Authentication

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. government agencies. government agencies and large organizations were hit by cyberattacks due to a vulnerability in their IT infrastructure provider – SolarWinds. Organizations must have a robust password policy.

Data breaches

Data breaches Passwords Encryption Cybersecurity

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

Security Affairs

AUGUST 8, 2024

The BlackSuit ransomware has targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing. The BlackSuit actors gain initial access to victim networks through several methods, including Phishing campaigns, Remote Desktop Protocol (RDP) (Used in about 13.3%

Ransomware

Ransomware Communications Manufacturing Phishing

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The CISA agency is warning of a surge in Emotet attacks targeting multiple state and local governments in the US since August. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August.

Government

Government Libraries Cybersecurity Phishing

Russian APT group Winter Vivern targets email portals of NATO and diplomats

Security Affairs

MARCH 31, 2023

A Russian hacking group, tracked Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. The CVE-2022-27926 flaw affects Zimbra Collaboration versions 9.0.0,

Military

Military Phishing Passwords Government

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The government experts released new and updated Malware Analysis Reports (MARs) related to new malware families involved in new attacks carried out by North Korea-linked HIDDEN COBRA group. .” If these services are required, use strong passwords or Active Directory authentication. the extension matches the file header).

Passwords

Passwords Access Phishing Authentication

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere. The attack chain associated with ARCHIPELAGO starts with phishing emails that embed malicious links.

Phishing

Phishing Passwords Military Education

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

The Israeli statement did not explicitly refer to the government of Pyongyang and did not provide details about the attack (the targeted companies, data of the attack). The attackers launched spear-phishing attacks against employees of the targeted firms, the messages impersonated managers, CEOs and leading officials in HR departments.

Agriculture

Agriculture Manufacturing Phishing Government

Upcoming Ukraine elections in the crosshairs of hackers

Security Affairs

JANUARY 26, 2019

Ukraine reported a surge in cyber attacks aimed at disrupting the upcoming presidential election, the Government believes that Russian nation-state actors could be responsible for them. Threat actors are carrying out spear-phishing attacks against election officials, in some cases, they are using stolen credentials purchased on the dark web.

Phishing

Phishing Passwords Government Access

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The emails provide updates on the Coronavirus outbreak, it includes stats on the epidemic and contains an email of corona-virus@caramail.com that is likely used for phishing purposes. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information.

Phishing

Phishing Archiving Sales Encryption

US govt warns critical infrastructure of ransomware attacks during holidays

Security Affairs

NOVEMBER 22, 2021

Mandate strong passwords and ensure they are not reused across multiple accounts. Government experts also warn of other malicious activities such as phishing scams , fraudulent sites spoofing reputable businesses , and unencrypted financial transactions. ” concludes the alert.

Ransomware

Ransomware Phishing Passwords Authentication

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 4, 2023

Proofpoint researchers recently reported that a Russian hacking group, tracked as Winter Vivern (aka TA473), has been actively exploiting vulnerabilities ( CVE-2022-27926 ) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. reads the post published by Proofpoint.

IT

IT Military Phishing Passwords

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs

AUGUST 6, 2020

and foreign government organizations. Use two-factor authentication with strong passwords. Recently the FBI has issued a security alert about Netwalker ransomware attacks targeting U.S. The feds are recommending victims, not to pay the ransom and reporting incidents to their local FBI field offices. Consider installing and using a VPN.

Ransomware

Ransomware Passwords Marketing Access

Security Affairs newsletter Round 324

Security Affairs

JULY 25, 2021

Japanese computers hit by a wiper malware ahead of 2021 Tokyo Olympics Obtaining password hashes of Windows systems with PetitPotam attack. If you want to also receive for free the international press subscribe here. If you want to also receive for free the international pre ss subscribe here.

Security

Security Ransomware Data breaches Personal data

Security Affairs newsletter Round 316

Security Affairs

MAY 30, 2021

SonicWall fixes an NSM On-Prem bug, patch it asap! Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Ransomware Passwords Phishing

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Phishing Attacks: Phishing is the top cyber attack, causing 90% of data breaches. Social Engineering Attacks: Social engineering attacks, such as phishing and pretexting, remain a top concern, with 65% of organizations experiencing phishing attempts and 47% falling victim to social engineering tactics.

Security

Security Phishing IoT Ransomware

FIFA was hacked again, this is the second hack in a year

Security Affairs

NOVEMBER 2, 2018

The Fédération Internationale de Football Association, aka FIFA, is a governing body of association football, futsal, and beach soccer. FIFA reveals it was the victim of a new s uccessful phishing campaign that resulted in the exposed confidential information of the organizations. ” states The New York Times. ” .

Phishing

Phishing Data breaches Passwords Government

Storm-2372 used the device code phishing technique since August 2024

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Webinars

Trending Sources

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Webinars

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Russia behind a massive spear-phishing campaign that hit Ukraine

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Earth Krahang APT breached tens of government organizations worldwide

Defense contractor Belcan leaks admin password with a list of flaws

COVID-19 – Phishing attacks target employees that come back to the office

Google issued 40,000 alerts of State-Sponsored attacks in 2019

Experts found information of European politicians on the dark web

Group-IB identifies leaked credentials of 40,000 users of government websites in 30 countries

China-linked APT Curious Gorge targeted Russian govt agencies

Google warned 12K+ users targeted by state-sponsored hackers

CISA warns of recent successful cyberattacks against cloud service accounts

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Gamblers’ data compromised after casino giant Strendus fails to set password

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Three APT groups have targeted at least seven COVID-19 vaccine makers

FBI issued a flash alert about Netwalker ransomware attacks

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Mother of all breaches – a historic data leak reveals 26 billion records: check what’s exposed

XDSpy APT remained undetected since at least 2011

Why Phishing-Resistant MFA Is on US Government Fast Track

Phishers Spoof USPS, 12 Other Natl’ Postal Services

Iran-linked APT group Charming Kitten targets journalists, political and human rights activists

3 of the Worst Data Breaches in the World That Could Have Been Prevented

FBI and CISA update a joint advisory on the BlackSuit Ransomware group

CISA alert warns of Emotet attacks on US govt entities

Russian APT group Winter Vivern targets email portals of NATO and diplomats

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Israel announced to have foiled an attempted cyber-attack on defence firms

Upcoming Ukraine elections in the crosshairs of hackers

New Coronavirus-themed malspam campaign delivers FormBook Malware

US govt warns critical infrastructure of ransomware attacks during holidays

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

Netwalker ransomware operators claim to have stolen data from Forsee Power

Security Affairs newsletter Round 324

Security Affairs newsletter Round 316

26 Cyber Security Stats Every User Should Be Aware Of in 2024

FIFA was hacked again, this is the second hack in a year

Stay Connected