Phishing actors start exploiting the Omicron COVID-19 variant
Bleeping Computer, Bill Toulas
“Threat actors are quick to adjust to the latest trends and hot topics, and increasing people’s fears is an excellent way to cause people to rush to open an email without first thinking it through.” Read More
APT Groups Adopt New Phishing Method. Will Cybercriminals Follow?
Dark Reading, Kelly Sheridan
“By altering document formatting properties of [a rich text format] file, the attacker can weaponize it to access remote content by specifying a URL resource instead of an accessible file destination.” Read More
Yanluowang Ransomware Now Targeting US Companies
PC Magazine, Nathaniel Mott
“Symantec says that Yanluowang attacks typically involve an initial reconnaissance phase followed by credential harvesting, data exfiltration, and finally the encryption of the victim’s files.” Read More
HHS: APT targeting biomanufacturing with stealthy Tardigrade malware
SC Magazine, Jessica Davis
“The main role of this malware is still to download, manipulate files, send main.dll library if possible, deploy other modules and remain hidden [and for] espionage, tunnel creation, and for a bigger payload.” Read More
Credentials exposed for majority of US financial firm employees
SC Magazine, Karen Hoffman
“Employees and humans are the weakest points in terms of an organization’s cybersecurity posture and our findings related to the vast number of exposures in circulation are a serious cause for concern. These exposed credentials are the keys for threat actors to access companies’ sensitive data and critical systems.” Read More