Proofpoint researchers have released a study debunking several misconceptions about threat actors' social engineering tactics, TechRepublic reports.
Contrary to the belief that malicious links are being aimlessly sent to numerous victims, attackers have been spending time establishing rapport with potential victims through questions sent through email or conversations prior to conducting attacks. Threat actors have also been impersonating Microsoft, Google, and other legitimate services in their attacks, most of whom have been exploiting Google-related URLs.
Malicious actors have also moved to call center-based email attacks by leveraging remote assistance software or a malware-laced document, dispelling the common notion that only computers are used for email-based threats, according to the study.
Other debunked assumptions include cybercriminals' lacking awareness of email conversations and threads, as well as their sole use of business-related content. Researchers noted that attackers have been increasingly exploiting email threads, as well as social issues to facilitate ransomware spread.
Hamas spokesperson Hudhayfa Samir Abdallah al-Kahlut, also known as "Abu Ubaida," has been sanctioned by the U.S. Treasury Department for his leadership of the group's cyber influence operations, reports The Record, a news site by cybersecurity firm Recorded Future.
TechCrunch reports that U.S. conservative think tank The Heritage Foundation was working on addressing a cyberattack against its systems last week, but investigation into whether any of its data was compromised is still underway.
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, has leveraged the novel DarkBeatC2 command-and-control infrastructure tool as part of its latest attack campaign, The Hacker News reports.