Add LogMeIn to the list of remote services and collaboration platforms whose users are being targeted by phishing scammers seeking to take advantage of businesses’ current work-from-home policies under COVID-19. In a company blog post, Abnormal Security researchers reported witnessing an influx of campaigns targeting LogMeIn — provider of cloud-based remote connectivity services for collaboration,…
Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave the way according to Verizon’s newly released 2020 Data Breach Investigations Report (DBIR). Verizon researchers analyzed 157,525 known “incidents” (defined as a security event that results in the compromise of an information asset) and 3,950…
Nigerian cybercriminal actors are shamelessly exploiting the COVID-19 pandemic to infect government health care agencies, academic medical programs, medical publishing firms and more with malware, largely for the purpose of conducting Business Email Compromise operations. In a company blog post, researchers with Palo Alto Networks’ Unit 42 threat intelligence team have reported observing three prominent…
A hacker reportedly used both bribery and social engineering to gain unauthorized access to a customer support system operated by the popular video game Roblox — illustrating why companies must be on the lookout for employees who fit the mold of an insider threat. The unnamed hacker told Motherboard that they paid one insider to…
As the COVID-19 pandemic pushes the above-ground economy to the brink of a major recession, the cybercrime economy appears to still be hard-charging ahead. And yet, the virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalize on global fears, as…
An updated Aggah malspam campaign is distributing malicious Microsoft Office documents designed to trigger a multi-stage infection in order to a target a user’s endpoint. The campaign is depositing Agent Tesla, njRAT and Nanocore RAT in a attack that is being run out of several Pastebin accounts, reported Cisco Talos. As with previous Aggah attacks,…
Cybercriminals are posing as delivery companies and pretending to be affected by the COVID-19 pandemic as a means to trick potential victims into opening malicious emails attachments or revealing credentials on phishing websites. Spam and phishing schemes that use postal- and shipping-themed lures are nothing new, but the coronavirus outbreak allows attackers to put a…
The suspected Vietnamese threat group APT32 has been conducting a spearphishing campaign against Chinese targets in an attempt to glean information on COVID-19. FireEye’s Mandiant Threat Intelligence Team reported the attacks have been conducted throughout the pandemic, from early January to date, with the targets including China’s Ministry of Emergency Management as well as the…
Researchers have uncovered a phishing campaign, designed to steal Zoom credentials, that attempts to trick email recipients into thinking they are about to be laid off amid the pandemic. The attackers hope potential victims will click on a malicious link that supposedly links to a Zoom meeting hosted by human resources. The campaign targets Office…
GitHub users are being targeted by a Sawfish phishing campaign designed to steal their GitHub login credentials and time-based one-time password (TOTP) codes. The attack, referred to as Sawfish by GitHub SIRT, comes through a Github message that claims the target’s account has experienced unauthorized activity of some type, GitHub SIRT wrote in a blog.…
