Chinese Hackers Target Building Management Systems

Threat hunters at Kaspersky have uncovered a series of attacks that targeted organizations across telecoms, transportation, and industrial sectors with the ShadowPad backdoor. The campaign hit the manufacturing and telecoms industries in Afghanistan and Pakistan, and a logistics and transport organization (a port) in Malaysia. read more

Continue Reading

Threat actors increasingly use third parties to run their scams

Abnormal Security released new research that showcases a rising trend in financial supply chain compromise as threat actors impersonate vendors more than ever before. In January 2022, the number of business email compromise (BEC) attacks impersonating external third parties surpassed those impersonating internal employees for the first time and has continued to exceed traditional internal […]

Continue Reading

New Matanbuchus Campaign drops Cobalt Strike beacons

Matanbuchus malware-as-a-service (Maas) has been observed spreading through phishing campaigns, dropping Cobalt Strike beacons. Threat intelligence firm Cyble has observed a malware-as-a-service (Maas), named Matanbuchus, involved in malspam attacks dropping Cobalt Strike beacons. Matanbuchus is a malware loader that first appeared on the threat landscape in February 2021, when it was offered for rent on Russian-speaking […]

Continue Reading

How phishing attacks are becoming more sophisticated

The latest APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed to date. This quarter was the first time the three-month total has exceeded one million. There were 384,291 attacks in March 2022, which was a record monthly total. In […]

Continue Reading

Cybercriminals use Azure Front Door in phishing attacks

Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonated various services appearing to be legitimately created on the “azurefd.net” domain. This allows the bad actors to trick users and spread phishing […]

Continue Reading