Search results for ATTACK SHARK | Breaking Cybersecurity News | The Hacker News

Business email compromise (BEC) refers to all types of email attacks that do not have payloads. Although there are numerous types, there are essentially two main mechanisms through which attackers penetrate organizations utilizing BEC techniques, spoofing and account take-over attacks. In a recent  study , 71% of organizations acknowledged they had seen a business email compromise (BEC) attack during the past year. Forty-three percent of organizations experienced a security incident in the last 12 months, with 35% stating that BEC/phishing attacks account for more than 50% of the incidents. The  FBI's Internet Crime Complaint Center  (IC3) reports that BEC scams were the most expensive of cyberattacks in 2020, with 19,369 complaints and adjusted losses of approximately $1.8 billion. Recent BEC attacks include spoofing attacks on Shark Tank Host Barbara Corcoran, who lost  $380,000 ; the Puerto Rican government attacks that amounted to $4 million, and Japanese medi...

IT and communication companies in Israel were at the center of a supply chain attack campaign spearheaded by an Iranian threat actor that involved impersonating the firms and their HR personnel to target victims with fake job offers in an attempt to penetrate their computers and gain access to the company's clients. The attacks, which occurred in two waves in May and July 2021, have been linked to a hacker group called Siamesekitten (aka Lyceum or Hexane) that has primarily singled out oil, gas, and telecom providers in the Middle East and in Africa at least since 2018, researchers from ClearSky  said  in a report published Tuesday. Infections undertaken by the adversary commenced with identifying potential victims, who were then enticed with "alluring" job offers in well-known companies like ChipPc and Software AG by posing as human resources department employees from the impersonated firms, only to lead the victims to a phishing website containing weaponized files t...

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig . The attacks singled out Iraqi organizations such as the Prime Minister's Office and the Ministry of Foreign Affairs, cybersecurity company Check Point said in a new analysis. OilRig, also called APT34, Crambus, Cobalt Gypsy, GreenBug, Hazel Sandstorm (formerly EUROPIUM), and Helix Kitten, is an Iranian cyber group associated with the Iranian Ministry of Intelligence and Security (MOIS). Active since at least 2014, the group has a track record of conducting phishing attacks in the Middle East to deliver a variety of custom backdoors such as Karkoff, Shark, Marlin, Saitama, MrPerfectionManager, PowerExchange, Solar, Mango, and Menorah for information theft. The latest campaign is no exception in that it involves the use of a new set of malware families dubbed Veaty and Spearal, which come with capabilities t...

If your Facebook wall offers you any horror videos that claim to be of a real ghost spotted, don't dare to click on them, as it may be hoaxes, malwares or scams contained within which are the real horror for the online users. We have seen a lot of Facebook scams spreading through the Facebook timeline in wild that encourages users to click on it and fall victim, and this time some new horror scam campaign is going viral on Facebook. Christopher Boyd from the security firm Malwarebytes has discovered an epidemic of hoaxes making their way around Facebook with paranormal themes, including: Alleged footage of an "actual" ghost attack a video featuring the Aswang that is described as "a mythical shape-shifting were-dog/vampire/terrifying thing from the Philippines" a video of Mermaids claiming they are back! Video of a huge great white shark tearing apart a sea captain. Facebook has become one of the most popular social networking website with more than one billion ...

Cyber Security researchers have discovered a family of information stealing malware targeting Pakistan that originates out of India.  Norman Shark, the global security leader in malware analysis solutions for enterprises, service providers and government, today released a report detailing a large and sophisticated cyber-attack infrastructure that appears to have originated from India. The attacks, conducted by private threat actors over a period of three years and still ongoing, showed no evidence of state sponsorship but the primary purpose of the global command-and-control network appears to be intelligence gathering from a combination of national security targets and private sector companies. Attackers used known vulnerabilities in Microsoft software, chucking malware dubbed HangOver onto target machines, most of which were based in Pakistan, where 511 infections associated with the campaign were detected. HangOver installs keyloggers , takes screenshots and...

A state-sponsored threat actor allegedly affiliated with Iran has been linked to a series of targeted attacks aimed at internet service providers (ISPs) and telecommunication operators in Israel, Morocco, Tunisia, and Saudi Arabia, as well as a ministry of foreign affairs (MFA) in Africa, new findings reveal. The intrusions, staged by a group tracked as Lyceum, are believed to have occurred between July and October 2021, researchers from Accenture Cyber Threat Intelligence (ACTI) group and Prevailion's Adversarial Counterintelligence Team (PACT) said in a technical report. The names of the victims were not disclosed. The latest revelations throw light on the web-based infrastructure used by Lyceum, over 20 of them, enabling the identification of "additional victims and provide further visibility into Lyceum's targeting methodology," the researchers  noted , adding "at least two of the identified compromises are assessed to be ongoing despite prior public discl...

The Iranian nation-state hacking group known as  OilRig  has continued to target government organizations in the Middle East as part of a cyber espionage campaign that leverages a new backdoor to exfiltrate data. "The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers," Trend Micro researchers Mohamed Fahmy, Sherif Magdy, and Mahmoud Zohdy  said . While the technique in itself is not unheard of, the development marks the first time OilRig has adopted it in its playbook, indicating the continued evolution of its methods to bypass security protections. The advanced persistent threat (APT) group, also referred to as APT34, Cobalt Gypsy, Europium, and Helix Kitten, has been  documented  for its targeted phishing attacks in the Middle East since at least 2014. Linked to Iran's Ministry of Intelligence and Security (MOIS), the group is known to use a diverse toolset in its operation...