spear-phishing

In the ever-shifting realm of cybersecurity, threat actors continue to refine their methods—and the latest report from KnowBe4’s CyberheistNews Vol 15 #08 reveals a chilling new approach. Russian threat groups, including the notorious SVR’s Cozy Bear, are exploiting a little-known authentication...

Cybercriminals continue to evolve their tactics, and the latest intelligence from KnowBe4 reveals yet another level of sophistication in spear-phishing campaigns. In a detailed blog update from KnowBe4, Russian threat actors—including groups linked to the SVR’s notorious Cozy Bear—are leveraging...

In a striking demonstration of cybercrime ingenuity, a sophisticated Chinese APT group—known as Mustang Panda—has been found exploiting a legitimate Windows tool to slip past antivirus defenses. This emerging threat, uncovered by threat researchers at Trend Micro, involves the abuse of...

In today’s rapidly evolving cybersecurity landscape, even the most trusted platforms can become targets for sophisticated attacks. Recent research from Volexity, as featured on the KnowBe4 Blog, has revealed that Russian threat actors—among them the notorious SVR-linked Cozy Bear—are leveraging...

In a sophisticated twist on traditional cyberattacks, a spear-phishing campaign is now targeting Microsoft 365 accounts by hijacking the genuine device code authentication process. This emerging attack vector, steeped in deception and ingenuity, transforms a legitimate login mechanism into a...

The world of cybersecurity continues to be as exhilarating as a high-speed car chase in a spy thriller, and as of mid-November 2024, the antics of Russian threat actor Star Blizzard, also known to some as SEABORGIUM, have taken center stage yet again. This time, their target is none other than...

In a chilling reminder of the ever-looming cybersecurity threats we face, the Cybersecurity and Infrastructure Security Agency (CISA) recently announced a widespread spear-phishing campaign targeting organizations across various sectors, including government and information technology. Threat...

Original release date: October 22, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to...

Original release date: October 2, 2018 | Last revised: December 21, 2018 Systems Affected Retail Payment Systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS), the Department of the Treasury (Treasury), and the...