Iranian Hackers Are Targeting Israeli Officials, Military Officers, Others Using Spearphishing
Sandworm may be exploiting Follina, Gallium has new stealth RAT, BlackCat actors target Microsoft Exchange servers, AZ medical center exposed 700K patients' data, Man sentenced for DDoS attack, more
My latest CSO column looks at the main takeaways on ransomware from the RSA conference. Despite some perceptions, ransomware is on the upswing with possible BEC-ransomware hybrids ahead.
Researchers at Check Point say that hackers possibly affiliated with Iran have been running a spearphishing campaign targeting former Israeli officials, high-ranking military personnel, the head of a leading security think tank, and the former U.S. ambassador to Israel.
The hackers conduct the spearphishing campaign through both hijacked legitimate and phony email accounts, a fake URL shortener, a credential-harvesting Yahoo-themed phishing page, and the use of a legitimate document verification service to obtain targets’ ID or passport scans. Check Point speculates that the campaign could be the work of Phosphorus, a prolific Iranian government-connected cyber-espionage group also known as APT35, Newscaster Team, Charming Kitten, or Magic Hound. (AJ Vicens / Cybersco…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.