Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services. The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]
In-brief: what’s a good password? According to new guidelines from NIST: one that hasn’t already been stolen by hackers.
In-brief: the FBI is warning the public to beware of business email compromise attacks, saying that they have cost U.S. businesses more than $1.6 billion in losses since 2013.
In-brief: There were a thousand reasons not to click on that Google Docs link…but thousands of people did anyway. Why?
In-brief:The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored “advanced persistent threat” groups, the firm FireEye said in its most recent M-Trends report.