Fake Airbus emails were used as phishing lure. (Photo: Airbus)
A spear-phishing campaign is targeting aviation companies, using malicious documents that deliver information-stealing malware, according to alerts from Microsoft Security Intelligence.
In a series of alerts posted on Twitter, Microsoft says it has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers the remote access Trojan RevengeRAT, aka AsyncRAT.
Microsoft notes the campaign, which has been active in recent months, involves attackers spoofing emails of legitimate organizations with lures relevant to aviation, travel or cargo.
Attack Tactics
Apr 28, 2021 4:00 AM PT
A powerful hardware-based threat detection technology is being integrated into a Microsoft enterprise security product to help protect businesses from cryptojacking malware.
The move, which integrates Intel Threat Detection Technology with Microsoft Defender for Endpoint, was announced Monday in a blog written by Karthik Selvaraj, principal research manager for Microsoft 365 s Defender Research Team. Microsoft s approach is a good move, observed Dirk Schrader, global vice president for New Net Technologies, a Naples, Fla.-based provider of IT security and compliance software.
He explained that since cryptominers are using a small fraction of the power of many devices, they re often ignored by security teams.
The notorious Emotet botnet software began uninstalling itself from some one million computers Sunday. The uninstall command was part of an update sent to the infected computers by law enforcement servers in the Netherlands after Emotet s infrastructure was compromised in January during a multinational operation mounted by eight nations.
UPDATE
A database filled with the medical records of nearly 200,000 U.S. military veterans was exposed online by a vendor working for the Veterans Administration, according to an analyst, who also presented evidence the data might have been exfiltrated by ransomware attackers.
The VA for it’s part said that the evidence may point to internal security work rather than a cyberattack.
The files were first discovered on April 18 by researcher Jeremiah Fowler, who found the database sitting exposed online without even basic password protection. Fowler said the files made several references to United Valor Solutions. United Valor is a North Carolina-based company which “provides disability evaluation services for the Veterans Administration and other federal and state agencies,” according to its site.
BCD-Sintrag und New Net Technologies schliessen Vertriebspartnerschaft itreseller.ch - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from itreseller.ch Daily Mail and Mail on Sunday newspapers.