Want to target a large swath of cybersecurity professionals in one go? Just crash their "cyber" party with a decoy document.
So goes the modus operandi for an advanced persistent threat group of hackers who appear to have targeted the upcoming International Conference on Cyber Conflict - CyCon U.S. - taking place at the Ronald Reagan building in Washington from Nov. 7 to Nov. 8, researchers at Cisco's Talos security group warn.
CyCon U.S. is a collaboration between the Army Cyber Institute at the U.S. Military Academy and the NATO Cooperative Cyber Defense Centre of Excellence, based in Tallinn, Estonia, where the complementary CyCon Conference is held every spring. The IEEE Computer Society is a technical co-sponsor of both events as well.
The conference organizers bill CyCon U.S. as being "a venue for fresh ideas, relevant and actionable content, insight into future trends, and access to industry, government and military leaders, cyber innovators and pioneers in the discipline." They say it will include discussions about new cyber initiatives as well as research and cooperation into "cyber threats and opportunities" spanning technical, legal, political, military and economic arenas.
The theme of this year's CyCon U.S. is "The Future of Cyber Conflict." But for at least some conference attendees, the conflict comes now, say Talos security researchers Warren Mercer, Paul Rascagneres and Vitor Ventura.
Potential conference attendees, they say, are being targeted by at least one decoy document designed to resemble a CyCon U.S. flier, but which includes malware that's been previously used by the Fancy Bear hacker group, aka APT28. Full Story at CU InfoSecurity.
Free Phishing Security Test
Did you know that 91% of successful data breaches started with a spear-phishing attack?
Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone™ with our new, improved free test.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: