Russia’s APT29 Launches Major Spear Phishing Campaign

Dec 23, 2024 5:14:23 PM By Stu Sjouwerman

Trend Micro warns that the Russian state-sponsored threat actor Earth Koshchei (also known as “APT29” or “Cozy Bear”) is using spear phishing emails to trick victims into connecting to ...

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Dec 17, 2024 10:05:27 AM By Stu Sjouwerman

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November ...

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

Dec 13, 2024 12:31:54 PM By Stu Sjouwerman

A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.

China Threat Actor Targets Individuals and Entities in Japan Via Spear Phishing Campaign

Dec 2, 2024 2:42:53 PM By Stu Sjouwerman

Researchers at Trend Micro warn that the China-aligned threat actor Earth Kasha has launched a new spear phishing campaign targeting individuals and organizations in Japan.

Nation-State Threat Actors Rely on Social Engineering First

Nov 12, 2024 3:38:33 PM By Stu Sjouwerman

A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.

Chinese Threat Actor Targets OpenAI With Spear-Phishing Attacks

Oct 16, 2024 3:47:17 PM By Stu Sjouwerman

OpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.

The U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing Attacks

Oct 2, 2024 3:10:00 PM By Stu Sjouwerman

The U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus ...

Election-Themed Phishing Threats Are on the Rise

Sep 25, 2024 1:54:49 PM By Stu Sjouwerman

Researchers at ReliaQuest have published a report looking at cyber threats surrounding the upcoming US presidential election, warning that election-related phishing will continue to ...

U.S. Government Indicts Chinese National For Alleged Spear Phishing Attacks

Sep 18, 2024 1:40:36 PM By Stu Sjouwerman

The U.S. Justice Department has indicted a Chinese national, Song Wu, for allegedly sending spear phishing emails to employees at various U.S. military and government entities, research ...

Phishing is Still the Top Initial Access Vector

Sep 5, 2024 11:21:58 AM By Stu Sjouwerman

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...

Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks

Aug 29, 2024 8:52:16 AM By Stu Sjouwerman

Researchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic ...

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Aug 21, 2024 4:02:10 PM By Stu Sjouwerman

Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.

Russian Super-Threat Group Fin7 Comes Back from the Dead

Jul 26, 2024 8:33:58 AM By Stu Sjouwerman

Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands.

Russian Spear Phishing Campaigns Target NATO Entities

Jul 10, 2024 10:00:52 AM By Stu Sjouwerman

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has ...

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

Jul 2, 2024 1:55:38 PM By Stu Sjouwerman

What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement.

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

Jun 27, 2024 1:46:32 PM By Stu Sjouwerman

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to ...

Simulated Phishing Tests Matter

Jun 26, 2024 1:51:18 PM By Roger Grimes

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Jun 18, 2024 1:58:40 PM By Stu Sjouwerman

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Jun 17, 2024 3:15:49 PM By Stu Sjouwerman

Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in ...

[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing Test

Jun 4, 2024 8:00:00 AM By Joanna Huisman

The prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics