The physical threat of Iranian-made unmanned aerial vehicles (UAVs), commonly known as drones, has been evident in conflict zones over Israel, the Red Sea, and Ukraine. Irans burgeoning drone industry also poses significant challenges to global
Continue ReadingCategory: Recorded Future
Recent Incidents Have CISOs — and Everyone Else — Talking
Recent Incidents Have CISOs and Everyone Else TalkingOver recent months, we have seen hundreds of companies compromised as a result of massive data breaches, and defective software updates causing widespread system outages. Threat actors immediately launched
Continue Reading“ERIAKOS” Scam Campaign: Detected by Recorded Future’s Payment Fraud Intelligence Team
Recorded Futures Payment Fraud Intelligence team has identified a scam e-commerce network, named the ERIAKOS campaign, targeting Facebook users. This campaign, detected on April 17, 2024, involves 608 fraudulent websites using brand impersonation and malvertising tactics
Continue ReadingSecurity Challenges Rise as QR Code and AI-Generated Phishing Proliferate
SummaryBetween Q4 2023 and Q1 2024, cybercriminals increasingly used QR codes and AI-generated phishing tactics to target executives, exploiting AWS SNS for malicious SMS and VAST tags for malvertising. These sophisticated methods enable threat actors to
Continue ReadingDespite Sanctions, North Koreans Continue to Use Foreign Technology
Summary:Insikt Group's recent analysis reveals that North Koreans continue to use foreign technology to access the internet despite heavy sanctions. This includes Apple, Samsung, and Huawei devices, as well as various social media platforms. A notable
Continue ReadingTAG-100 Uses Open-Source Tools in Suspected Global Espionage Campaign, Compromising Two Asia-Pacific Intergovernmental Bodies
SummaryRecorded Futures Insikt Group identified a suspected cyber-espionage campaign by TAG-100, targeting global government and private sector organizations. TAG-100 exploited internet-facing devices and used open-source tools like the Go backdoor Pantegana. The campaign compromised two Asia-Pacific
Continue ReadingRussia-Linked CopyCop Expands to Cover US Elections, Target Political Leaders
Insikt Group's report reveals that CopyCop, a likely Russian government-aligned influence network, has shifted its focus to the 2024 US elections. Using AI and inauthentic websites, CopyCop creates and spreads political content. The network registered 120
Continue ReadingChinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation
From November 2023 to April 2024, Insikt Group identified cyber-espionage activities conducted by RedJuliett, a likely Chinese state-sponsored group, primarily targeting government, academic, technology, and diplomatic organizations in Taiwan. RedJuliett exploited known vulnerabilities in network edge
Continue ReadingRansomHub Draws in Affiliates with Multi-OS Capability and High Commission Rates
RansomHub, a new ransomware-as-a-service (RaaS) platform, emerged in February 2024, targeting Windows, Linux, and ESXi systems with malware written in Go and C++. Its high 90% commission rate attracts seasoned affiliates, leading to a surge in
Continue ReadingThe Travels of “markopolo”: Self-Proclaimed Meeting Software Vortax Spreads Infostealers, Unveils Expansive Network of Malicious macOS Applications
Recorded Futures Insikt Group identified that Vortax, a purported virtual meeting software, spreads three infostealersRhadamanthys, Stealc, and Atomic macOS Stealer (AMOS). This extensive campaign targets cryptocurrency users, exploiting macOS vulnerabilities. Operated by the threat actor markopolo,
Continue Reading