CyberCX Security Report | June 2021

Read the full story

is warning it has uncovered a new spearphishing campaign by the same hacking group believed to be behind the devastating supply chain attacks. They are believed to be targeting a large number of organisations across many countries.

Spearphishing involves highly targeted attacks against high-value targets. In this case, it appears the spearphishing is targeted towards government agencies involved with foreign policy, and international development organisations. Around 3000 email accounts used by over 150 organisations in 24 countries are affected.

The emails contain malicious HTML that executes a JavaScript code. That code writes an ISO disc image file to a computer’s storage, with the target being encouraged to open it. Once opened, a .LNK shortcut is executed, which runs a file. This in turn runs the Beacon command and control module.

According to Microsoft, the attacks were focused on intelligence gathering, as opposed to being financially motivated. This is a further indication that nation-state actors are likely to be behind this and the earlier SolarWinds .

This is a reminder of the importance of having training measures in place so the people in your organisation are equipped with the skills they need

Read More: