Suspected Russian phishing campaign sets sights on NATO countries

18 August 2023

NATO-aligned countries’ foreign affairs ministries have been targeted by a new phishing campaign deploying a Duke malware variant, which has been linked to Russian state-backed cyberespionage operation APT29, also known as Cozy Bear, BlueBravo, Cloaked Ursa, The Dukes, Midnight Blizzard, and Iron Hemlock, The Hacker News reports. Attacks commence with emails containing PDF documents leveraging diplomatic lures, which launches a malicious HTML dropper before executing a JavaScript code that then prompts the installation of the Duke malware, according to an EclecticIQ.

Source: SC Magazine

Date:

18 August 2023

Categorie(s):

NEWS

Tag(s):

IT, NATO, News, Russian

The IT skills shortage situation is not expected to get any better17 May 2024
Organizations struggle to defend against ransomware17 May 2024
Too many ICS assets are exposed to the public internet17 May 2024
New infosec products of the week: May 17, 202417 May 2024
One big problem SOC teams can actually solve with AI17 May 2024