The malware double extortion website is again up, with new victims and a message: “Despite your hopes, we are with you again”.
FBI-CISA cybersecurity experts: APT actors are targeting U.S. Think Tanks for cyber espionage purpose
APT hackers are targeting U.S. Think Tanks. It has been denounced jointly by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). Goal: steal sensitive information, acquire user credentials, and gain persistent access to victim networks. The two organizations observed persistent continued cyber intrusions often, but not exclusively, directed at individuals and organizations focused on international affairs or national security policy. The threat actors rely on multiple avenues for initial access. These include low-effort capabilities such as spearphishing emails and third-party message services directed at both corporate and personal accounts, as well as exploiting vulnerable web-facing devices and remote connection capabilities. Increased telework during the COVID-19 pandemic has expanded workforce reliance on remote connectivity, affording malicious actors more opportunities to exploit those connections and to blend in with increased traffic. Attackers may leverage VPNs and other remote work tools to gain initial access or persistence on a victim’s network.