Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Threat Campaign Against Researchers Ongoing, CISA Warns

In January, a social engineering campaign was launched against vulnerability researchers. They were sent unsolicited messages on various platforms, including LinkedIn, Twitter, Discord, Telegram, and Keybase. We thought that that was the end of it. It was not.

The scoop

The CISA has cautioned researchers to keep their guards up as the same wave of attacks continues. The agency has recommended that cybersecurity practitioners examine reports on the attacks, published by Microsoft, Google, and CISA. The notification urges researchers to use sandbox systems isolated from trusted networks when analyzing untrusted websites or codes.

Why does it matter?

While the attack may not be anything unique, it stands out because of the protracted investment of the threat actors in developing credibility with their targets. This attempt by the attackers to blend in with the security community came as a shock to the latter. Moreover, what’s jarring is that the ultimate purpose of the attackers still remains unknown.

Security researchers targeted

  • A spear-phishing campaign dubbed BadBlood, conducted by Charming Kitten APT, was targeted at 25 senior researchers in the fields of oncology, genetic research, and neurology. The aim of the campaign was to steal their credentials.
  • Last month, North Korean hackers set up a fake security company, SecuriElite, to lure researchers into visiting the booby-trapped website.

The bottom line

Security researchers often build online connections with people they don’t know; this practice might lead them to dangerous dungeons dug by threat actors. The incidents mentioned above should serve as a reminder to exert caution when jumping into unknown territories or dealing with strangers on the internet.

Source: https://cyware.com/news/threat-campaign-against-researchers-ongoing-cisa-warns-9b8b2b9d

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Bureaucracy and dispersed authorities hinder the Cybersecurity and Infrastructure Security Agency’s ability to carry out its mission as network cyber lead, according to an...

Cyber Security

Agency resources are intended to address the longstanding challenges health systems and hospitals have faced from increasingly advanced cyberattacks. The Cybersecurity and Infrastructure Security...

Cyber Security

The nation’s cyber defense agency wants to play a key role in hardening the broader open source software security ecosystem. The Cybersecurity and Infrastructure...

Cyber Security

State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA, the...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO