Iran's National Computer Emergency Response Team acknowledged today that two Iranian government agencies had come under cyberattack, which had been successfully confined to those two organizations. The Jerusalem Post notes that the disclosure came after rumors of the disruption circulated widely in social media.
Norwegian Foreign Minister Ine Eriksen Soreide announced that Moscow was responsible for a recent attack on Norway’s parliamentary email system. The BBC quotes the Foreign Minister as saying, "Based on the information available to the government it is our assessment that Russia stood behind this activity." Moscow dismissed the statement as a "serious and wilful provocation."
FireEye today released an account of the activities of FIN11, a “financially motivated APT,” that is, a criminal gang. What they lack in sophistication they make up in volume, running as many as five large-scale phishing expeditions a week. Their targets were initially chosen from the financial, retail, and hospitality sectors, but over the past year FIN11’s target list has expanded to the point where few sectors or geographical regions have escaped attention.
Digital Shadows describes an SMS-based campaign that uses highly personalized clickbait to induce its victims to follow the proffered link. It was originally known as the “USPS texting scam,” but it’s expanded far beyond messaging that impersonates the US Postal Service. It targets victims in the US.
The COVID-19 pandemic has induced a large number of unemployment claims, and the US Treasury Department warns banks to watch for signs of a correspondingly large rise in unemployment fraud.