credential harvesting

EMEA and APAC governments targeted in widespread credential harvesting campaign

Cyjax analysts have uncovered a large credential harvesting campaign targeting multiple government departments in APAC and EMEA countries. Over 50 hostnames were analysed, many of which were posing as the Ministry of Foreign Affairs, Ministry of Finance, or Ministry of Energy, in various countries such as Uzbekistan, Belarus, and Turkey; as well as the Main […]

EMEA and APAC governments targeted in widespread credential harvesting campaign Read More »

Credential harvesting campaign targets government, military, and private sector organisations

Cyjax analysts have uncovered a mass credential harvesting campaign targeting a wide range of sectors, including government, military, law enforcement, healthcare, finance, technology, manufacturing, and energy. Key campaign attributes Malicious use of the SendGrid email marketing service to distribute URLs to the landing pages. Phishing emails leverage an image with an embedded URL that masquerades

Credential harvesting campaign targets government, military, and private sector organisations Read More »

Office 365 credential-harvesting campaign leveraging Basecamp

Cyjax analysts recently uncovered an Office 365 credential-harvesting campaign that masquerades as “A Message from Your CEO”. The delivery system leveraged in these attacks uses multiple techniques to bypass secure email gateways (SEG), one of which has surfaced again in a BazarLoader infection chain. This technique is effective because Basecamp and Google Cloud hosting are

Office 365 credential-harvesting campaign leveraging Basecamp Read More »

Credential harvesting campaigns target governments and cybersecurity companies

Threat analysts at Cyjax have uncovered multiple mass credential harvesting campaigns that have recently been targeting cybersecurity companies, government entities, and organisations in a range of other sectors. Reverse engineering these campaigns revealed the attacker’s infrastructure and stolen data store. Throughout July and August 2020, we detected two separate credential harvesting campaigns targeting accounts for

Credential harvesting campaigns target governments and cybersecurity companies Read More »

Scroll to Top