State-sponsored hackers are having a field day; major museums’ get pwned; “can’t believe he’s gone” phishing attacks explode on Facebook; and more from the cybercriminal underbelly
We’ve got good news and bad news for you. The bad: it’s extremely hard for a small business to defend against a determined, well-financed state-sponsored hacking group (see stories below). The good? The vast majority of cybercriminal activity stems from private individuals or groups that are only concerned with money—and, usually, they’re not interested in working very hard to get it.
Common cybercriminals prefer repeatable if imprecise, high-volume attacks which will net a small percentage of unprepared users. The best defense against these types of attacks? Don’t get caught unprepared.
In this edition of Threat Matrix, we round up emerging digital security threats from around the world so you can keep your business safe.
Want to up your defenses more? Take a freecyber security risk assessment to highlight vulnerabilities in your digital network along with tips on addressing them. And be sure to subscribe to our monthly Level Up Security newsletter to get all the latest cyber threats, security tips, information about next-gen tools, and more—delivered right to your inbox.
VF Corp cyberattack could impact 35.5 million customers
VF Corp disclosed a December cyberattack that could have affected up to 35.5 million customers of brands like Vans, North Face, Timberland, and Dickies
The breach followed earlier operational disruptions due to "unauthorized occurrences" in VF Corp's IT systems, potentially involving theft of personal information
Specific details about the stolen data weren't provided, but VF Corp claimed it does not store extremely sensitive data like social security numbers, bank account details, or payment card information, and there's no evidence of password theft
Inside that “I can’t believe he’s gone” phishing scam on Facebook
An emotionally manipulative phishing campaign using posts that claim "I can't believe he is gone," is tricking Facebook users into giving up their FB credentials
The scam, often capitalized by connections’ hacked accounts for a more believable appeal, has amassed a significant number of compromised accounts that further spread these fraudulent posts
The posts link mobile users to a false news site asking for their Facebook information to supposedly view a blurred video; desktop users are redirected to other scams or legitimate sites to obscure the attack
Despite Facebook's efforts to deactivate the malicious links when reported, this particular scam has persisted for about a year, continuously generating new deceptive posts
Iran-linked hacking group targets academics and researchers
The “Mint Sandstorm” group is attacking Middle Eastern affairs specialists across universities and research institutions to compromise systems and steal information
Tied to the Iranian military, Mint Sandstorm (AKA “APT35” and “Charming Kitten”) uses sophisticated social engineering emails to lure victims, often impersonating journalists or researchers
The attacks typically involve sending emails with malicious links under the guise of document collaboration, which leads to the installation of custom backdoor programs, enabling data theft and persistent access
Microsoft's recent advisory highlights the group's focus on collecting intelligence from experts on the Israel-Hamas conflict
Insurance products sold through Upfort are managed by Paladin Data Insurance Corp. (dba Paladin Data Insurance Services in NY and VA, Paladin Data Insurance Solutions in CA), a licensed agency in all 50 states and DC. NPN 18489946. Domiciled in CA - license #0L85595.