"Russian intelligence-affiliated parties are posing as customer support services on commercial messaging applications such as Signal to compromise accounts and conduct phishing attacks, targeting individuals with high intelligence value like former government officials and military figures."
"The attackers send messages advising users of 'suspicious activity' related to their accounts and urge clicking a link to conduct a verification process, which can lead to account takeover if users submit credentials or a 2FA code."
"The US Department of Justice has seized domains associated with the Iran-linked group behind the cyberattack on med-tech firm Stryker, which was executed through a vulnerability in Microsoft Intune."
Russian intelligence-affiliated parties are impersonating customer support on messaging applications like Signal to compromise accounts and execute phishing attacks. The targets include individuals with high intelligence value, such as former government officials and journalists. Attackers send messages about 'suspicious activity' and prompt users to click links for verification, leading to account takeover. The FBI and CISA have issued warnings and standard anti-phishing recommendations. Separately, the US Department of Justice seized domains linked to an Iranian group responsible for a cyberattack on med-tech firm Stryker, which disrupted operations and targeted Israeli Defense Force members.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]