All articles tagged with #spearphishing
Within 48 hours of Microsoft issuing an urgent Office patch for CVE-2026-21509, the Russian-state group APT28 launched a fast, in-memory, fileless campaign that installed new backdoors (BeardShell and NotDoor) via staged spear-phishing across nine countries, targeting defense ministries, transportation operators, and diplomatic entities, with command-and-control hosted on legitimate cloud services to evade detection.
The FBI has issued a warning to email users about Business Email Compromise (BEC) and spearphishing scams, which can lead to financial damage and the loss of confidential information. Spearphishing attacks are particularly dangerous as they target specific victims and include information that the victim will be interested in. The FBI advises caution with business emails and double-checking the sender's email address. If you fall victim to a BEC scam, contact your financial institution immediately and report the crime to the FBI.