Diplomatic targets
-
Iranian-aligned group linked to multi-wave spear-phishing targeting embassies worldwide, researchers say
An Iran-linked threat group is behind a coordinated, multi-wave spear-phishing campaign targeting embassies and consulates worldwide, using VBA macro payloads to deploy malware, according to researchers.
-
State-sponsored XenoRAT campaign targets South Korean embassies, researchers say
A Trellix-led analysis describes a multi-phase, state-sponsored XenoRAT espionage campaign targeting South Korean embassies, with links to North Korea’s Kimsuky and indications of possible China-based sponsorship. The operation has conducted at least 19 spearphishing attacks since March, delivering XenoRAT via password-protected ZIP archives and complex, multilingual lures.
