Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Red Cross. Show all posts

AtlasCross Hackers Target Organizations with Red Cross Phishing Lures

A new hacking group called AtlasCross is targeting organizations with phishing lures impersonating the American Red Cross. The group uses macro-enabled Word documents to deliver backdoor malware to victims' devices.

The phishing emails typically contain a link to a malicious website or an attachment containing a macro-enabled Word document. If the victim opens the attachment and enables macros, the malware will be installed on their device.

The malware used by AtlasCross is called DangerAds and AtlasAgent. DangerAds is a system profiler and malware loader, while AtlasAgent is a backdoor that allows attackers to remotely control the victim's device.

Once the attackers have control of the victim's device, they can steal sensitive data, such as login credentials, financial information, and trade secrets. They can also use the device to launch further attacks against other organizations.

Bill Toulas, CEO of NSS Labs, aptly notes, "The AtlasCross phishing campaign is a reminder that even the most sophisticated organizations can be targeted by cybercriminals. It is important to be vigilant and take steps to protect yourself from these attacks."

How to protect your organization from AtlasCross phishing attacks:

  • Exercise Caution with Unsolicited Emails: Especially those bearing attachments or links.
  • Scrutinize Known Senders: Verify email addresses to confirm legitimacy.
  • Exercise Restraint with Unknown Emails: Refrain from opening attachments or clicking links if authenticity is in doubt.
  • Disable Macros in Microsoft Office: Unless they are absolutely essential, it's prudent to keep macros disabled to thwart potential malware delivery.
  • Maintain Updated Software: Ensure your operating system, web browser, and antivirus software are up-to-date, as these updates frequently contain vital security patches.

Organizations can take the following steps to augment their defense against AtlasCross phishing campaigns:
  • Employee Education: Provide thorough training on recognizing and evading phishing attempts, as employees are the first line of defense.
  • Utilize a Robust Security Solution: Employ a solution adept at detecting and thwarting phishing emails based on various indicators.
  • Segment Your Network: Isolate devices to prevent easy lateral movement in case of a compromise.
  • Enforce Stringent Password Policies: Implement multi-factor authentication to bolster device and account security.
Global organizations and individuals are seriously threatened by the AtlasCross hacking group. The aforementioned advice can help you safeguard yourself from phishing attempts. It is significant to remember that there is a possibility that you could fall victim to a phishing assault even if you take all necessary safeguards. Cybercriminals are continually creating new phishing attack methods as they get more proficient.

.



Red Cross asks the Government to take Preventive Measures on Cyberattacks against Health Departments


Currently, while the whole world is struggling to fight against the coronavirus epidemic, cyberattacks have increased in numbers, targeting health departments like hospitals, research centers, and WHO. According to Reuters, "the Red Cross called for an end to cyberattacks on healthcare and medical research facilities during the coronavirus pandemic, in a letter published Tuesday and signed by a group of political and business figures."

Due to this, a group of 42 top world leaders have come together and requested the Government to take some immediate actions on the increasing attacks against the healthcare institutions. Among the members, there is Madeleine Albright, ex U.S Secretary of State and Brad Smith, president, Microsoft. Peter Maurer, President of International Red Cross Society, says the Government should take some swift measures and step-up to stop these attacks. He hopes that the Government is willing to commit to international obligations to prevent these attacks. He has asked for international cooperation from various health departments to combat this problem. It can be a severe problem for war-stricken countries where the conditions of healthcare departments are already deteriorating, and these cyberattacks will make things even worse.

The various leaders have asked the Government to work side by side with civil society. It comes after the news of cyberattacks on healthcare institutes came out. Ransomware was one of the attacks, that jammed the computers and infected the healthcare systems. It affected the healthcare institutes' functioning, like treating the patients, research, and various tests. Last month, incidents of the cyberattack on health institutes were reported by the Czech Republic government. Another event appeared where the DarkHotel hacking group attacked WHO.

News of various countries reporting attacks on healthcare systems also emerged, where the records of COVID-19 patients were stolen along with lab tests data. "Over the last several months, cybercriminals have targeted hospitals with computer viruses, usually in schemes to extort or hold their data ransom. More sophisticated hacking groups, such as those associated with governments, have also targeted medical research centers to steal valuable data about COVID-19 treatments," reports Reuters on its website.