A threat group, active for six years, has created an underground marketplace where it sells at least 16 custom tools and an advanced phishing kit to a clientele of at least 500 threat actors.
Attackers sent 120,000 phishing emails to over 100 organizations worldwide between March and June.
Researchers with Microsoft on Wednesday said that the threat actor has used a “highly targeted” social engineering attack to hit 40 global organizations.
Researchers observed 94 new domains associated with a known Russia-linked espionage threat group.
A newly identified phishing and BEC campaign is targeting banks and financial organizations and began with the compromise of a trusted vendor.