The cybersecurity firm Mandiant has uncovered a new espionage campaign, dubbed “GhostEye,” that has been targeting organizations in Southeast Asia since at least July of this year. The campaign appears to be focused on stealing sensitive information, though it is unclear who is behind it and what their ultimate goal may be.
According to Mandiant’s report, the attackers behind GhostEye have been using a variety of tactics to infiltrate their targets’ networks. These include spear-phishing emails, which are designed to trick the recipient into clicking on a malicious link or opening a contaminated attachment, as well as the use of trojanized documents that contain malware.
While Mandiant has not definitively attributed the campaign to a specific group, the techniques used suggest that it may be linked to a known state-sponsored threat actor. This is based on the fact that there are similarities between GhostEye and previous state-sponsored campaigns, including those carried out by groups associated with China and North Korea.
The fact that the campaign has been active since at least July suggests that the attackers are highly motivated and well-funded, and that they have the resources to carry out a sustained and sophisticated operation.
Mandiant’s discovery of the GhostEye campaign highlights the ongoing threat posed by state-sponsored hackers and the need for organizations to remain vigilant against the possibility of a cyber attack. As always, the best defense is to practice good cyber hygiene, including strong passwords, careful email scrutiny, and the use of up-to-date security software.Original Article: https://www.infosecurity-magazine.com/news/barracuda-zero-day-exploited/
No products in the cart.