// #spear-phishing
3 articles
Meta Files Contempt Motion Against NSO Group Over WhatsApp Spear-Phishing Attack on Journalists
Meta has filed a federal contempt motion against NSO Group alleging the Israeli spyware vendor violated a 2021 court order by deploying new WhatsApp-based spear-phishing infrastructure targeting journalists and human rights defenders. The case highlights the persistent challenge of enforcement against commercial spyware vendors whose products operate outside regulatory frameworks.
NASA OIG: Chinese Spear-Phishing Campaign Targeted Defence Software Over Four Years
A newly released NASA OIG report details a sustained Chinese spear-phishing operation by Song Wu that targeted NASA, DoD contractors, and universities to steal defence software source code. The campaign ran from 2017 to 2021 — a defence supply chain IP theft template that remains relevant today.
UAC-0255 Impersonates CERT-UA to Target Ukrainian Government, Healthcare, and Finance
Russian-linked threat actor UAC-0255 launched a targeted phishing campaign on 26–27 March posing as CERT-UA, Ukraine's national computer emergency response team, to deliver malware to state organisations, medical centres, financial institutions, and software development companies. The campaign uses CERT-UA brand authority to lower recipient suspicion of archive attachments containing remote access implants.