Cybercriminals are increasingly using a precise, targeted approach called ‘whaling’ to gain sensitive information or exploit high-profile individuals within businesses. The practice is similar to spear-phishing, relying on impersonation and social engineering tactics to deceive victims into revealing confidential information or performing unauthorised transactions. Measures such as employee education, multi-factor authentication, and robust security protocols can help protect against these attacks.

Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells
The Lazarus group has launched sophisticated attacks on South Korean web servers, deploying ASP-based web shells as first-stage Command and Control (C2) servers. These attacks,