The Ghostwriter Advanced Persistent Threat (APT) group has targeted Ukrainian government and Belarusian opposition groups since 2024, using sophisticated cyber-espionage methods. The group uses weaponized Excel files with malicious macros to deliver malware payloads. Ghostwriter, linked to Belarus’s government, employs phishing emails and lures victims into enabling macros, eventually deploying a downloader malware variant known as PicassoLoader. Specific tactics include creating decoy Excel files and verifying client profiles to ensure only intended victims receive harmful payloads.
M&S issues update as crippling nationwide IT outage still ongoing – The Sun
Marks & Spencer (M&S) halted online orders in the UK and Ireland following a cyber attack, leading to a 5% drop in share price. Physical
