top of page
ALL POSTS
UNC3753 Escalates Campaign Against US Legal Firms: Vishing, Remote Access Tools, and Physical Intrusions
Key Findings UNC3753 (Luna Moth, Chatty Spider, Silent Ransom Group) conducted extortion campaign targeting US legal, financial, and professional services firms from January to May 2026 Attack chain relies entirely on social engineering and voice phishing with no malware or ransomware involved Threat actors escalated tactics to include physical office intrusions where operatives pose as IT technicians and insert USB drives to steal data Stolen data typically includes tax reco
Jun 83 min read
Mandiant Finds ShinyHunters Using Vishing to Steal MFA and Breach SaaS Platforms
Key Findings Mandiant has identified an "expansion in threat activity" using tactics consistent with extortion-themed attacks orchestrated by the ShinyHunters hacking group The attacks leverage advanced voice phishing (vishing) and fake credential harvesting sites to gain unauthorized access to victim environments by collecting sign-on (SSO) credentials and multi-factor authentication (MFA) codes The end goal is to target cloud-based software-as-a-service (SaaS) applications
Feb 12 min read
bottom of page
