April 18, 2024
Via: Security AffairsIn late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative rights. The attackers employed […]
April 3, 2024
Via: Naked SecurityTo deploy a ransomware attack, adversaries must first gain access to a victim’s corporate environment, devices, and data. Threat actors typically use two main approaches to gain entry: logging in using compromised credentials, i.e., legitimate access data that had previously […]
April 2, 2024
Via: The Hacker NewsThe threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, […]
March 28, 2024
Via: Security WeekAs part of the campaign, tagged to as Operation FlightNight, phishing lures masquerading as an invitation letter from the Indian Air Force were sent to various Indian government entities, including agencies for electronic communications, IT governance, and national defense. The […]
March 27, 2024
Via: TechRadarWith email being the biggest business productivity tool out there, it’s no surprise that it’s also the main vehicle for cybercrime. Email phishing is the most common type of online exploitation, which grew by 173% in Q3 of 2023 compared […]
February 28, 2024
Via: Security AffairsIn the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense. VIPRE Security Group’s latest report, “Email Security […]
February 14, 2024
Via: The RegisterOpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. Specifically, China, Iran, Russia, and North Korea were apparently “querying […]
February 13, 2024
Via: The RegisterThe number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets […]
Threats & Malware, Virus & Malware
February 12, 2024
Via: The RegisterMore than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. This mesh of compromised sites is known as VexTrio, […]
January 30, 2024
Via: DataBreach TodayThe New York attorney general sued the third-largest bank in the United States over its alleged failure to protect consumers from scammers and its refusal to make victims whole after online thieves have plundered their life savings. Manhattan-based Citibank, state […]
January 29, 2024
Via: Tech XploreA new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost. Greatness was developed by a threat actor going by […]
January 25, 2024
Via: Help Net Security1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher education labs, retail bank branches, healthcare providers and other restricted environments […]
January 24, 2024
Via: The RegisterThe idea that AI could generate super-potent and undetectable malware has been bandied about for years – and also already debunked. However, an article published today by the UK National Cyber Security Centre (NCSC) suggests there is a “realistic possibility” […]
Threats & Malware, Virus & Malware
January 12, 2024
Via: The RegisterThe popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security. GitHub says it is used by more than 100 million developers around the world. […]
December 28, 2023
Via: TechRadarLoanCare suffered a data breach last month, which resulted in the theft of sensitive customer data, the insurance service company has confirmed. Roughly 1.3 million people were affected by the breach, the company further explained, as hackers stole people’s full […]
December 14, 2023
Via: The RegisterWhether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack Challenge is a great way of combining festive fun and learning. Who knows, the skills you acquire this holiday […]
December 13, 2023
Via: The RegisterClose to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database. The database is owned and operated by DonorView – provider of a cloud-based fundraising platform used […]
December 8, 2023
Via: The RegisterRussia-backed attackers have named new targets for their ongoing phishing campaigns, with defense-industrial firms and energy facilities now in their sights, according to agencies of the Five Eyes alliance. In a joint security alert issued on Thursday, seven agencies* from […]
November 29, 2023
Via: The RegisterOkta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought. Chief security officer David Bradbury originally said earlier this month that according to the company’s root cause […]
November 8, 2023
Via: SecureWorldSocial engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. The average business faces more than 700 of these types of attacks every single year. Whether manifesting itself in a sophisticated phishing […]