September 6, 2023
Via: The Hacker NewsA previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. “The threat actor created a hidden underground market, named W3LL Store, that served a closed community […]
Cyber-crime, Malware, Phishing
September 1, 2023
Via: The Hacker NewsA new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and […]
August 10, 2023
Via: The Hacker NewsInterpol has announced the takedown of a phishing-as-a-service (PhaaS) platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing […]
August 10, 2023
Via: The Hacker NewsThreat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft […]
August 2, 2023
Via: The Hacker NewsA sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce’s email services, allowing threat actors to craft targeted phishing messages using the company’s domain and infrastructure. “Those phishing campaigns cleverly evade conventional detection methods by chaining […]
July 28, 2023
Via: The Hacker NewsThe Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the […]
June 9, 2023
Via: The Hacker NewsBanking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. “The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks […]
Cyber warfare, Cyber-crime, Phishing
May 18, 2023
Via: Dark ReadingCyber espionage attacks against organizations in Taiwan have surged against the backdrop of recent political tensions, new research shows. Trellix this week cited a fourfold rise in malicious phishing emails targeting Taiwanese companies between April 7 and 10 of this […]
April 17, 2023
Via: The Hacker NewsA Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group […]
April 5, 2023
Via: The Hacker NewsA North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google’s Threat Analysis Group (TAG) is tracking the cluster under the […]
Cyber warfare, Cyber-crime, Phishing
March 31, 2023
Via: The Hacker NewsThe Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, […]
March 27, 2023
Via: SecurelistThe idea of creating Web 3.0 has been around since the end of 2000s. The new version of the world wide web should repair the weak points of Web 2.0., some of which are: featureless content, prevalence of proprietary solutions, […]
March 20, 2023
Via: CSO OnlineThe emergence of effective natural language processing tools such as ChatGPT means it’s time to begin understanding how to harden against AI-enabled cyberattacks. The natural language generation capabilities of large language models (LLMs) are a natural fit for one of […]
March 8, 2023
Via: Help Net Security92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress. Not surprisingly, 99% of cybersecurity leaders confess to being stressed about […]
March 2, 2023
Via: Tech RadarA new phishing campaign hs been discovered targeting cryptocurrency hardware wallet firm Trezor. These wallets allow crypto users to store their funds offline, rather than in a “hot wallet” (a mobile or desktop app), or with a third party (an […]
March 1, 2023
Via: SecureWorldWhen it comes to cybersecurity, the use of automatic protection tools is half the battle. The human element plays an increasingly important role, as well, and for good reason. Scammers like to take shortcuts and know that it’s easier to […]
February 21, 2023
Via: The Hacker NewsPopular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its “cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer […]
February 16, 2023
Via: SecurelistFigures of the year In 2022: 48.63% of all emails around the world and 52.78% of all emails in the Russian segment of the internet were spam As much as 29.82% of all spam emails originated in Russia Kaspersky Mail […]
February 13, 2023
Via: Help Net SecurityA surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal information or sharing their crypto wallet’s secret recovery phrase. How did it happen? According to […]
February 10, 2023
Via: The Hacker NewsPopular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on […]