Category: Phishing

November 21, 2022

Palo Alto’s Unit 42 has investigated several incidents linked to the Luna Moth group callback phishing extortion campaign targeting businesses in multiple sectors, including legal and retail. The analysis discovered that the threat actors behind the campaign leverage extortion without […]

November 4, 2022

Preventative medicine has long been recognized as a vital approach in safeguarding our physical health. We take a variety of tests and assessments so that doctors can uncover key biological markers that may indicate the potential development of certain diseases […]

November 2, 2022

The file hosting giant said it learned about the breach on October 14, after being alerted by GitHub. A few weeks earlier, GitHub had warned that some of its users had been targeted in a phishing campaign impersonating the ​​continuous […]

November 1, 2022

Only few details have been shared by the retailer as the investigation is ongoing. The company explained that it became aware of unauthorized access to some data after an employee was targeted in a ‘phishing scam’ in October. The hacker […]

October 27, 2022

Check Point Research has published its Brand Phishing Report for Q3 2022, which highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during July, August and September. Most […]

October 11, 2022

PaaS risks Phishing-as-a-service has become a growing threat to organizations. How exactly does this trend work? Phishing attacks have only grown with the rise of SaaS in the workplace, and even the most security-savvy worker can be duped into a […]

October 7, 2022

In what’s a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create “realistic desktop phishing applications.” Application Mode is designed to offer native-like experiences in a manner that […]

October 7, 2022

On a mission to enable secure and trusted crypto transactions, Notabene launched SafePII, an end-to-end Encrypted Escrow Service for personally identifiable information (PII), created explicitly for Travel Rule compliant transfers. This launch is the latest addition to Notabene’s comprehensive bank-grade […]

October 4, 2022

HackNotice has added continuous phishing capability that educates employees about phishing and social engineering attacks while helping businesses to achieve cybersecurity compliance. HackNotice’s phishing helps people understand and recognize the different types of attacks threat actors can deploy. Writing, sending, […]

September 30, 2022

YouMail, the leading provider of call protection services for consumers, enterprises, and service providers, and WMC Global, a 16-year leader in mobile threat intelligence, today announced their joint cybersecurity intelligence solution that safeguards against voice and SMS phishing scams. The […]

September 26, 2022

The APWG’s Phishing Activity Trends Report reveals that in the second quarter of 2022, the APWG observed 1,097,811 total phishing attacks — the worst quarter for phishing that APWG has ever observed. The total for June was 381,717 attacks or […]

September 20, 2022

Financial technology firm Revolut has suffered a cyberattack that saw sensitive client information accessed by threat actors. The company has confirmed the “highly targeted” attack, which saw hackers gain access to internal systems through phishing, rather than malware(opens in new […]

September 14, 2022

Phishers are looking to trick owners of Facebook pages with fake notices from the social network (i.e., Meta, the company behind Facebook, Instagram and WhatsApp), in an attempt to get them to part with sensitive information. The method they are […]

September 6, 2022

Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns targeting users worldwide. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in […]

September 1, 2022

Security researchers have identified a previously unknown group dubbed “JuiceLedger” as the threat actor behind a recent and first-known phishing campaign specifically targeting users of the Python Package Index (PyPI). The threat actor first surfaced early this year and is […]

August 30, 2022

A phishing campaign is targeting users of the Python Package Index (PyPI) by threatening to remove their code packages if they don’t put it through a bogus validation process, PyPI administrators have warned. PyPI administrators are alerting users about the […]

August 29, 2022

Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign that resulted in 9,931 accounts at over 130 organizations being compromised. The campaigns are tied to focused abuse of identity and access management firm Okta, which […]

August 27, 2022

Food delivery firm DoorDash says its customer and employees’ data was compromised by the recent phishing attack on its third-party service provider. DoorDash says it experienced “unusual and suspicious activity” on its third-party vendor’s computer network that was a victim […]

August 26, 2022

The threat actors behind the attacks on Twilio and Cloudflare have been linked to a large-scale phishing campaign that targeted 136 organizations, security firm Group-IB reported. Most of the victims are organizations providing IT, software development, and cloud services. The […]

August 25, 2022

Acronis researchers have concluded that ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations. Nearly half of all reported breaches during the first half of 2022 involved stolen credentials, which enable phishing and […]