Top
item
Advertisement

Tag: Phishing


Cyber-crime, Phishing

FIN7 targeted a large U.S. carmaker with phishing attacks

April 18, 2024

Via: Security Affairs

In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative rights. The attackers employed […]


Cyber-crime, Malware

Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector

April 3, 2024

Via: Naked Security

To deploy a ransomware attack, adversaries must first gain access to a victim’s corporate environment, devices, and data. Threat actors typically use two main approaches to gain entry: logging in using compromised credentials, i.e., legitimate access data that had previously […]


Cyber-crime, Phishing

Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors

April 2, 2024

Via: The Hacker News

The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, […]


Cyber-crime, Phishing

Cyberespionage Campaign Targets Government, Energy Entities in India

March 28, 2024

Via: Security Week

As part of the campaign, tagged to as Operation FlightNight, phishing lures masquerading as an invitation letter from the Indian Air Force were sent to various Indian government entities, including agencies for electronic communications, IT governance, and national defense. The […]


Email security, Security

5 ways to improve email security

March 27, 2024

Via: TechRadar

With email being the biggest business productivity tool out there, it’s no surprise that it’s also the main vehicle for cybercrime. Email phishing is the most common type of online exploitation, which grew by 173% in Q3 of 2023 compared […]


Email security, Security

Unmasking 2024’s Email Security Landscape

February 28, 2024

Via: Security Affairs

In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense. VIPRE Security Group’s latest report, “Email Security […]


Network security, Security

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things

February 14, 2024

Via: The Register

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. Specifically, China, Iran, Russia, and North Korea were apparently “querying […]


Cyber-crime, Malware

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

February 13, 2024

Via: The Register

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets […]


Threats & Malware, Virus & Malware

Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud

February 12, 2024

Via: The Register

More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. This mesh of compromised sites is known as VexTrio, […]


Cyber-crime, Phishing

New York AG Sues Citibank for Poor Phishing Protections

January 30, 2024

Via: DataBreach Today

The New York attorney general sued the third-largest bank in the United States over its alleged failure to protect consumers from scammers and its refusal to make victims whole after online thieves have plundered their life savings. Manhattan-based Citibank, state […]


Cyber-crime, Phishing

Microsoft 365 users need to be on their guard — new phishing campaign could cause some serious damage, and it’s being offered for sale for barely nothing to lure new criminals in

January 29, 2024

Via: Tech Xplore

A new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost. Greatness was developed by a threat actor going by […]


Access control, Security

1Kosmos BlockID 1Key secures users in restricted environments

January 25, 2024

Via: Help Net Security

1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher education labs, retail bank branches, healthcare providers and other restricted environments […]


Network security, Security

GCHQ’s NCSC warns of ‘realistic possibility’ AI will help state-backed malware evade detection

January 24, 2024

Via: The Register

The idea that AI could generate super-potent and undetectable malware has been bandied about for years – and also already debunked. However, an article published today by the UK National Cyber Security Centre (NCSC) suggests there is a “realistic possibility” […]


Threats & Malware, Virus & Malware

So, are we going to talk about how GitHub is an absolute boon for malware, or nah?

January 12, 2024

Via: The Register

The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security. GitHub says it is used by more than 100 million developers around the world. […]


Data loss, Threats & Malware

Another top US mortgage firm reveals a major data breach, over a million customers affected

December 28, 2023

Via: TechRadar

LoanCare suffered a data breach last month, which resulted in the theft of sensitive customer data, the insurance service company has confirmed. Roughly 1.3 million people were affected by the breach, the company further explained, as hackers stole people’s full […]


Network security, Security

The SANS Holiday Hack Challenge is back!

December 14, 2023

Via: The Register

Whether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack Challenge is a great way of combining festive fun and learning. Who knows, the skills you acquire this holiday […]


Data loss, Threats & Malware

Nearly a million non-profit donors’ details left exposed in unsecured database

December 13, 2023

Via: The Register

Close to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database. The database is owned and operated by DonorView – provider of a cloud-based fundraising platform used […]


Cyber-crime, Phishing

Five Eyes nations warn Moscow’s mates at the Star Blizzard gang have new phishing targets

December 8, 2023

Via: The Register

Russia-backed attackers have named new targets for their ongoing phishing campaigns, with defense-industrial firms and energy facilities now in their sights, according to agencies of the Five Eyes alliance. In a joint security alert issued on Thursday, seven agencies* from […]


Data loss, Threats & Malware

Okta data breach dilemma dwarfs earlier estimates

November 29, 2023

Via: The Register

Okta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought. Chief security officer David Bradbury originally said earlier this month that according to the company’s root cause […]


Cyber-crime, Malware

The Impact of AI on Social Engineering Cyber Attacks

November 8, 2023

Via: SecureWorld

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. The average business faces more than 700 of these types of attacks every single year. Whether manifesting itself in a sophisticated phishing […]