phishing
Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing …
Phishing campaigns thrive as evasive tactics outsmart conventional detection
A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and …
How APTs target SMBs
Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s …
Company size doesn’t matter when it comes to cyberattacks
65% of organizations in the enterprise sector suffered a cyberattack within the last 12 months, which is similar to the results among companies of all sizes (68%), according …
Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low …
Threat actors exploit new channels for advanced phishing attacks
Perception Point’s team has identified a 356% increase in the number of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of …
Cybercriminals masquerading as MFA vendors
Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based …
Phishing campaign targets ChatGPT users
A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted …
Greatness phishing-as-a-service threatens Microsoft 365 users
Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new …
Think your data has no value? Scammers disagree
In the first quarter of 2023 there was a significant increase in cyberattacks exploiting trust in established tech brands Microsoft and Adobe, according to Avast. The Avast …
ChatGPT and other AI-themed lures used to deliver malicious software
“Since the beginning of 2023 until the end of April, out of 13,296 new domains created related to ChatGPT or OpenAI, 1 out of every 25 new domains were either malicious …
Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope. On average, five out …