phishing
Thwarting attackers in their favorite new playground: Social media
For years, LinkedIn has been utilized by threat actors looking to refine their attacks. From simple spear-phishing attacks to reconnaissance, the professional networking site …
Criminals harvest users’ PI by impersonating popular brands
Hornetsecurity released an Email Threat Review, which cited a decline in Excel attacks, but reported a sharp increase in Intuit phishing attacks. This Help Net Security video …
EvilProxy phishing-as-a-service with MFA bypass emerged on the dark web
Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate advanced phishing campaigns …
0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations
Group-IB has discovered that the recently disclosed phishing attacks on the employees of Twilio and Cloudflare were part of the massive phishing campaign that resulted in …
Ransomware dominates the threat landscape
Acronis researchers have concluded that ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations. Nearly half …
New social engineering tactics discovered in the wild
In this Help Net Security video, Otavio Freire, President and CTO at SafeGuard Cyber, offers insight on new social engineering tactics discovered in the wild, and illustrates …
Response-based attacks make up 41% of all email-based scams
Response-based attacks targeting corporate inboxes have climbed to their highest volume since 2020, representing 41 percent of all email-based scams targeting employees, …
Credential phishing attacks skyrocketing, 265 brands impersonated in H1 2022
Abnormal Security released a report which explores the current email threat landscape and provides insight into the latest advanced email attack trends, including increases in …
How bad actors are utilizing the InterPlanetary File Systems (IPFS)
With the continued rise in adoption of cloud services, bad actors are utilizing the InterPlanetary File System (IPFS) as a new playing ground for phishing attacks. In fact, …
Cisco has been hacked by a ransomware gang
U.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site. …
Which malware delivery techniques are currently favored by attackers?
A wave of cybercriminals spreading malware families – including QakBot, IceID, Emotet, and RedLine Stealer – are shifting to shortcut (LNK) files for email malware delivery. …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users