phishing
Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands …
Scammers steal millions from FTX, BlockFi claimants
Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to …
APT29 hit German political parties with bogus invites and malware
APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to …
US organizations targeted with emails delivering NetSupport RAT
Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection …
Attackers are targeting financial departments with SmokeLoader malware
Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration …
Image-based phishing tactics evolve
While 70% of organizations feel their current security stacks are effective against image-based and QR code phishing attacks, 76% were still compromised in the last 12 months, …
10 free cybersecurity guides you might have missed
This collection of free cybersecurity guides covers a broad range of topics, from resources for developing cybersecurity programs to specific guides for various sectors and …
Hundreds of orgs targeted with emails aimed at stealing NTLM authentication hashes
A threat actor specializing in establishing initial access to target organizations’ computer systems and networks is using booby-trapped email attachments to steal …
Phishers target FCC, crypto holders via fake Okta SSO pages
A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users …
95% believe LLMs making phishing detection more challenging
More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI …
Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT
76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocket following the launch of ChatGPT, according to Enea. …
European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack
Pepco Group has confirmed that its Hungarian business has been hit by a “sophisticated fraudulent phishing attack.” The European company, which operates shops …