phishing - Security Ticks

Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals

cybercriminals, cybersecurity, Darktrace, News, phishing, Ransomware, report, threat / SecurityTicks

Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals 2024-08-09 at 07:32 By Help Net Security The sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities and evade detection, according to Darktrace. Subscription-based tools such as Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have also lowered the barrier-to-entry […]

React to this headline:

Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals Read More »

Microsoft 365 anti-phishing alert “erased” with one simple trick

Certitude, Don't miss, email security, Microsoft 365, News, Outlook, phishing / SecurityTicks

Microsoft 365 anti-phishing alert “erased” with one simple trick 2024-08-08 at 16:01 By Zeljka Zorz Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. “When an Outlook user receives an e-mail from an address they don’t typically communicate with, Outlook shows an

React to this headline:

Microsoft 365 anti-phishing alert “erased” with one simple trick Read More »

Double Trouble: Latrodectus and ACR Stealer observed spreading via Google Authenticator Phishing Site

phishing / SecurityTicks

Double Trouble: Latrodectus and ACR Stealer observed spreading via Google Authenticator Phishing Site 2024-08-08 at 15:31 By Cyble Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) recently discovered a phishing site—“googleaauthenticator.com”—cleverly crafted to resemble an official Google Safety Centre. The website’s design mimics the authentic appearance of a legitimate Google service, aiming to deceive

React to this headline:

Double Trouble: Latrodectus and ACR Stealer observed spreading via Google Authenticator Phishing Site Read More »

AI-fueled phishing scams raise alarm ahead of U.S. presidential election

Bolster, election security, Government, News, phishing, report, scams, spam, threats / SecurityTicks

AI-fueled phishing scams raise alarm ahead of U.S. presidential election 2024-08-06 at 06:01 By Help Net Security Highlighting growth of phishing and digital scams targeting United States citizens, Bolster released a research that identified 24 separate nation-state threat actor groups attempting to exploit rising political tensions across the US to interfere with the 2024 presidential

React to this headline:

AI-fueled phishing scams raise alarm ahead of U.S. presidential election Read More »

Threat Actors Exploit Sora AI-themed Branding to Spread Malware

Malware, phishing / SecurityTicks

Threat Actors Exploit Sora AI-themed Branding to Spread Malware 2024-07-31 at 20:01 By Cyble Key Takeaways Overview After exfiltrating data, TAs deploy open-source mining software like XMRig and lolMiner, indicating a dual objective of both data theft and cryptocurrency mining to monetize their activities further. In February, OpenAI introduced Sora, an advanced AI model set

React to this headline:

Threat Actors Exploit Sora AI-themed Branding to Spread Malware Read More »

Phishing Campaign Exploited Proofpoint Email Protections for Spoofing

EchoSpoofing, email security, phishing, Proofpoint, spoofing / SecurityTicks

Phishing Campaign Exploited Proofpoint Email Protections for Spoofing 2024-07-29 at 21:46 By Ionut Arghire Threat actors have exploited Proofpoint’s email protection service to deliver millions of spoofed phishing emails. The post Phishing Campaign Exploited Proofpoint Email Protections for Spoofing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Phishing Campaign Exploited Proofpoint Email Protections for Spoofing Read More »

Microsoft 365 users targeted by phishers abusing Microsoft Forms

Adobe, Don't miss, Hot stuff, Microsoft 365, News, Perception Point, phishing / SecurityTicks

Microsoft 365 users targeted by phishers abusing Microsoft Forms 2024-07-29 at 12:16 By Zeljka Zorz There has been an uptick in phishing campaigns leveraging Microsoft Forms this month, aiming to trick targets into sharing their Microsoft 365 login credentials. A malicious Microsoft form (Source: Perception Point) Malicious forms leading to phishing pages impersonating Microsoft 365

React to this headline:

Microsoft 365 users targeted by phishers abusing Microsoft Forms Read More »

Network of ghost GitHub accounts successfully distributes malware

automa, Check Point, Don't miss, GitHub, Hot stuff, Malware, News, phishing / SecurityTicks

Network of ghost GitHub accounts successfully distributes malware 2024-07-24 at 17:31 By Zeljka Zorz Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and operated by a threat group the researchers dubbed as Stargazer Goblin, the “Stargazers Ghost Network” is estimated encompass

React to this headline:

Network of ghost GitHub accounts successfully distributes malware Read More »

The changes in the cyber threat landscape in the last 12 months

Artificial Intelligence, BEC scams, cybercrime, cybercriminals, dark web, Don't miss, EU, Europol, extortion, fraud, Hot stuff, News, phishing, Ransomware, sextortion / SecurityTicks

The changes in the cyber threat landscape in the last 12 months 2024-07-23 at 14:31 By Zeljka Zorz When it comes to the cyber threat landscape, change is the only constant: the inevitable interplay between cybercriminals and law enforcement agencies makes it inevitable. Europol’s recently released Internet Organised Crime Threat Assessment (IOCTA) 2024 report covers

React to this headline:

The changes in the cyber threat landscape in the last 12 months Read More »

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

CrowdStrike, Don't miss, Hot stuff, Microsoft, News, Orca Security, phishing, tech support scam, Trend Micro, virtualization, Windows, Windows Server / SecurityTicks

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update 2024-07-22 at 15:16 By Zeljka Zorz By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows

React to this headline:

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update Read More »

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

CrowdStrike, Malware, Malware & Threats, phishing, scam / SecurityTicks

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams 2024-07-22 at 13:47 By Eduard Kovacs The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams Read More »

Using Authy? Beware of impending phishing attempts

2FA, API security, authentication, CCC, cloud security, Data leak, Don't miss, Hot stuff, MFA, News, phishing, Twilio / SecurityTicks

Using Authy? Beware of impending phishing attempts 2024-07-11 at 15:46 By Zeljka Zorz Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops the

React to this headline:

Using Authy? Beware of impending phishing attempts Read More »

Regional Transport Office Phishing Scam Targets Android Users In India

phishing / SecurityTicks

Regional Transport Office Phishing Scam Targets Android Users In India 2024-07-09 at 10:31 By Neetha Key Takeaways Overview Since 2021, India has faced an ongoing cyber threat involving Android malware specifically targeting bank customers. Threat actors initially distributed this malware through SMS messages containing phishing links, which directed users to download malicious Android applications. Themes

React to this headline:

Regional Transport Office Phishing Scam Targets Android Users In India Read More »

Hacked Ethereum Foundation Account Used to Send 35,000 Phishing Emails

Cryptocurrency, cryptomining, Data Breaches, Ethereum, phishing / SecurityTicks

Hacked Ethereum Foundation Account Used to Send 35,000 Phishing Emails 2024-07-08 at 19:01 By Ionut Arghire A threat actor sent over 35,000 phishing emails after hacking into Ethereum Foundation’s account on a mailing list platform. The post Hacked Ethereum Foundation Account Used to Send 35,000 Phishing Emails appeared first on SecurityWeek. This article is an

React to this headline:

Hacked Ethereum Foundation Account Used to Send 35,000 Phishing Emails Read More »

Malware Sandbox Any.Run Targeted in Phishing Attack

Any.Run, phishing / SecurityTicks

Malware Sandbox Any.Run Targeted in Phishing Attack 2024-06-25 at 13:16 By Eduard Kovacs Employees of the Any.Run malware analysis service were recently targeted in a phishing attack that was part of a BEC campaign. The post Malware Sandbox Any.Run Targeted in Phishing Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Malware Sandbox Any.Run Targeted in Phishing Attack Read More »

Rising Wave of QR Code Phishing Attacks: Chinese Citizens Targeted Using Fake Official Documents

phishing / SecurityTicks

Rising Wave of QR Code Phishing Attacks: Chinese Citizens Targeted Using Fake Official Documents 2024-06-18 at 18:16 By Neetha Key Takeaways Overview In the evolving landscape of cyber threats, a new vector has emerged, exploiting the ubiquitous QR codes to lure unsuspecting users into phishing traps. Recently, there has been a significant uptick in malicious

React to this headline:

Rising Wave of QR Code Phishing Attacks: Chinese Citizens Targeted Using Fake Official Documents Read More »

90% of threats are social engineering

APT, Avast, cybersecurity, Don't miss, Gen, Hot stuff, Malware, phishing, Ransomware, scams, social engineering, threats, Video / SecurityTicks

90% of threats are social engineering 2024-06-06 at 06:32 By Help Net Security In this Help Net Security video, Jakub Kroustek, Malware Research Director at Gen, discusses the Avast Q1 2024 Threat Report. The report highlights significant trends and incidents in cybersecurity. Key findings include: Surge in social engineering attacks: Nearly 90% of threats blocked

React to this headline:

90% of threats are social engineering Read More »

How fraudsters stole $37 million from Coinbase Pro users

account hijacking, Coinbase, Don't miss, fraud, Hot stuff, News, phishing, remote access, social engineering, USA / SecurityTicks

How fraudsters stole $37 million from Coinbase Pro users 2024-05-29 at 13:46 By Zeljka Zorz A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users. One of them – Chirag Tomar, a 30-year-old citizen of the Republic of India – has

React to this headline:

How fraudsters stole $37 million from Coinbase Pro users Read More »

Bolster Raises $14 Million for AI-Powered Phishing Protection

Cybersecurity Funding, funding, phishing / SecurityTicks

Bolster Raises $14 Million for AI-Powered Phishing Protection 2024-05-23 at 16:17 By Ionut Arghire Bolster has raised $14 million in Series B funding for technology integrations for its AI-powered phishing protection platform. The post Bolster Raises $14 Million for AI-Powered Phishing Protection appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Bolster Raises $14 Million for AI-Powered Phishing Protection Read More »

Phishing statistics that will make you think twice before clicking

Cofense, cybercrime, Don't miss, Egress, Hot stuff, Ironscales, LastPass, News, Osterman Research, phishing, Proofpoint, report, survey, VIPRE Security, Zscaler / SecurityTicks

Phishing statistics that will make you think twice before clicking 2024-05-21 at 07:01 By Help Net Security This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape. AI-driven phishing attacks deceive even the most aware users Zscaler | Zscaler ThreatLabz 2024 Phishing Report | May 2024 In 2023,

React to this headline:

Phishing statistics that will make you think twice before clicking Read More »