2024 phishing trends tell us what to expect in 2025 2025-02-27 at 14:18 By Zeljka Zorz Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been […]
React to this headline:
2024 phishing trends tell us what to expect in 2025 Read More »
Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand 2025-02-20 at 13:35 By Zeljka Zorz A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety
React to this headline:
Russian State Hackers Target Organizations With Device Code Phishing 2025-02-17 at 14:49 By Ionut Arghire Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
React to this headline:
Russian State Hackers Target Organizations With Device Code Phishing Read More »
BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites 2025-02-13 at 06:19 By rohansinhacyblecom Key Takeaways Overview On January 31, 2025, Cyble Research and Intelligence Labs (CRIL) identified a sample lnat-tv-pro.apk (13341c5171c34d846f6d0859e8c45d8a898eb332da41ab62bcae7519368d2248) being distributed via a phishing site “hxxps://tvipguncelpro[.]com/” impersonating iNat TV – online streaming platform from Turkey posing a serious threat to unsuspecting
React to this headline:
BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites Read More »
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams 2025-02-06 at 13:26 By Eduard Kovacs Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. The post Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
React to this headline:
Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams Read More »
DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks 2025-01-30 at 15:20 By rohansinhacyblecom Overview DeepSeek is a Chinese artificial intelligence company that has developed open-source large language models (LLMs). In January 2025, DeepSeek launched its first free chatbot app, “DeepSeek – AI Assistant”, which rapidly became the most downloaded free app on
React to this headline:
DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks Read More »
Europeans targeted with new Tor-using backdoor and infostealers 2025-01-28 at 15:04 By Zeljka Zorz A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that leverages the Tor network to evade detection. The phishing email The attacker sends out fake money transfer confirmations
React to this headline:
Europeans targeted with new Tor-using backdoor and infostealers Read More »
Malicious actors’ GenAI use has yet to match the hype 2025-01-14 at 17:08 By Zeljka Zorz Generative AI has helped lower the barrier for entry for malicious actors and has made them more efficient, i.e., quicker at creating convincing deepfakes, mounting phishing campaigns and investment scams, the most recent report by the Cyber Threat Alliance
React to this headline:
Malicious actors’ GenAI use has yet to match the hype Read More »
The top target for phishing campaigns 2025-01-08 at 06:53 By Help Net Security Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users clicked on phishing lures at a rate nearly three times higher than in 2023, according to Netskope. More than
React to this headline:
The top target for phishing campaigns Read More »
How AI and deepfakes are redefining social engineering threats 2025-01-07 at 06:04 By Help Net Security This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated. Cybercriminals exploit file sharing services to advance phishing attacks
React to this headline:
How AI and deepfakes are redefining social engineering threats Read More »
Users receive at least one advanced phishing link every week 2025-01-06 at 06:37 By Help Net Security Phishing remains one of the most significant cyber threats impacting organizations worldwide, according to SlashNext. Credential phishing is raising Credential theft attacks surged dramatically in the second half of 2024 (703%), signaling a sharp escalation in the use
React to this headline:
Users receive at least one advanced phishing link every week Read More »
When risky cybersecurity behavior becomes a habit among employees 2025-01-02 at 07:37 By Help Net Security While the majority of employees avoid risky behaviors, a small subset makes them a habit, posing a significant cybersecurity challenge, according to Mimecast. 48% of employees engaged in behaviors that exposed their organizations to cyber risk, with browsing violations
React to this headline:
When risky cybersecurity behavior becomes a habit among employees Read More »
iOS devices more exposed to phishing than Android 2024-12-26 at 06:07 By Help Net Security The mobile threat landscape continues to grow at an alarming rate as cybercrime groups shift their tactics and target mobile devices in the early stages of their attacks, according to a recent Lookout report. The report highlights insights behind a
React to this headline:
iOS devices more exposed to phishing than Android Read More »
European companies hit with effective DocuSign-themed phishing emails 2024-12-18 at 14:07 By Zeljka Zorz A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers. The phishing campaign The attack started earlier this
React to this headline:
European companies hit with effective DocuSign-themed phishing emails Read More »
MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has
React to this headline:
MUT-1244 targeting security researchers, red teamers, and threat actors Read More »
Businesses plagued by constant stream of malicious emails 2024-12-09 at 06:03 By Help Net Security 36.9% of all emails received by businesses (20.5 billion) in 2024 were unwanted, according to Hornetsecurity’s analysis of 55.6+ billion emails processed through their security services between November 1, 2023 and October 31, 2024 – and 2.3% of those contained
React to this headline:
Businesses plagued by constant stream of malicious emails Read More »
Law enforcement shuts down Manson Market cybercrime marketplace 2024-12-05 at 17:31 By Help Net Security Europol has supported the dismantling of a sophisticated criminal network responsible for facilitating large-scale online fraud. In an operation led by the Hanover Police Department (Polizeidirektion Hannover) and the Verden Public Prosecutor’s Office (Staatsanwaltschaft Verden) in Germany, and supported by
React to this headline:
Law enforcement shuts down Manson Market cybercrime marketplace Read More »
Phishers send corrupted documents to bypass email security 2024-12-03 at 14:18 By Zeljka Zorz Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last week about email campaigns luring users with promises of payments, benefits and end-of-the-year bonuses.
React to this headline:
Phishers send corrupted documents to bypass email security Read More »
Domain security posture of Forbes Global 2000 companies 2024-11-26 at 06:34 By Help Net Security In this Help Net Security video, Vincent D’Angelo, Global Director of Corporate Development and Strategic Alliances with CSC, analyzes the domain security of the Forbes Global 2000. CSC’s 2024 Domain Security Report analyzes the highest and lowest-performing industries based on
React to this headline:
Domain security posture of Forbes Global 2000 companies Read More »
US charges five alleged members of Scattered Spider gang 2024-11-21 at 18:03 By Help Net Security Law enforcement unsealed criminal charges against five alleged members of Scattered Spider, who allegedly targeted employees of companies nationwide with phishing text messages and then used the harvested employee credentials to log in and steal non-public company data and
React to this headline:
US charges five alleged members of Scattered Spider gang Read More »