Tag: email
-
Bad sushi: China-nexus phishers shift to residential proxies
Earlier this year, Spamhaus researchers observed a major shift in phishing targeting Japan. Starting in April, a China-nexus threat actor began using residential proxy networks to send phishing emails instead of subnets at China Telecom and China Unicom. This blog explores the campaign’s origins and countermeasures against residential proxy-enabled spam. First seen on securityboulevard.com Jump…
-
Bad sushi: China-nexus phishers shift to residential proxies
Earlier this year, Spamhaus researchers observed a major shift in phishing targeting Japan. Starting in April, a China-nexus threat actor began using residential proxy networks to send phishing emails instead of subnets at China Telecom and China Unicom. This blog explores the campaign’s origins and countermeasures against residential proxy-enabled spam. First seen on securityboulevard.com Jump…
-
What Is Shadow AI and Why It Matters? FireTail Blog
Tags: access, ai, breach, business, chatgpt, compliance, data, email, framework, GDPR, governance, leak, monitoring, nist, office, regulation, risk, technology, tool, trainingOct 16, 2025 – Alan Fagan – What Is Shadow AI and Why It Matters – FireTail Blog Quick Facts: Shadow AI Shadow AI is when employees use AI tools within an organization without IT or compliance approval. Shadow AI often leads to data leaks, compliance gaps, and security risks. Examples include entering sensitive data…
-
What Is Shadow AI and Why It Matters? FireTail Blog
Tags: access, ai, breach, business, chatgpt, compliance, data, email, framework, GDPR, governance, leak, monitoring, nist, office, regulation, risk, technology, tool, trainingOct 16, 2025 – Alan Fagan – What Is Shadow AI and Why It Matters – FireTail Blog Quick Facts: Shadow AI Shadow AI is when employees use AI tools within an organization without IT or compliance approval. Shadow AI often leads to data leaks, compliance gaps, and security risks. Examples include entering sensitive data…
-
Phishing Alert: Fake ‘LastPass Hack’ Emails Spreading Malware
A new phishing campaign impersonating LastPass is circulating today, October 13, 2025, aiming to deceive users into downloading malicious desktop software. Emails purporting to come from “hello@lastpasspulse.blog” or “hello@lastpassgazette.blog” carry the alarming subject line “We Have Been Hacked Update Your LastPass Desktop App to Maintain Vault Security.” In reality, LastPass has not been compromised;…
-
Phishing Alert: Fake ‘LastPass Hack’ Emails Spreading Malware
A new phishing campaign impersonating LastPass is circulating today, October 13, 2025, aiming to deceive users into downloading malicious desktop software. Emails purporting to come from “hello@lastpasspulse.blog” or “hello@lastpassgazette.blog” carry the alarming subject line “We Have Been Hacked Update Your LastPass Desktop App to Maintain Vault Security.” In reality, LastPass has not been compromised;…
-
LastPass Warns Customers It Has Not Been Hacked Amid Phishing Email Scam
LastPass warns customers it has not been breached, after phishing emails falsely claim a hack and urge users to update their desktop app First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lastpass-not-hacked-phishing-email/
-
Operation Silk Lure: Weaponizing Windows Scheduled Tasks for ValleyRAT Delivery
A targeted cyber-espionage campaign exploiting Windows Scheduled Tasks and DLL side-loading to deploy the sophisticated ValleyRAT backdoor. The operation pivots on tailored spear-phishing emails, weaponized Windows shortcuts, and a persistent task scheduler mechanism, all delivering a multi-stage malware payload designed to harvest sensitive intelligence from Chinese FinTech and cryptocurrency firms. Adversaries behind Operation Silk Lure…
-
Operation Silk Lure: Weaponizing Windows Scheduled Tasks for ValleyRAT Delivery
A targeted cyber-espionage campaign exploiting Windows Scheduled Tasks and DLL side-loading to deploy the sophisticated ValleyRAT backdoor. The operation pivots on tailored spear-phishing emails, weaponized Windows shortcuts, and a persistent task scheduler mechanism, all delivering a multi-stage malware payload designed to harvest sensitive intelligence from Chinese FinTech and cryptocurrency firms. Adversaries behind Operation Silk Lure…
-
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-lastpass-bitwarden-breach-alerts-lead-to-pc-hijacks/
-
Fake Google Job Offer Email Scam Targets Workspace and Microsoft 365 Users
Cybersecurity firm Sublime Security details a new credential phishing scam impersonating Google Careers to steal login details from Google Workspace and Microsoft 365 users. First seen on hackread.com Jump to article: hackread.com/fake-google-job-offer-email-scam-workspace-microsoft-365/
-
Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware
A novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court of the Bogotá Circuit,” complete with formal legal language and institutional details. The .SVG attachment named “Fiscalia General De…
-
Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware
A novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court of the Bogotá Circuit,” complete with formal legal language and institutional details. The .SVG attachment named “Fiscalia General De…
-
Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware
A novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court of the Bogotá Circuit,” complete with formal legal language and institutional details. The .SVG attachment named “Fiscalia General De…
-
Behavioral Policy Violations and Endpoint Weaknesses Exposed by Infostealers
Co-authored by Constella Intelligence and Kineviz Most companies have no reliable way of knowing how corporate email accounts are being used, whether policies are being followed, or if critical data is being shared on unmonitored platforms. Malware does more than steal credentials. Infostealers’ bounty includes live sessions, saved credentials, browser configurations, and user interactions across infected devices……
-
The Guardian view on the online scam industry: authorities must not forget that perpetrators are often victims too | Editorial
A lucrative sector is spreading fast as criminal enterprises force abused and trafficked workers to cheat othersA Chinese court last month <a href=”https://www.theguardian.com/world/2025/sep/30/china-court-sentences-11-people-to-death-over-alleged-role-in-family-run-myanmar-scam-operations”>sentenced 11 people to death over their roles in a illegal scam empire along the border with Myanmar. But it won’t end a noxious multibillion-dollar industry that devastates the lives of two sets…
-
Google, Mandiant expose malware and zero-day behind Oracle EBS extortion
Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant…
-
Five million Qantas customers have had personal information leaked on the dark web. Here’s what you need to know
One expert warns frequent flier points could be used to create fake flight rescheduling emails or fraudulent redemption offers<ul><li><a href=”https://www.theguardian.com/australia-news/live/2025/oct/13/australia-news-live-qantas-hack-data-leak-scam-warning-nsw-sydney-potholes-social-media-ban-anika-wells-albanese-sussan-ley-labor-liberal-coalition-ntwnfb”>Follow our Australia news live blog for latest updates</li><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>The number of scams is expected to rise after the personal information of millions of…
-
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups
Tags: apple, conference, cybercrime, data, email, finance, google, group, india, marketplace, microsoft, phishing, scam, serviceMy colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts Using Large Language Models: A Comprehensive Study on Tech Support Scam Marketplaces,” Raghavendra will be…
-
Our APWG eCrimes Paper on Tech Support Scam Facebook Groups
Tags: apple, conference, cybercrime, data, email, finance, google, group, india, marketplace, microsoft, phishing, scam, serviceMy colleague Raghavendra Cherupalli will be at APWG eCrime next month sharing a paper based on our research into the Facebook Groups where illicit Indian Call Centers share “Crime-as-a-Service” offerings with one another. In our paper, “Classification of Cybercriminal Posts Using Large Language Models: A Comprehensive Study on Tech Support Scam Marketplaces,” Raghavendra will be…
-
Security Affairs newsletter Round 545 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…
-
Security Affairs newsletter Round 545 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…