Tag: phishing
-
Tycoon2FA Operators Resume Cloud Account Phishing Following Infrastructure
Tycoon2FA operators have resumed large-scale cloud account phishing just days after law enforcement and industry partners disrupted the platform’s core infrastructure, underscoring the resilience of phishing-as-a-service (PhaaS) ecosystems and the limits of infrastructure-only takedowns. Authorities in Latvia, Lithuania, Portugal, Poland, Spain, and the UK worked with private-sector partners to seize 330 domains used to power…
-
Wenn der Chat zur Angriffsfläche wird: KnowBe4 reagiert mit Phish Alert Button
Mit der Integration des Phish Alert Button in Microsoft Teams reagiert KnowBe4 genau auf diese Entwicklung. Die Idee dahinter ist so simpel wie wirkungsvoll. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wenn-der-chat-zur-angriffsflaeche-wird-knowbe4-reagiert-mit-phish-alert-button/a44292/
-
Meldebutton für Phishing in Microsoft-Teams
KnowBe4 führt seinen ‘Phish Alert Button” auf Microsoft-Teams ein. Dies stellt einen bedeutenden Meilenstein in der Sicherheit bei der Zusammenarbeit in Teams dar. Die gleichen Ein-Klick-Funktionen zur Reaktion auf Vorfälle, die bisher ausschließlich für E-Mails verfügbar waren, lassen sich nun direkt in die Kollaborationsplattform integrieren, in der Mitarbeitende täglich kommunizieren und interagieren. ‘Cyberkriminelle zielen nicht…
-
Google Forms Job Scam Spreads PureHVNC Malware
A newly observed malware campaign is leveraging trusted platforms like Google Forms to distribute the PureHVNC Remote Access Trojan (RAT), marking a shift in how attackers initiate infections. Rather than relying on traditional phishing emails or malicious websites, threat actors are using business-themed lures such as job interviews, project proposals, and financial documents to trick…
-
Fake ChatGPT Invites Target Android Users With Malware
Threat actors are now abusing Google’s Firebase App Distribution service to push fake Android ChatGPT and Meta advertising apps that steal Facebook credentials and enable account takeover. The operation closely mirrors a recent iOS phishing campaign that used bogus ChatGPT and Gemini apps, but this wave specifically targets Android users through invitation-style emails that appear…
-
Tycoon2FA phishing platform returns after recent police disruption
The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tycoon2fa-phishing-platform-returns-after-recent-police-disruption/
-
IRONSCALES Launches Email Attack of the Day, a Daily Threat Intelligence Series for Security Teams
IRONSCALES is bringing a new threat intelligence series to the security community, launching >>Email Attack of the Day<< at RSA Conference 2026 this week. The series publishes daily breakdowns of real phishing attacks detected by IRONSCALES' Adaptive AI and its community of more than 30,000 security professionals. Each entry covers a single noteworthy attack: what..…
-
An AI-powered phishing campaign has compromised hundreds of organizations
Huntress researchers said it’s likely the victims in Railway’s customer set represent just a fraction of compromised organizations worldwide. First seen on cyberscoop.com Jump to article: cyberscoop.com/huntress-railway-ai-phishing-campaign-compromised-hundreds-of-organizations/
-
Attackers Hide Infostealer in Copyright Infringement Notices
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-hide-infostealer-copyright-infringement-notices
-
Tycoon2FA Phishing Service Resumes Activity Post-Takedown
Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/tycoon2fa-phishing-service-resumes/
-
The phone call is the new phishing email
Voice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics. First seen on cyberscoop.com Jump to article: cyberscoop.com/social-engineering-surge-intrusion-vector-mandiant-m-trends/
-
Smooth criminals talking their way into cloud environments, Google says
Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/voice_phishing_skyrockets_as_smooth/
-
Smooth criminals talking their way into cloud environments, Google says
Voice phishing is second most common initial access method across all IR probes, and top in cloud break-ins First seen on theregister.com Jump to article: www.theregister.com/2026/03/23/voice_phishing_skyrockets_as_smooth/
-
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware.The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive recipients…
-
Russia-linked actors target WhatsApp and Signal in phishing campaign
Russia-linked actors target WhatsApp and Signal accounts of officials and journalists via phishing, gaining access to messages and contacts. Threat actors linked to Russian Intelligence Services are running phishing campaigns to hijack high-value accounts on messaging apps like WhatsApp and Signal, the FBI warns. >>The FBI has identified cyber actors associated with Russian Intelligence Services targeting…
-
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
Tags: attack, control, cybersecurity, hacker, infrastructure, intelligence, phishing, russia, service, threatThreat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging applications (CMAs) like WhatsApp and Signal to seize control of accounts belonging to individuals with high intelligence value, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) said Friday.”The campaign First seen on thehackernews.com Jump…
-
FBI and CISA Flag Russian Cyber Operations Targeting Select Individuals via Signal
Tags: advisory, cisa, cyber, cybersecurity, encryption, infrastructure, intelligence, phishing, russia, serviceThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released a joint cybersecurity advisory regarding a widespread phishing campaign. The alert warns that Russian Intelligence Services are actively targeting users of encrypted messaging applications, primarily Signal. The attackers are bypassing the platform’s robust end-to-end encryption by hijacking user…
-
AI-Driven Offensive Security: The Current Landscape and What It Means for Defense
The capabilities of modern AI models have advanced far beyond what most people in the security industry have fully internalized. AI-generated phishing, script writing, and basic offensive automation are getting plenty of attention, but what happens when you apply agentic AI to the full lifecycle of building, testing, and refining custom malware and command-and-control (C2)……
-
Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme
Fake “trusted sender” labels can mislead users, as scammers embed them into email bodies to disguise phishing emails and create a false sense of security. The post Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-mail-trusted-sender-phishing-scam/
-
FBI links Signal phishing attacks to Russian intelligence services
The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-links-signal-phishing-attacks-to-russian-intelligence-services/
-
Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme
Apple Mail’s “trusted sender” label can mislead users, as scammers exploit it to disguise phishing emails and create a false sense of security. The post Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-mail-trusted-sender-phishing-scam/
-
Gefälschte Schutz-App für Krypto-Wallets stiehlt Nutzerdaten
Okta Threat Intelligence hat eine gefährliche Kryptoscam-Kampagne namens <> aufgedeckt und ihre Infrastruktur zerschlagen. Die als Browser-Erweiterung beworbene Anwendung versprach Nutzern, ihre Krypto-Wallet vor Phishing und Betrug zu schützen in Wirklichkeit war sie jedoch ein Trojaner, der gezielt Wallet-Adressen und sensible Daten von Binance, Coinbase, Metamask, Opensea, Phantom und Uniswap abgriff. Sogar Nutzer von […]…
-
Multi-Month Cyberespionage Campaign Hits Libyan Oil Refinery
Phishing Campaign Used AsyncRAT to Maintain Long-Term Network Access. A suspected cyberespionage campaign targeted a Libyan oil refinery using commodity malware and politically-themed phishing lures. The activity ran from November 2025 to mid-February, with evidence that attackers maintained long-term access to at least one oil company network. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/multi-month-cyberespionage-campaign-hits-libyan-oil-refinery-a-31091
-
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
Artificial Intelligence (AI) is changing how individuals and organizations conduct many activities, including how cybercriminals carry out phishing attacks and iterate on malware. Now, cybercriminals are using AI to generate personalized phishing emails, deepfakes and malware that evade traditional detection by impersonating normal user activity and bypassing legacy security models. As a result, First seen…
-
Android Malware Campaign Targets Indian Users via Fake eChallan Alerts
A new Android malware campaign targeting Indian users has been reported by the Indian Computer Emergency Response Team, CERT-In. According to the agency, multiple reports indicate a coordinated effort by cybercriminals to steal sensitive financial and personal data through deceptive mobile applications and phishing techniques. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/android-malware-campaign-rto-challan/
-
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
Tags: ai, authentication, automation, breach, cloud, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, government, identity, malware, monitoring, password, phishing, ransomware, supply-chain, theft, threat, tool67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are…
-
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
Tags: ai, authentication, automation, breach, cloud, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, government, identity, malware, monitoring, password, phishing, ransomware, supply-chain, theft, threat, tool67 / sixseven: 140.4Msweet / cookie / candy / cake / pie: 5.7Mchiefs / kansas city chiefs: 5M2025: 4.1Mapple / banana / orange / strawberry / fruit: 2.6MPassword reuse remains widespread, and the report also identified 1.1 million password manager master passwords circulating in underground sources, raising concerns about vault-level compromise when master credentials are…