Tag: phishing
-
Hackers Deliver Global Group Ransomware Offline via Phishing Emails
Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection. First seen on hackread.com Jump to article: hackread.com/hackers-global-group-ransomware-offline-phishing-emails/
-
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks…
-
Exchange Online flags legitimate emails as phishing
Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-flags-legitimate-emails-as-phishing/
-
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
A threat cluster tracked as >>Vortex Werewolf<< (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not with a typical malicious attachment, but with a highly credible phishing link. Vortex Werewolf distributes URLs that masquerade as legitimate Telegram file-sharing resources. These links, often hosted on domains designed to…
-
New Telegram Phishing Scam Hijacks Login Flow to Steal Fully Authorized User Sessions
A new and sophisticated Telegram phishing operation is active in the wild, targeting users globally by hijacking the platform’s legitimate authentication features. Unlike traditional phishing, which often relies on malware or cloning login pages to steal passwords, this campaign integrates directly with Telegram’s official infrastructure. The attackers register their own Telegram API credentials (api_id and api_hash) and…
-
Flickr moves to contain data exposure, warns users of phishing
Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party…
-
Mehr Cyberresilienz durch künstliche Intelligenz: 5-Stufenplan für Unternehmen
Olaf Pursche, Leiter Kompetenzgruppe Sicherheit eco Verband der Internetwirtschaft e.V.: »KI ist längst fester Bestandteil von Geschäftsprozessen. Mit ihrer Verbreitung nehmen jedoch auch Bedrohungen wie Deepfakes und KI-gestütztes Phishing zu. Entscheidend ist daher die sichere und verantwortungsvolle Integration von KI als zentraler Baustein der Cyberresilienz.« eco veröffentlicht Whitepaper für Entscheidungsträgerinnen und Entscheidungsträger zu sicherer… First…
-
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
Germany’s Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app.”The focus is on high-ranking…
-
Hackers Exploit Free Firebase Accounts to Launch Phishing Campaigns
A new wave of phishing campaigns where scammers are abusing Google’s legitimate infrastructure to bypass security filters. Attackers are now creating free developer accounts on Google Firebase to send fraudulent emails that impersonate well-known brands. By leveraging the reputation of the Firebase domain, these attackers are successfully landing in users’ inboxes, bypassing standard spam detection…
-
Germany warns of Signal account hijacking targeting senior figures
Germany’s domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-warns-of-signal-account-hijacking-targeting-senior-figures/
-
Warnung vor Angriffen: BSI erläutert Phishing-Attacken auf Signal
Das BSI warnt vor Phishing-Kampagnen über den Messenger Signal und erklärt die Methoden der Angreifer. First seen on golem.de Jump to article: www.golem.de/news/warnung-vor-angriffen-bsi-erlaeutert-phishing-attacken-auf-signal-2602-205122.html
-
Goßangelegter Missbrauch namhafter SaaS-Plattformen für Telefon-Betrug
Check Point Research (CPR), die Sicherheitsforschungs-abteilung von Check Point Software Technologies, hat eine groß angelegte Phishing-Kampagne identifiziert, die bekannte SaaS-Dienste von Microsoft, Amazon, Zoom oder Youtube ausnutzt, um ihre Opfer zu betrügerischen Telefonaten zu verleiten. Anstatt Domänen zu fälschen oder bösartige Links zu versenden, missbrauchen Angreifer gezielt legitime Software-as-a-Service-Plattformen, um telefonbasierte Betrugsversuche durchzuführen, die für…
-
State-backed phishing attacks targeting military officials and journalists on Signal
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
-
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based…
-
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based…
-
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send…
-
Threat Group Running Espionage Operations Against Dozens of Governments
Unit 42 researchers say an Asian threat group behind what they call the Shadow Campaigns has targeted government agencies in 37 countries in a wide-ranging global cyberespionage campaign that has involved phishing attacks and the exploitation of a more than a dozen known vulnerabilities. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/threat-group-running-espionage-operations-against-dozens-of-governments/
-
Cybersecurity Alert: Fake Traffic Ticket Portals Target Personal, Credit Card Data
A highly sophisticated phishing campaign that targets Canadian drivers by impersonating provincial traffic bureaus. This new wave of attacks utilizes >>SEO poisoning<>waiting room<< experience before harvesting their sensitive Personally Identifiable Information (PII) and credit card […] The post Cybersecurity Alert: Fake Traffic Ticket Portals Target Personal, Credit Card Data appeared first on GBHackers Security |…
-
APT28 Hackers Exploit Microsoft Office Vulnerability to Target Government Agencies
Tags: attack, cyber, cyberattack, espionage, exploit, government, hacker, microsoft, military, office, phishing, russia, spear-phishing, theft, vulnerabilityRussian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the theft on secrets from maritime and transport agencies in countries such as Poland, Greece, and Ukraine. The attacks start with spear-phishing…
-
Protests Don’t Impede Iranian Spying on Expats, Syrians, Israelis
Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/iran-spies-expats-syrians-israelis
-
AI is driving a new kind of phishing at scale
Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/05/ai-driven-phishing-threats-increase/
-
Harvard, UPenn Data Leaked in ShinyHunters Shakedown
Leaked Financial and Admissions Data Includes Contact Details for ‘Top Donors’. Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group’s ongoing live phishing attacks that often attempt to trick IT help desks into giving attackers direct access to a victim’s network and…
-
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of “disciplined tradecraft and clever abuse of legitimate system features” to bypass traditional detection mechanisms and deploy a remote access trojan (RAT) known as AsyncRAT.”The attack leverages IPFS-hosted VHD files, extreme script obfuscation, runtime decryption, and in-memory First…
-
AI Drives Doubling of Phishing Attacks in a Year
Cofense claims AI is making phishing emails more personalized and sophisticated First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-double-volume-phishing-attacks/
-
Zero trust in practice: A deep technical dive into going fully passwordless in hybrid enterprise environments
Tags: access, attack, authentication, backup, breach, business, cloud, compliance, credentials, cybersecurity, data, endpoint, group, Hardware, identity, infrastructure, lessons-learned, network, password, phishing, phone, risk, service, technology, update, windows, zero-trustArchitecture decisions: Hybrid authentication flows and Windows Hello for Business: Once your prerequisites are in place, you face critical architectural decisions that will shape your deployment for years to come. The primary decision point is whether to use Windows Hello for Business, FIDO2 security keys or phone sign-in as your primary authentication mechanism.In my experience,…
-
Phishing Campaigns Abuse Trusted Cloud Platforms, Raising New Risks for Enterprises
ANY.RUN experts report a surge in phishing campaigns abusing trusted cloud and CDN platforms to bypass security controls and target enterprise users. First seen on hackread.com Jump to article: hackread.com/phishing-campaigns-cloud-platforms-enterprises-risks/
-
Microsoft and Google Platforms Abused in New Enterprise Cyberattacks
A dangerous shift in phishing tactics, with threat actors increasingly hosting malicious infrastructure on trusted cloud platforms like Microsoft Azure, Google Firebase, and AWS CloudFront. Unlike traditional phishing campaigns that rely on newly registered suspicious domains, these attacks leverage legitimate cloud services to bypass security defenses and target enterprise users globally. When malicious content is…
-
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms, benign file formats, and layered redirection techniques to harvest user credentials from unsuspecting victims successfully. The attack chain begins with a professionally crafted phishing email containing a PDF attachment. The malicious payload leverages legitimate…