Tag: phishing
-
Junge Onliner tappen oft in Phishing-Fallen
Laut einer Umfrage fällt die jüngere Generation leichter auf Phishing herein.Obwohl sie digital versierter sind als jede andere Generation, fallen auch jüngere Onliner die sogenannten Digital Natives vergleichsweise leicht auf Betrugsmaschen im Netz herein. Fast die Hälfte der Gen Z, wie die Jahrgänge von 1997 bis 2012 genannt werden, erkennt typische Phishing-Warnsignale wie ungefragt zugesandte…
-
Researchers Expose Phishing Threats Distributing CountLoader and PureRAT
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and PureMiner.”The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments,” Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared with…
-
Meet LockBit 5.0: Faster ESXi drive encryption, better at evading detection
the Windows binary uses heavy obfuscation and packing: it loads its payload through DLL reflection while implementing anti-analysis techniques like Event Tracing for Windows (ETW) patching and terminating security services;the Linux variant maintains similar functionality with command-line options for targeting specific directories and file types;the ESXi variant specifically targets VMware virtualization environments, and is designed…
-
Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’
During Proofpoint Protect 2025, company leaders detailed how AI is being used in phishing trends and in cyber-defense tactics. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/news-proofpoint-conference-ai-email-security-phishing/
-
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and PureMiner.”The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments,” Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared with…
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
Phishing Campaign Targets PyPI Maintainers with Fake Login Site
Fake PyPI login site phishing campaign threatens developer credentials and the open-source supply chain. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/phishing-campaign-targets-pypi-maintainers-with-fake-login-site/
-
Vietnamese Hackers Exploit Fake Copyright Notices to Spread ‘Lone None’ Stealer
Vietnamese hackers use fake copyright notices and Telegram-based malware to steal data and crypto in a growing phishing campaign. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vietnamese-hackers-exploit-fake-copyright-notices-to-spread-lone-none-stealer/
-
The hidden cyber risks of deploying generative AI
Generative AI can boost productivity”, but without safeguards, it also opens the door to phishing, fraud & model manipulation. Learn more from Acronis TRU on why AI security must be built in from the start. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-hidden-cyber-risks-of-deploying-generative-ai/
-
Vietnamese Hackers Exploit Fake Copyright Notices to Spread “Lone None” Stealer
Vietnamese hackers use fake copyright notices and Telegram-based malware to steal data and crypto in a growing phishing campaign. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vietnamese-hackers-exploit-fake-copyright-notices-to-spread-lone-none-stealer/
-
Fake Ukraine Police Notices Spread New Amatera Stealer and PureMiner
FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer (data theft) and PureMiner (cryptojacking) to Windows PCs. First seen on hackread.com Jump to article: hackread.com/fake-ukraine-police-notices-amatera-stealer-pureminer/
-
Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’
During Proofpoint Protect 2025, company leaders detailed how AI is being used in phishing trends and in cyber-defense tactics. The post Proofpoint Exec: ‘Phishing is the Leading Cause of Breaches Globally’ appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-proofpoint-conference-ai-email-security-phishing/
-
Phishing von der Elster: Datensätze (WID-Nummer) aktualisieren
Tags: phishingObacht in den kommenden Wochen in Sachen Phishing im Umfeld der Steuererklärungen und des Elster-Portals zum Einreichen von Steuererklärungen. Gerade ist mir eine neue Phishing-Nachricht von einem Leser zugegangen, der auf Elster-Nutzer zielt. Im konkreten Fall stehen sogar Firmen im … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/26/phishing-von-der-elster-datensaetze-aktualisieren/
-
Vietnamese Hackers Use Fake Copyright Notices to Spread Lone None Stealer
New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam. First seen on hackread.com Jump to article: hackread.com/vietnamese-hackers-fake-copyright-notice-lone-none-stealer/
-
New Phishing Scam Aims at PyPI Maintainers to Steal Login Information
A fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI maintainers. As malicious actors continually swap out domain names, PyPI users must remain vigilant and adopt stronger safeguards to protect their accounts. In this latest iteration, maintainers receive an unsolicited email urging them to “verify…
-
Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors
Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vietnamese-threat-actor-python/
-
Contagious Interview – Angreifer setzen verstärkt auf neuen ClickFix-Ansatz
Effektiv helfen kann hier nur ein modernes Human Risk Management. Dessen Phishing-Trainings, -Schulungen und -Tests lassen sich, KI sei Dank, mittlerweile personalisieren und automatisiert kontinuierlich zum Einsatz bringen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/contagious-interview-angreifer-setzen-verstaerkt-auf-neuen-clickfix-ansatz/a42120/
-
SpamGPT Amps Up Enterprise Email Security Threats
Researchers warn that SpamGPT, an AI-powered spam and phishing toolkit, lowers the barrier for cybercriminals with scalable, evasive email attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/spamgpt-amps-up-enterprise-email-security-threats/
-
Credit Unions Replaced Fragmented Tools With Seceon’s Platform
Credit unions are the financial lifeline for more than 139 million Americans. Built on a member-first philosophy, these not-for-profit institutions provide affordable banking, community trust, and financial empowerment. But in today’s digital-first era, credit unions face growing cybersecurity challenges. With rising ransomware attacks, phishing scams, and third-party vendor breaches, credit unions are prime targets for…
-
Zum Start des Ticketverkauf am 1. Oktober 2025 zur Fussball-WM gibt es bereits 4.300 Fake-Domains mit Phishing-Betrug
Für ausgewählte Fußballfans beginnt bald der Kartenvorverkauf für die Fußball-Weltmeisterschaft 2026 in Nordamerika. Check Point hat bereits gefälschte Angebote zu Livestreams, Tickets und Fanartikeln entdeckt. Die Sicherheitsforscher haben eine unmittelbare Gefahr in Form von mehr als 4300 neu registrierten Domains im Internet aufgedeckt, die den Namen ‘FIFA”, ‘Weltmeisterschaft” oder die Namen der Austragungsstädte tragen. Die…
-
Zum Start des Ticketverkauf am 1. Oktober 2025 zur Fussball-WM gibt es bereits 4.300 Fake-Domains mit Phishing-Betrug
Für ausgewählte Fußballfans beginnt bald der Kartenvorverkauf für die Fußball-Weltmeisterschaft 2026 in Nordamerika. Check Point hat bereits gefälschte Angebote zu Livestreams, Tickets und Fanartikeln entdeckt. Die Sicherheitsforscher haben eine unmittelbare Gefahr in Form von mehr als 4300 neu registrierten Domains im Internet aufgedeckt, die den Namen ‘FIFA”, ‘Weltmeisterschaft” oder die Namen der Austragungsstädte tragen. Die…
-
Microsoft spots LLM-obfuscated phishing attack
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/microsoft-spots-llm-obfuscated-phishing-attack/
-
How secure are passkeys, really? Here’s what you need to know
Passwords are weak links”, 88% of breaches involve stolen creds. Learn more from Specops Software about how passkeys deliver phishing resistance, simpler logins & lower support costs (with some hurdles to adoption). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-secure-are-passkeys-really-heres-what-you-need-to-know/
-
Hackers Use GitHub Notifications to Impersonate Y Combinator and Steal Wallet Funds
A recent wave of sophisticated phishing attacks has targeted developers and startups by impersonating Y Combinator through GitHub notifications. Victims are being tricked into believing they’ve been selected for startup funding, only to face financial theft via fake verification schemes. This incident spotlights the new tactics phishers use to exploit trusted online platforms and reputable…
-
Hackers Use GitHub Notifications to Impersonate Y Combinator and Steal Wallet Funds
A recent wave of sophisticated phishing attacks has targeted developers and startups by impersonating Y Combinator through GitHub notifications. Victims are being tricked into believing they’ve been selected for startup funding, only to face financial theft via fake verification schemes. This incident spotlights the new tactics phishers use to exploit trusted online platforms and reputable…
-
Hackers Use AI-Generated Code to Obfuscate Payloads and Bypass Traditional Defenses
A recent credential phishing campaign detected by Microsoft Threat Intelligence used AI-generated code within an SVG file to disguise malicious behavior. While the novel obfuscation techniques showcased attacker ingenuity, AI-powered defenses successfully blocked the attack”, underscoring that AI-augmented threats remain detectable when defenders adapt analytic strategies. On August 18, Microsoft Threat Intelligence identified a targeted…
-
Hackers Use AI-Generated Code to Obfuscate Payloads and Bypass Traditional Defenses
A recent credential phishing campaign detected by Microsoft Threat Intelligence used AI-generated code within an SVG file to disguise malicious behavior. While the novel obfuscation techniques showcased attacker ingenuity, AI-powered defenses successfully blocked the attack”, underscoring that AI-augmented threats remain detectable when defenders adapt analytic strategies. On August 18, Microsoft Threat Intelligence identified a targeted…
-
New Phishing Scam Aims at PyPI Maintainers to Steal Login Information
A fresh wave of domain-confusion phishing emails is sweeping through the Python community, once again setting its sights on PyPI maintainers. As malicious actors continually swap out domain names, PyPI users must remain vigilant and adopt stronger safeguards to protect their accounts. In this latest iteration, maintainers receive an unsolicited email urging them to “verify…