Tag: phishing
-
VoidProxy PhaaS Targets Microsoft 365 and Google Accounts in New Campaign
Phishing-as-a-Service operation called VoidProxy that uses advanced adversary-in-the-middle techniques to bypass traditional multi-factor authentication and steal session tokens from Microsoft 365 and Google accounts. The five steps of a SIM-swap attack illustrating how fraudsters bypass multi-factor authentication to compromise accounts Okta has uncovered a sophisticated new emergence of VoidProxy, a highly evasive Phishing-as-a-Service platform that…
-
New VoidProxy phishing service targets Microsoft 365, Google accounts
A newly discovered phishing-as-a-service (PhaaS) platform, named VoidProxy, targets Microsoft 365 and Google accounts, including those protected by third-party single sign-on (SSO) providers such as Okta. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-voidproxy-phishing-service-targets-microsoft-365-google-accounts/
-
New VoidProxy Phishing Service Bypasses MFA on Microsoft and Google Accounts
Okta Threat Intelligence exposes VoidProxy, a new PhaaS platform. Learn how this advanced service uses the Adversary-in-the-Middle technique… First seen on hackread.com Jump to article: hackread.com/voidproxy-phishing-service-bypasses-mfa-microsoft-google/
-
A Cyberattack Victim Notification Framework
Interesting analysis: When cyber incidents occur, victims should be notified in a timely manner so they have the opportunity to assess and remediate any harm. However, providing notifications has proven a challenge across industry. When making notifications, companies often do not know the true identity of victims and may only have a single email address…
-
Chinese Guarantee Syndicates and the Fruit Machine
When I was speaking to a group of Bank Security people in New York City yesterday, I mentioned “machine rooms” — which are rooms full of Apple iPhones that are used to send iMessage phishing spam. Someone in the audience asked “Where would they get that many phones?” The kids like to use the acronym…
-
Researchers warn VoidProxy phishing platform can bypass MFA
The service has been targeting Microsoft and Google accounts for months, opening the door to possible BEC attacks and data exfiltration. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/researchers-voidproxy-phishing-bypass-mfa/760017/
-
Stealthy AsyncRAT flees the disk for a fileless infection
Tags: access, best-practice, control, credentials, infection, malicious, malware, monitoring, phishing, powershell, rat, theft, threat, update, windowsRAT with evasion and persistence: Once AsyncRAT was loaded, the attackers took steps to disrupt Windows defenses. The report notes techniques such as disabling Anti-malware Scan Interface (AMSI) and tampering with Event Tracking for Windows (ETW), both critical features for runtime detection. To maintain persistence, they created a scheduled task disguised as “Skype Update,” ensuring…
-
Muck Stealer Malware Used Alongside Phishing in New Attack Waves
A new report from Cofense reveals that cybercriminals are blending phishing and malware, including Muck Stealer, Info Stealer,… First seen on hackread.com Jump to article: hackread.com/muck-stealer-malware-phishing-new-attack-waves/
-
Fünf KI-Use-Cases für CISOs
Tags: access, ai, business, ceo, cio, ciso, cybercrime, cybersecurity, cyersecurity, data, framework, google, incident response, mail, microsoft, phishing, rat, risk, risk-management, service, siem, soc, tool, vpn, vulnerability, vulnerability-management -
Fünf KI-Use-Cases für CISOs
Tags: access, ai, business, ceo, cio, ciso, cybercrime, cybersecurity, cyersecurity, data, framework, google, incident response, mail, microsoft, phishing, rat, risk, risk-management, service, siem, soc, tool, vpn, vulnerability, vulnerability-management -
Ransomware gang going after improperly patched SonicWall firewalls
Tags: authentication, awareness, data-breach, defense, firewall, Internet, mfa, phishing, ransomware, updatepatch all internet-exposed systems as soon as fixes are released;enable phishing-resistant multi-factor authentication for all users;monitor the internet for leaked credentials;run a regular phishing security awareness campaign for employees.CISOs can also refer to the IST’s Blueprint for Ransomware Defense for more tips. First seen on csoonline.com Jump to article: www.csoonline.com/article/4056080/ransomware-gang-going-after-improperly-patched-sonicwall-firewalls.html
-
Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand
Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim First seen on theregister.com Jump to article: www.theregister.com/2025/09/11/voidproxy_phishing_service/
-
New Google AppSheet Phishing Scam Deliver Fake Trademark Notices
A phishing scam is exploiting Google’s trusted AppSheet platform to bypass email filters. Learn how hackers are using… First seen on hackread.com Jump to article: hackread.com/google-appsheet-phishing-scam-fake-trademark-notices/
-
KI-gestützte Phishing-Angriffe auf Krankenhäuser werden zunehmen
Unter Zuhilfenahme generativer KI-Tools können Angreifer schnell, unkompliziert, überzeugend und skalierend E-Mails erstellen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-gestuetzter-phishing-angriffe-auf-krankenhaeuser-wird-zunehmen/a41979/
-
kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data
The threat actor delivers three Remote Access Trojans (RATs)”, ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT”, via phishing sites hosted on GitHub Pages. These sites masquerade as legitimate software installers for popular applications. In each instance, a ZIP archive contains a malicious executable that initiates a multi-stage attack chain designed to evade analysis,…
-
KI-gestützter Phishing-Angriffe auf Krankenhäuser wird zunehmen
Unter Zuhilfenahme generativer KI-Tools können Angreifer schnell, unkompliziert, überzeugend und skalierend E-Mails erstellen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-gestuetzter-phishing-angriffe-auf-krankenhaeuser-wird-zunehmen/a41979/
-
Schadcode eingeschleust: Große NPM-Attacke betrifft jede zehnte Cloud-Umgebung
Eine einfache Phishing-Mail hat unzählige Malware-Infektionen zur Folge. Auch Cloud-Systeme sind betroffen. Dennoch geht der Angreifer fast leer aus. First seen on golem.de Jump to article: www.golem.de/news/schadcode-eingeschleust-grosse-npm-attacke-betrifft-jede-zehnte-cloud-umgebung-2509-199990.html
-
Cybervorfall bei der Kulturstiftung der Länder
Bei der Kulturstiftung der Länder hat es wohl einen Cybervorfall gegeben. Es wurden E-Mail-Postfächer von Mitarbeitern kompromittiert, und dann wurden “letztes Wochenende” (6./7.9.2025) Phishing-Mails über dieses Postfach verschickt. Dort wurden die Empfänger zur Eingabe von Outlook-Zugangsdaten aufgefordert. Ein Leser hatte … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/11/phishing-cybervorfall-bei-der-kulturstiftung-der-laender/
-
How npm Security Collapsed Thanks To a 2FA Exploit
Billions (No, that’s not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the JavaScript runtime environment Node.js’s default package manager, had finally stopped having serious security problems, you thought wrong. This time, a two-factor authentication (2FA) phishing attack left developers frustrated, angry, and in..…
-
Ransomware insurance losses spike despite fewer claims: Resilience
AI-powered phishing, “double extortion” tactics and insurance policy theft are fueling more destructive, costly ransomware attacks, the;cybersecurity firm said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-insurance-losses-spike-claims-resilience-ai-phishing/759626/
-
Neues Phishing-Framework umgeht Multi-Faktor-Authentifizierung
Tags: authentication, ceo, ciso, cloud, corporate, cyberattack, framework, hacker, Hardware, infrastructure, mail, mfa, microsoft, passkey, password, phishing, service, strategy, zero-trustPhishing 2.0 nutzt Subdomain-Rotation und Geoblocking.Eine kürzlich aufgedeckte Phishing-Kampagne steht in Verbindung mit Salty2FA, einem Phishing-as-a-Service-(PhaaS-)Framework. Es soll entwickelt worden sein, um Multi-Faktor-Authentifizierung (MFA) zu umgehen.Wie die Cybersicherheitsfirma Ontinue herausgefunden hat,fängt sie Verifizierungsmethoden ab,rotiert Subdomains undtarnt sich innerhalb vertrauenswürdiger Plattformen wie Cloudflare Turnstile.In unserer US-Schwesterpublikation CSO erklärten die Experten, dass die Kampagne ‘bemerkenswerte technische Innovationen”…
-
New Buterat Backdoor Malware Found in Enterprise and Government Networks
Meet Buterat, a new backdoor malware spreading through phishing and trojanized downloads, giving attackers persistent access to enterprise and government networks. First seen on hackread.com Jump to article: hackread.com/buterat-backdoor-malware-enterprise-govt-networks/
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Lazarus Hackers Abuse Git Symlink Vulnerability in Stealthy Phishing Campaign
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-profile breaches, Lazarus continues to evolve its tactics to target cryptocurrency and financial institutions worldwide. Over the last decade, Lazarus has homed in…
-
Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises
Phishing-as-a-Service (PhaaS) platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA, a phishing kit designed to bypass multiple two-factor authentication methods and slip past traditional defenses. Already spotted in campaigns across the US and EU, Salty2FA puts enterprises at First…