Tag: phishing
-
Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan.The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025.”The campaign is targeted towards…
-
Cybersecurity Snapshot: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure
Tags: access, advisory, apt, attack, authentication, breach, china, cisa, cisco, cloud, compliance, computer, computing, control, credentials, cryptography, cve, cyber, cybersecurity, data, defense, detection, espionage, exploit, firmware, framework, google, government, guide, hacker, Hardware, incident response, infrastructure, international, Internet, iot, login, mfa, military, mitigation, monitoring, network, nist, organized, password, phishing, ransomware, regulation, risk, russia, sans, service, software, technology, theft, threat, tool, update, vulnerability, zero-trustDestructive cyber attacks against critical infrastructure have unfortunately become increasingly frequent. Just last week, multinational government agencies blared the alarm about a global cyber espionage campaign targeting critical infrastructure networks. With this type of cyber threat in the spotlight, we’re rounding up recent cyber advice for securing critical infrastructure. In case you missed it, here…
-
TAG-150 Hackers Escalate Attacks with Proprietary Malware Families
A sophisticated threat actor, TAG-150, active since at least March 2025. Characterized by rapid malware development, technical sophistication, and a sprawling multi-tiered infrastructure, TAG-150 has deployed several self-developed families”, CastleLoader, CastleBot, and most recently CastleRAT”, targeting organizations via phishing campaigns and fraudulent repositories. TAG-150 first surfaced with CastleLoader, a loader that delivers a diverse set…
-
Smishing, Vishing, Whaling: Diese 9 Phishing-Fallen solltet ihr kennen
First seen on t3n.de Jump to article: t3n.de/news/smishing-vishing-whaling-diese-9-phishing-fallen-solltet-ihr-kennen-1679869/
-
SVG files used in hidden malware campaign impersonating Colombian authorities
VirusTotal uncovered an undetected malware campaign using SVG files that impersonated the Colombian justice system. VirusTotal researchers uncovered a phishing campaign using SVG files with hidden JavaScript to deploy fake FiscalÃa General de la Nación login pages in Colombia and spread malware. VirusTotal noticed that, despite being outdated, SWF files are still abused in attacks.…
-
Massiver Anstieg bei Hackerangriffen auf deutschen Bildungssektor
Tags: access, authentication, cyberattack, data, germany, group, hacker, login, mail, phishing, threat, vulnerabilityVor dem Schul- und Semesterstart in Deutschland ist die Zahl der Cyberattacken stark gestiegen.Während im September in vielen Bundesländern das neue Schuljahr beginnt, haben es Cyberkriminelle vermehrt auf den Bildungssektor abgesehen. Forscher des Security-Spezialisten Check Point stellten fest, dass Cyberattacken vor Schul- und Semesterstart hierzulande um 56 Prozent zugenommen haben. Das liegt weit über dem weltweiten…
-
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics (SVG) files as part of phishing attacks impersonating the Colombian judicial system.The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, which then decodes and injects a Base64-encoded HTML phishing page masquerading as…
-
Phishing Empire Runs Undetected on Google, Cloudflare
What’s believed to be a global phishing-as-a-service enterprise using cloaking techniques has been riding on public cloud infrastructure for more than 3 years. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/phishing-empire-undetected-google-cloudflare
-
Identity-First Security: Mitigating the Cloud’s Greatest Risk Vector
Tags: access, ai, attack, best-practice, breach, business, cloud, credentials, data, defense, exploit, framework, google, iam, identity, infrastructure, least-privilege, microsoft, phishing, ransomware, risk, service, strategy, threat, vulnerabilityCompromised credentials are now the leading cause of cloud breaches, making identity your most critical attack surface. A new IDC white paper explores why this shift is happening and where traditional defenses fall short. Read on to learn how Tenable’s identity-first approach turns this risk into your strongest defense. Hack the user, own the cloud.…
-
New Phishing Tactic Targets PayPal’s 434M Users
A new PayPal phishing scam adds attackers as secondary users, letting them drain accounts while evading traditional detection. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/paypal-email-scam-2025/
-
Iran-Nexus Hackers Impersonate Omani MFA to Target Governments Entities
Tags: breach, communications, cyber, cybersecurity, exploit, government, group, hacker, intelligence, iran, malicious, mfa, phishing, spear-phishingCybersecurity researchers uncovered a sophisticated, Iran-linked spear-phishing operation that exploited a compromised Ministry of Foreign Affairs (MFA) mailbox in Oman to deliver malicious payloads to government entities worldwide. Analysts attribute the operation to the “Homeland Justice” group, believed to be aligned with Iran’s Ministry of Intelligence and Security (MOIS). Leveraging stolen diplomatic communications, encoded macros,…
-
6 browser-based attacks all security teams should be ready for in 2025
The browser is now the frontline for cyberattacks. From phishing kits and ClickFix lures to malicious OAuth apps and extensions, attackers are targeting the very place your employees access business-critical apps. Push Security explains how to defend where breaches begin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/6-browser-based-attacks-all-security-teams-should-be-ready-for-in-2025/
-
North Korean Hackers Exploit Threat Intel Platforms For Phishing
North Korean hackers have been observed exploiting cyber threat intelligence platforms in a campaign targeting job seekers with malware-laced lures First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-exploit-threat-intel/
-
NoisyBear Exploits ZIP Files for PowerShell Loaders and Data Exfiltration
The threat actor known as NoisyBear has launched a sophisticated cyber-espionage effort called Operation BarrelFire, using specially designed phishing lures that imitate internal correspondence to target Kazakhstan’s energy sector, particularly workers of the state oil and gas major KazMunaiGas. Security researchers at Seqrite Labs first observed the campaign in April 2025 and noted its rapid…
-
Phishing-Gefahr: So nutzen Betrüger Google Forms, um an deine Daten zu kommen
First seen on t3n.de Jump to article: t3n.de/news/phishing-gefahr-so-nutzen-betrueger-google-forms-um-an-deine-daten-zu-kommen-1705270/
-
New Scam Targets PayPal Users During Account Profile Setup
A highly sophisticated phishing campaign is targeting PayPal users with a deceptive email designed to grant scammers direct access to their accounts. The attack, which has been circulating for at least a month, uses a clever trick that bypasses traditional phishing detection methods by leading victims to the official PayPal website. The scam begins with…
-
California Tax Refund Mobile Phish
A new round of mobile phish is imitating the State of California’s “Franchise Tax Board” in a round of phishing sites that are gaining prominence in the past few days. I visited ftb.ca-gov-sg[.]top/notice from a burner phone to see how the scheme works (the page doesn’t load from the Windows browsers I tested.) After harvesting…
-
Soar is your Safest Bet
It’s the middle of the week, you are working on a project that needs to be done, and while you are trying to focus, you get the same phishing alert for the 10th time this week. Your team is drowning in noise, and you’re looking around thinking, ‘It’s 2025. There has to be an […]…
-
Indirect Prompt Injection Attacks Against LLM Assistants
Tags: attack, automation, control, data, disinformation, email, framework, google, injection, LLM, malicious, mitigation, mobile, phishing, risk, risk-assessment, threat, toolReally good research on practical attacks against LLM agents. “Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous” Abstract: The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware”, maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of…
-
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world.The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to broader offensive cyber activity undertaken by a group known as Homeland Justice.”Emails were sent to…
-
Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links
Barracuda observed new methods to disguise phishing links in Tycoon phishing attacks, which are designed to bypass automated email security systems First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/tycoon-phishing-kit-hide-malicious/
-
Tycoon Phishing Kit Utilizes New Capabilities to Hide Malicious Links
Barracuda observed new methods to disguise phishing links in Tycoon phishing attacks, which are designed to bypass automated email security systems First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/tycoon-phishing-kit-hide-malicious/
-
Google Cloud Cloudflare Missed 3-Year Phishing Campaign
An industrial-scale phishing campaign exploiting Google Cloud and Cloudflare infrastructure operated in plain sight for more than three years, targeting Fortune 500 companies and siphoning millions in potential revenue while evading detection. Deep Specter Research’s investigation reveals the depth of this willful blindness and its far-reaching consequences for brands, regulators, and end users. Google Cloud…
-
Amazon shuts down watering hole attack attributed to Russia’s APT29 hacking group
In October 2024, Amazon disrupted another APT29 operation that attempted to use phishing domains impersonating AWS. First seen on therecord.media Jump to article: therecord.media/amazon-shuts-down-apt29-watering-hole-attack
-
TDL 002 – Defending the DNS: How Quad9 Protects the Internet with John Todd
Tags: access, apple, attack, business, china, ciso, communications, control, country, crime, cyber, cybersecurity, data, defense, dns, email, encryption, firewall, google, ibm, india, infrastructure, intelligence, Internet, jobs, law, malicious, malware, network, phishing, privacy, service, strategy, technology, threat, tool, zero-trustSummary The Defender’s Log episode features John Todd from Quad9, discussing their mission to protect the internet through secure DNS. Quad9, a non-profit launched in 2017 with founding partners Global Cyber Alliance, Packet Clearing House, and IBM, provides a free, global recursive DNS resolver that blocks malicious domains. Todd emphasizes that Quad9’s success is a…