Tag: phishing
-
Personal-, Lohn- und Finanzabteilungen im Fokus – Personalisierte Angriffe mit KI statt Massen-Phishing
First seen on security-insider.de Jump to article: www.security-insider.de/phishing-landskap-genai-ki-abwehr-zielgerichtete-angriffe-a-2c8bbaf002c6dd7544639fe55d38ce7c/
-
Noodlophile Stealer evolution
Noodlophile malware spreads via copyright phishing, targeting firms in the U.S., Europe, Baltics & APAC with tailored spear-phishing lures. The Noodlophile malware campaign is expanding globally, using spear-phishing emails disguised as copyright notices. Threat actors tailor lures with details like Facebook Page IDs and company ownership data. Active for over a year, it now targets…
-
Mobile Phishers Target Brokerage Customers in ‘Ramp and Dump’ Cashout Scheme
Cybercriminal groups specializing in advanced mobile phishing kits have evolved their operations beyond stealing payment card data for mobile wallet enrollment, now pivoting to exploit brokerage accounts in sophisticated ‘ramp and dump’ schemes. This shift, as detailed in recent research by security experts, leverages compromised user credentials to manipulate foreign stock prices, circumventing traditional security…
-
Cofense Unveils Vision 3.0 with Sub-Minute Threat Containment Capabilities and Deeper Insights
Now supporting hybrid environments, Vision 3.0 introduces “Who Clicked” to track and identify user engagement with phishing emails for faster, more targeted response First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/cofense-unveils-vision-3-0-with-sub-minute-threat-containment-capabilities-and-deeper-insights/
-
Weaponized Copyright Documents Used by Threat Actors to Target Key Employees with Noodlophile Stealer
The Noodlophile Stealer malware, initially uncovered in campaigns leveraging fake AI video generation platforms, has evolved into a targeted spear-phishing operation that weaponizes copyright infringement notices to infiltrate enterprises with substantial Facebook presences. This updated variant, active for over a year, shifts from broad social media lures to highly personalized emails impersonating legal entities, incorporating…
-
North Korea-linked hackers target embassies in Seoul in new espionage campaign
North Korea-linked hackers were seen targeting more than a dozen embassies in Seoul with phishing emails. First seen on therecord.media Jump to article: therecord.media/north-korean-hackers-target-foreign-embassies
-
Ein Viertel der CISOs wird nach Ransomware-Angriff entlassen
Tags: backup, ceo, cio, ciso, cyberattack, group, incident response, mail, phishing, ransomware, rat, risk, sophos, vulnerabilityNach einem Ransomware-Angriff werden CISOs oft dafür verantwortlich gemacht und gekündigt. Laut einem aktuellen Bericht von Sophos haben CISOs eine Chance von eins zu vier, dass ihr Arbeitsplatz einen erfolgreichen Ransomware-Angriff nicht übersteht. Die Ergebnisse des Berichts sind ein Weckruf für Sicherheitsverantwortliche, unabhängig davon, ob sie für solche Angriffe verantwortlich gemacht werden oder über die…
-
New Android Attack Targets Indian Users with Free Electricity Subsidy to Install Malware
A newly identified Android phishing campaign is aggressively targeting Indian users by masquerading as the legitimate PM Surya Ghar: Muft Bijli Yojana, a government initiative approved in February 2024 that offers subsidies for solar rooftop installations, covering up to 60% of costs for systems under 2kW and 40% for those up to 3kW. Attackers leverage…
-
Singapore issues critical alert on Dire Wolf ransomware targeting global tech and manufacturing firms
Tags: attack, authentication, backup, business, compliance, control, credentials, cyber, data, defense, email, endpoint, extortion, insurance, intelligence, leak, malicious, mfa, msp, network, phishing, ransom, ransomware, resilience, risk, supply-chain, threat, updateRipple effects on global enterprises: The global business fallout of Dire Wolf ransomware attacks is significant and poses a multi-layered, high-impact threat to global enterprises.”Its attacks directly disrupt operations and supply chains, particularly in manufacturing and tech, leading to production delays, revenue loss, and downstream customer impact,” said Manish Rawat, analyst at TechInsights. “Financial impact…
-
North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware
Tags: cyber, data-breach, email, espionage, github, group, hacker, malware, north-korea, password, phishing, spear-phishingThe Trellix Advanced Research Center exposed a DPRK-linked espionage operation attributed to the Kimsuky group (APT43), targeting diplomatic missions in South Korea. Between March and July, at least 19 spear-phishing emails impersonated trusted diplomatic contacts, delivering malware via password-protected ZIP archives hosted on Dropbox and Daum. These emails lured embassy staff with credible invitations to…
-
Hackers Exploit Cisco Secure Links to Evade Scanners and Bypass Filters
Tags: attack, cisco, credentials, cyber, cybercrime, detection, email, exploit, hacker, infrastructure, network, phishingCybercriminals have discovered a sophisticated new attack vector that weaponizes Cisco’s security infrastructure against users, according to recent research from Raven AI. The company’s context-aware detection systems uncovered a credential phishing campaign that exploits Cisco Safe Links to evade traditional email security scanners and bypass network filters, highlighting a dangerous trend of attackers turning trusted…
-
Why the Email Security Battle Feels Lost (At Least for Now)
Despite better tools and growing awareness, phishing and impersonation attacks remain rampant. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-the-email-security-battle-feels-lost-at-least-for-now/
-
Intrusion Detection and Prevention
In today’s hyper-connected digital world, businesses of all sizes face relentless cyber threats. From ransomware and phishing campaigns to advanced persistent threats (APTs) and insider risks, attackers are becoming increasingly sophisticated in the ways they infiltrate corporate networks. Protecting sensitive data, ensuring business continuity, and maintaining regulatory compliance requires more than traditional security tools”, it…
-
Noodlophile Stealer Hides Behind Bogus Copyright Complaints
Noodlophile is targeting enterprises in spear-phishing attacks using copyright claims as phishing lures. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/noodlophile-stealer-bogus-copyright-complaints
-
NY State Fines Dental Plan Firm $2M in Phishing Breach
Healthplex, Part of UnitedHealth Group, Lacked MFA on Compromised Email Account. New York State has fined a dental plan administrator owned by UnitedHealth Group $2 million for failing to protect data with multifactor authentication and other issues related to a phishing breach that affected 90,000 people. It’s the state’s second fine against Healthplex for the…
-
Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures
The threat actors behind the Noodlophile malware are leveraging spear-phishing emails and updated delivery mechanisms to deploy the information stealer in attacks aimed at enterprises located in the U.S., Europe, Baltic countries, and the Asia-Pacific (APAC) region.”The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement First seen…
-
Fake Copyright Notices Drop New Noodlophile Stealer Variant
Morphisec warns of a new Noodlophile Stealer variant spread via fake copyright phishing emails, using Dropbox links and… First seen on hackread.com Jump to article: hackread.com/phishing-scam-fake-copyright-notice-noodlophile-stealer/
-
Threat Actors Exploit Telegram as the Communication Channel to Exfiltrate Stolen Data
tLab Technologies, a Kazakhstan-based company that specializes in advanced threat prevention, discovered one of the first known phishing attempts in the region that targeted public sector clients in a recent cybersecurity incident. The attack leveraged a professionally crafted fake login page to harvest user credentials, employing Telegram’s Bot API as a covert exfiltration channel. This…
-
Popular npm Package Compromised in Phishing Attack
An incident involving the npm package eslint-config-prettier has been uncovered spreading Scavenger RAT First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/popular-npm-package-compromised-in/
-
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices
Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/18/noodlophile-infostealer-spear-phishing-campaign-copyright-infingement/
-
25% of security leaders replaced after ransomware attack
Tags: attack, breach, business, ceo, ciso, corporate, credentials, email, exploit, malicious, phishing, ransomware, risk, sophos, vulnerabilityA question of authority Dickson also argues that CISO authority should come into play. If decisions are made at the line-of-business (LOB) level, and potentially againstthe CISO’s advice, does it make corporate sense to blame the CISO?Some “presume that a ransomware attack is the fault of the CISO,” he says. “The CISO is a leader,…
-
Downgrade Attack Allows Phishing Kits to Bypass FIDO
You probably can’t break FIDO authentication. Still, researchers have shown that there are ways to get around it. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/downgrade-attack-phishing-kits-bypass-fido
-
UK work visa sponsors are target of phishing campaign
Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629176/UK-work-visa-sponsors-are-target-of-phishing-campaign
-
PoisonSeed Phishing Kit Bypasses MFA to Steal Credentials from Users and Organizations
The threat actor known as PoisonSeed, loosely affiliated with groups like Scattered Spider and CryptoChameleon, has deployed an active phishing kit designed to circumvent multi-factor authentication (MFA) and harvest credentials from individuals and organizations. This kit, operational since April 2025, targets login services of major CRM and bulk email providers such as Google, SendGrid, and…
-
Home Office Phishing Scam Targets UK Immigration Sponsors
The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/home-office-phishing-uk/
-
Kein Schadensersatz bei Eingabe von Login und PIN
Wer beim Phishing ungewollt das Bankkonto freigibt, hat keinen Anspruch auf Schadenersatz. Das Oberlandesgericht Oldenburg hat eine Berufung abgewiesen, 41.000 Euro sind verloren. First seen on golem.de Jump to article: www.golem.de/news/phishing-kein-schadensersatz-bei-eingabe-von-login-und-pin-2508-199077.html
-
Von der Spielerei zum Cyber-Betrug: Die neue Gefahr durch Deepfakes
Selbst technisch wenig versierte Täter können mithilfe generativer KI täuschend echte CEO-Anrufe, manipulierte Online-Meetings oder personalisierte Phishing-Kampagnen erstellen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/von-der-spielerei-zum-cyber-betrug-die-neue-gefahr-durch-deepfakes/a41663/