Tag: phishing
-
ISMG Editors: Voice Phishing Attacks Breach Google and Cisco
Tags: attack, breach, cisco, cyber, cybersecurity, google, government, phishing, technology, threat, update, warfareAlso: US Cyber Grants Are Dwindling; Hybrid Threats Renew Focus on OT Resilience. In this week’s update, four ISMG editors examined the voice phishing attacks linked to the Google and Cisco breaches, the funding gap in U.S. cybersecurity support for local governments and the implications of hybrid warfare on operational technology resilience. First seen on…
-
DarkCloud Stealer Targets Windows Systems to Harvest Login Credentials and Financial Data
A new variant of the DarkCloud information-stealer malware has been observed targeting Microsoft Windows systems, primarily affecting Windows users by collecting sensitive data such as login credentials, financial information, and personal contacts. Discovered in early July 2025 by Fortinet’s FortiGuard Labs, this high-severity campaign leverages sophisticated phishing tactics to initiate infections, demonstrating advanced evasion methods…
-
AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims
Cybersecurity researchers are drawing attention to a new campaign that’s using legitimate generative artificial intelligence (AI)-powered website building tools like DeepSite AI and BlackBox AI to create replica phishing pages mimicking Brazilian government agencies as part of a financially motivated campaign.The activity involves the creation of lookalike sites imitating Brazil’s State First seen on thehackernews.com…
-
Record-Breaking GreedyBear Attack Uses 650 Hacking Tools to Steal $1M from Victims
The threat actor group dubbed GreedyBear has orchestrated an industrial-scale operation blending malicious browser extensions, executable malware, and phishing infrastructure to siphon over $1 million in cryptocurrency from victims. This coordinated assault, uncovered by Koi Security researchers, leverages a staggering 650 hacking tools comprising 150 weaponized Firefox extensions and nearly 500 malicious Windows executables demonstrating…
-
13 Produkt-Highlights der Black Hat USA
Tags: access, ai, api, application-security, business, chatgpt, cisco, cloud, compliance, credentials, crowdstrike, cybersecurity, data, detection, google, governance, Hardware, identity, leak, LLM, malware, marketplace, microsoft, monitoring, network, openai, phishing, risk, saas, service, soc, threat, tool, usa, vulnerability, zero-trustDas Mandalay Bay Convention Center wird zur Black Hat USA zum Cybersecurity-Hub 2025 lag der Fokus dabei insbesondere auf Agentic und Generative AI.Zur Black-Hat-Konferenz haben sich auch 2025 Tausende von Sicherheitsexperten in Las Vegas zusammengefunden, um sich über die neuesten Entwicklungen im Bereich Cybersecurity zu informieren und auszutauschen. Der thematische Fokus lag dabei in erster…
-
Unbefugter Zugriff bei einem globalen IT-Unternehmen
The Cost of a Call: From Voice Phishing to Data Extortion First seen on cloud.google.com Jump to article: cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion
-
Unbefugter Zugriff bei einem globalen IT-Unternehmen
The Cost of a Call: From Voice Phishing to Data Extortion First seen on cloud.google.com Jump to article: cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion
-
KnowBe4 erweitert agentische KI zur Abwehr KI-gestützter Bedrohungen
Die weltweit renommierte Cybersicherheitsplattform KnowBe4, die sich umfassend mit Human-Risk-Management befasst, stellt die Erfolge seiner Kunden in den Mittelpunkt, die mithilfe der HRM+-Plattform tiefgreifende Transformationen ihrer Sicherheitsprogramme erzielen konnten. Durch den Einsatz KI-gestützter Lösungen wie AIDA (Artificial-Intelligence-Defense-Agents) gelang es Unternehmen wie der First Community Credit Union, den ‘Phish-prone Percentage” (PPP) nahezu auf ein Prozent zu…
-
Weaponizing Microsoft 365 Direct Send to Bypass Email Security Defenses
Security researchers at StrongestLayer, in collaboration with Jeremy, a seasoned Security Architect at a major manufacturing firm, have exposed a multi-layered spear phishing attack that exploits Microsoft 365’s Direct Send feature to infiltrate corporate email systems. The campaign, flagged initially by StrongestLayer’s AI system TRACE, masqueraded as innocuous voicemail notifications from services like RingCentral, but…
-
New Promptware Attack Hijacks User’s Gemini AI Via Google Calendar Invite
Cybersecurity researchers demonstrate a new attack on Google Gemini AI for Workspace. Discover how a simple calendar invite can be used to perform phishing, steal emails, and even control home appliances. First seen on hackread.com Jump to article: hackread.com/promptware-attack-hijack-gemini-ai-google-calendar-invite/
-
CERT-UA warns of UAC-0099 phishing attacks targeting Ukraine’s defense sector
Ukraine’s CERT-UA warns of phishing attacks by UAC-0099 targeting defense sectors, using malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Ukraine’s CERT-UA warns of phishing attacks by threat actor UAC-0099 targeting government and defense sectors, delivering malware like MATCHBOIL and DRAGSTARE. The National Cyber Incident, Cyber Attack, and Cyber Threat Response Team CERT-UA investigated multiple attacks against…
-
Cybercriminals are getting personal, and it’s working
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/07/email-attacks-q2-2025/
-
Cybercriminals are getting personal, and it’s working
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/07/email-attacks-q2-2025/
-
Durch Datenlecks verursachte Kosten sind gefallen
Tags: ai, breach, cyberattack, data, data-breach, deep-fake, fraud, germany, ibm, infrastructure, phishing, risk, security-incident, service, usaDurch KI unterstützte Angriffe wie Phishing und Deepfakes nehmen weiter zu, doch Unternehmen zögern in gleichem Maße nachzurüsten.Die gute Nachricht zuerst: Wie IBM in seinem jährlich erscheinenden Cost of a Data Breach Report herausfand, sind die durchschnittlichen Kosten eines Datenlecks in Deutschland erstmals seit fünf Jahren wieder gesunken. Ein einzelner Vorfall kostete demnach 2024 im…
-
Durch Datenlecks verursachte Kosten sind gefallen
Tags: ai, breach, cyberattack, data, data-breach, deep-fake, fraud, germany, ibm, infrastructure, phishing, risk, security-incident, service, usaDurch KI unterstützte Angriffe wie Phishing und Deepfakes nehmen weiter zu, doch Unternehmen zögern in gleichem Maße nachzurüsten.Die gute Nachricht zuerst: Wie IBM in seinem jährlich erscheinenden Cost of a Data Breach Report herausfand, sind die durchschnittlichen Kosten eines Datenlecks in Deutschland erstmals seit fünf Jahren wieder gesunken. Ein einzelner Vorfall kostete demnach 2024 im…
-
Mustang Panda Targets Windows Users with ToneShell Malware Disguised as Google Chrome
The China-aligned threat actor Mustang Panda, also known as Earth Preta, HIVE0154, RedDelta, and Bronze President, has been deploying the ToneShell backdoor against Windows users, primarily targeting government and military entities in the Asia-Pacific and Europe. Active since at least 2012, the group leverages spear-phishing emails with military-themed lures to deliver malicious archives, such as…
-
Cyber criminals would prefer businesses don’t use Okta
Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628482/Cyber-criminals-would-prefer-businesses-dont-use-Okta
-
UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware
UAC-0099 is a threat actor organization that has been targeting state officials, defense forces, and defense-industrial firms in a series of sophisticated cyberattacks that Ukraine’s CERT-UA has been investigating. The attacks typically initiate with phishing emails from UKR.NET addresses, featuring subjects like >>court summons
-
Threat Actors Use GenAI to Launch Phishing Attacks Mimicking Government Websites
Threat actors are increasingly leveraging generative AI (GenAI) tools to craft highly convincing phishing websites that impersonate legitimate government portals. As highlighted by Zscaler ThreatLabz in their recent reports and blogs, the dual nature of GenAI empowering productivity for legitimate users while enabling cybercriminals has become a critical issue. These tools, such as DeepSite AI…
-
Cisco discloses data breach impacting Cisco.com user accounts
Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company representative. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-discloses-data-breach-impacting-ciscocom-user-accounts/
-
APT36 Targets Indian Government: Credential Theft Campaign Uncovered
A sophisticated phishing campaign attributed with medium confidence to the Pakistan-linked APT36 group, also known as Transparent Tribe or Mythic Leopard, has been uncovered targeting Indian defense organizations and government entities. This operation employs typo-squatted domains that mimic official Indian government platforms, such as mail.mgovcloud.in and virtualeoffice.cloud, to deceive users into surrendering credentials. The campaign…
-
Healthcare Under Pressure
Tags: attack, breach, credentials, cybersecurity, healthcare, phishing, ransomware, supply-chain, threat, vulnerabilityThere’s no such thing as a routine day in healthcare IT anymore. While clinicians focus on saving lives, cybersecurity teams are fighting their own battles behind the scenes”, battles against credential thieves, ransomware disruptions, phishing attacks and supply chain vulnerabilities that can knock entire hospital systems offline. And the threats are accelerating. With record-breaking breach…
-
Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File
Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security. First seen on hackread.com Jump to article: hackread.com/discord-cdn-link-deliver-rat-disguised-onedrive-file/
-
New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data
McAfee’s Mobile Research Team has identified a sophisticated Android malware campaign primarily aimed at Hindi-speaking users in India, masquerading as legitimate financial applications from institutions like SBI Card, Axis Bank, and IndusInd Bank. This operation distributes malicious APKs through dynamically created phishing websites that mimic official banking portals, leveraging real assets such as images and…
-
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that’s targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps.”Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that combines phishing and malware to target users,” CTM360 said. “The core tactic involves a…
-
OWASP LLM Risk #5: Improper Output Handling FireTail Blog
Tags: ai, application-security, attack, awareness, cyber, detection, email, injection, LLM, mitigation, monitoring, phishing, remote-code-execution, risk, sql, strategy, threat, vulnerabilityAug 04, 2025 – Lina Romero – 2025 is seeing an unprecedented surge of cyber attacks and breaches. AI, in particular, has introduced a whole new set of risks to the landscape and researchers are struggling to keep up. The OWASP Top 10 Risks for LLMs goes into detail about the ten most prevalent risks…
-
Hackers Abuse Microsoft 365 Direct Send to Deliver Internal Phishing Emails
A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to… First seen on hackread.com Jump to article: hackread.com/hackers-microsoft-365-direct-send-internal-phishing-emails/