Tag: phishing
-
Phishing Campaigns Abuse Trusted Cloud Platforms, Raising New Risks for Enterprises
ANY.RUN experts report a surge in phishing campaigns abusing trusted cloud and CDN platforms to bypass security controls and target enterprise users. First seen on hackread.com Jump to article: hackread.com/phishing-campaigns-cloud-platforms-enterprises-risks/
-
Microsoft and Google Platforms Abused in New Enterprise Cyberattacks
A dangerous shift in phishing tactics, with threat actors increasingly hosting malicious infrastructure on trusted cloud platforms like Microsoft Azure, Google Firebase, and AWS CloudFront. Unlike traditional phishing campaigns that rely on newly registered suspicious domains, these attacks leverage legitimate cloud services to bypass security defenses and target enterprise users globally. When malicious content is…
-
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms, benign file formats, and layered redirection techniques to harvest user credentials from unsuspecting victims successfully. The attack chain begins with a professionally crafted phishing email containing a PDF attachment. The malicious payload leverages legitimate…
-
Fake Compliance Emails Weaponize Word and PDF Attachments to Steal Sensitive Data
A newly observed phishing campaign is abusing fake “audit/compliance confirmation” emails to target macOS users and steal highly sensitive data. The campaign uses convincing business-themed lures and malicious attachments that masquerade as Word or PDF files to trick employees into executing an AppleScript-based payload. Attackers begin by sending emails asking recipients to “confirm the company’s…
-
Medaillen oder Malware: Winter-Olympiade zieht Betrüger an
Cyberkriminelle lauern auf Milano-Cortina 2026: Mit Fake-Tickets, Phishing und KI-Betrug haben sie Sportbegeisterte im Visier. Mit diesen Tipps schützt Du Dich als Fan. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/cybercrime/medaillen-oder-malware-winter-olympiade-zieht-betruger-an/
-
New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials
Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/password-stealing-phishing-pdf/
-
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
In March 2025, the Ricochet Chollima APT group, widely recognized as APT37 and linked to North Korean state-sponsored operations, launched a targeted spear-phishing campaign against activists focused on North Korean affairs. The threat actors initiated the attack chain via spear-phishing emails impersonating a North Korea-focused security expert based in South Korea. The emails referenced legitimate…
-
APT28 Leverages CVE-2026-21509 in Operation Neusploit
IntroductionIn January 2026, Zscaler ThreatLabz identified a new campaign in-the-wild, tracked as Operation Neusploit, targeting countries in the Central and Eastern European region. In this campaign, the threat actor leveraged specially crafted Microsoft RTF files to exploit CVE-2026-21509 and deliver malicious backdoors in a multi-stage infection chain. Due to significant overlaps in tools, techniques, and procedures (TTPs)…
-
Was tun, wenn die Erpresser kommen?
Tags: access, ai, backup, bsi, cio, cyberattack, cybercrime, data, encryption, hacker, infrastructure, Internet, mail, password, phishing, ransomware, service, supply-chain, update, vulnerabilityRuhe bewahren und keine übereilten Sachen machen, empfiehlt Podcast-Gast Joanna Lang-Recht. intersoft consulting services AGMontagmorgen, 8:00 Uhr. Die Mitarbeitenden können sich nicht einloggen. Die Produktionsbänder stehen still, und auf den Bildschirmen prangen digitale Erpresserschreiben. Der Albtraum eines jeden CIOs ist wahr geworden: Ein Ransomware-Angriff hat den Betrieb lahmgelegt. Jetzt endet der Regelbetrieb, und der Ausnahmezustand…
-
New phishing attack leverages PDFs and Dropbox
Masquerading as a safe document format: But after so many warnings about this over time, why are people still so trusting of PDFs and Dropbox?”Because, historically, they’ve actually been trained to be,” said Avakian. PDFs are routinely used in the business world and have been positioned as a safe, read-only document format for invoices, contracts,…
-
Attackers Harvest Dropbox Logins Via Fake PDF Lures
A malware-free phishing campaign targets corporate inboxes and asks employees to view request orders, ultimately leading to Dropbox credential theft. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/attackers-harvest-dropbox-logins-fake-pdf-lures
-
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials. First seen on hackread.com Jump to article: hackread.com/phishing-scam-emails-pdfs-steal-dropbox-logins/
-
Hanging Up on ShinyHunters: Experts Detail Vishing Defenses
Sophisticated Voice Phishing Campaigns Don’t Exploit Any Software Vulnerabilities. Amidst persistent voice phishing campaigns designed to trick employees and steal sensitive corporate data, security experts recommend organizations deploy phishing-resistant multifactor authentication, monitor for attacks and use live video verification to safeguard authentication changes. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hanging-up-on-shinyhunters-experts-detail-vishing-defenses-a-30657
-
ShinyHunters flip the script on MFA in new data theft attacks
Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/02/shinyhunters-mfa-social-engineering/
-
Perfider Trick: Cyberkriminelle missbrauchen echte Microsoft-Adresse für Phishing-Angriff
First seen on t3n.de Jump to article: t3n.de/news/perfider-trick-cyberkriminelle-missbrauchen-echte-microsoft-adresse-fuer-pishing-angriff-1727257/
-
Schwerwiegende Schwachstelle in IDIS-Videoüberwachungssystemen ermöglicht Spear-Phishing-Angriffe
Die Sicherheitsforscher von Team82, der Forschungsabteilung des Spezialisten für die Sicherheit von cyberphysischen Systemen (CPS) Claroty, haben eine 1-Click-Remote-Code-Execution-Schwachstelle (CVE-2025-12556) im IDIS-Cloud-Manager-Viewer entdeckt. Es reicht also ein einziger unbedachter Klick des Opfers aus, um Schadcode direkt auf dem Gerät auszuführen, auf dem der ICM-Viewer gehostet wird. IDIS empfiehlt allen Nutzern des ICM-Viewers dringend, ihre Geräte…
-
Google Uncovers Major Expansion in ShinyHunters Threat Activity Using New Tactics
Tags: authentication, corporate, credentials, cyber, cybercrime, extortion, google, identity, mfa, phishing, service, software, tactics, threatA substantial expansion in cybercrime operations using tactics consistent with ShinyHunters-branded extortion campaigns. These sophisticated operations employ advanced voice phishing (vishing) and victim-branded credential harvesting websites to compromise corporate environments by stealing single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. While the methodology of targeting identity providers and Software-as-a-Service (SaaS) platforms remains consistent with…
-
Top 10 Best DNS Filtering Solutions 2026
In 2026, the perimeter is gone. Your users are everywhere, and the >>castle and moat<< security model is obsolete. The most effective way to secure a hybrid workforce is through DNS filtering and Secure Access Service Edge (SASE). These tools act as the new control plane, stopping ransomware command-and-control (C2) callbacks and AI-driven phishing attacks…
-
Mandiant details how ShinyHunters abuse SSO to steal cloud data
Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-details-how-shinyhunters-abuse-sso-to-steal-cloud-data/
-
SoundCloud Data Breach Exposes Nearly 30M User Accounts
A SoundCloud breach affecting 29.8 million accounts exposed email addresses and profile data, increasing phishing risks. The post SoundCloud Data Breach Exposes Nearly 30M User Accounts appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-soundcloud-breach-exposes-nearly-30-million-users/
-
Cisco sees vulnerability exploitation top phishing in Q4
The company’s recommendations included monitoring for abuses of multifactor authentication, a growing threat to the enterprise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-threat-report-exploitation-phishing/810977/
-
Threat Actors Hide Behind School-Themed Domains In Newly Uncovered Bulletproof Infrastructure
A sophisticated traffic distribution system (TDS) hiding behind education-themed domains. The operation uses bulletproof hosting to deliver phishing pages, scams, and malware files. Analysts triaged a first-stage JavaScript loader from hxxps[:]//toxicsnake-wifes[.]com/promise/script.js. This revealed a commodity cybercrime farm routing victims to harmful payloads. The main domain, toxicsnake-wifes[.]com, acts as a TDS node. It injects db.php with…
-
KnowBe4 feiert zehn Jahre KI-Innovation mit sieben AI Defense Agents im Einsatz
Bereits seit 2016 arbeitet KnowBe4 auf Basis von über 15 Jahren gesammelter Daten zu Benutzerverhalten und Bedrohungsinformationen an KI-gesteuerten Sicherheitslösungen. Das Unternehmen kombinierte frühzeitig Phishing, Vishing und Smishing First seen on infopoint-security.de Jump to article: www.infopoint-security.de/knowbe4-feiert-zehn-jahre-ki-innovation-mit-sieben-ai-defense-agents-im-einsatz/a43511/
-
New Microsoft Teams feature will let you report suspicious calls
Microsoft plans to introduce a call reporting feature in Teams by mid-March, allowing users to flag suspicious or unwanted calls as potential scams or phishing attempts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-microsoft-teams-feature-will-let-you-report-suspicious-calls/
-
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations
A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/ir-trends-q4-2025/
-
Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks
A new wave of cyberattacks has recently struck several prominent U.S. companies, including Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase. Bumble Inc., the parent company of dating apps Bumble, Badoo, and BFF, reported that one of its contractor accounts was compromised in a phishing incident. First seen on thecyberexpress.com Jump to article:…