Tag: social-engineering
-
Wie sich Behörden gegen Deepfakes wappnen können
Management Summary Deepfakes entwickeln sich für Behörden zu einem strategischen Vertrauens- und Sicherheitsrisiko: Sie bedrohen sowohl die öffentliche Glaubwürdigkeit staatlicher Kommunikation als auch interne Prozesse durch Identitätsbetrug, Social Engineering und die Umgehung biometrischer Authentifizierung. Nach Einschätzung von Gartner werden bis 2028 rund 40 Prozent der Regierungsorganisationen eigene TrustOps-Funktionen aufbauen, um solchen Bedrohungen zu begegnen. Der……
-
The economics of ransomware 3.0
Tags: alphv, attack, backup, breach, ceo, citrix, control, country, cyber, cyberattack, cybersecurity, data, data-breach, detection, encryption, endpoint, extortion, finance, framework, group, healthcare, HIPAA, incident response, insurance, moveIT, network, nist, office, privacy, ransom, ransomware, risk, russia, service, social-engineering, strategy, supply-chain, technology, threatTriple extortion mechanism. Ashish Mishra What the Change Healthcare case tells you about real costs: Consider what happened to Change Healthcare in early 2024. The ALPHV group’s attack on this healthcare payments processor didn’t just encrypt systems, it exposed the personal health information of potentially over 100 million Americans and disrupted pharmacy services across the…
-
The economics of ransomware 3.0
Tags: alphv, attack, backup, breach, ceo, citrix, control, country, cyber, cyberattack, cybersecurity, data, data-breach, detection, encryption, endpoint, extortion, finance, framework, group, healthcare, HIPAA, incident response, insurance, moveIT, network, nist, office, privacy, ransom, ransomware, risk, russia, service, social-engineering, strategy, supply-chain, technology, threatTriple extortion mechanism. Ashish Mishra What the Change Healthcare case tells you about real costs: Consider what happened to Change Healthcare in early 2024. The ALPHV group’s attack on this healthcare payments processor didn’t just encrypt systems, it exposed the personal health information of potentially over 100 million Americans and disrupted pharmacy services across the…
-
KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kongtuke-hackers-now-use-microsoft-teams-for-corporate-breaches/
-
Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/signal-adds-security-warnings-for-social-engineering-phishing-attacks/
-
Attackers Combine ClickFix With PySoxy Proxying to Maintain Persistence
Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clickfix-combined-pysoxy-proxying/
-
CISOs step into the AI spotlight
Tags: ai, api, attack, automation, awareness, business, ciso, control, cyber, cybersecurity, data, defense, detection, exploit, finance, fraud, governance, identity, infrastructure, jobs, least-privilege, military, phishing, risk, service, social-engineering, software, technology, threat, tool, training, update, vulnerability, vulnerability-managementMove fast, keep risk at bay: Like Hensley, Jeff Trudeau, CSO of Chime, says the role is fundamentally shifting from a control function to a strategic partner in how the business adopts AI responsibly. At Chime, that means being embedded early in how AI is built and deployed, not reviewing it after the fact, Trudeau…
-
CISOs step into the AI spotlight
Tags: ai, api, attack, automation, awareness, business, ciso, control, cyber, cybersecurity, data, defense, detection, exploit, finance, fraud, governance, identity, infrastructure, jobs, least-privilege, military, phishing, risk, service, social-engineering, software, technology, threat, tool, training, update, vulnerability, vulnerability-managementMove fast, keep risk at bay: Like Hensley, Jeff Trudeau, CSO of Chime, says the role is fundamentally shifting from a control function to a strategic partner in how the business adopts AI responsibly. At Chime, that means being embedded early in how AI is built and deployed, not reviewing it after the fact, Trudeau…
-
North Korea Hackers Abuse Git Hooks to Deploy Cross-Platform Malware
North Korean threat actors have introduced a stealthy new delivery mechanism in their ongoing “Contagious Interview” campaign, shifting tactics to abuse Git hooks for malware execution. The attack begins with a familiar social engineering lure. Victims, often developers targeted through fake job interviews, are asked to clone a GitHub repository containing a “coding assessment.” Hidden…
-
Australia warns of ClickFix attacks pushing Vidar Stealer malware
The Australian Cyber Security Center (ACSC) is warning organizations of an ongoing malware campaign using the ClickFix social engineering technique to distribute the Vidar Stealer info-stealing malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/australia-warns-of-clickfix-attacks-pushing-vidar-stealer-malware/
-
Fake Disk Cleanup Apps Fuel New macOS ClickFix Attack
A wave of ClickFix-style social engineering attacks that specifically target macOS users, using fake disk cleanup and system utility tips hosted on popular content platforms. Instead of installing helpful tools, these Terminal commands silently fetch and execute infostealers such as Macsync, Shub Stealer, and AMOS that steal passwords, iCloud data, documents, and cryptocurrency wallets. In…
-
Iran-sponsored threat group behind false flag social engineering campaign
The state-linked actor has been masquerading as a criminal ransomware group in attacks targeting U.S. organizations. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-threat-group-false-flag-social-engineering/819454/
-
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
Tags: attack, credentials, group, hacking, infection, iran, microsoft, ransomware, social-engineeringThe Iranian state-sponsored hacking group known as MuddyWater (aka Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack in what has been described as a “false flag” operation.The attack, observed by Rapid7 in early 2026, has been found to leverage social engineering techniques via Microsoft Teams to initiate the infection sequence.…
-
MuddyWater hackers use Chaos ransomware as a decoy in attacks
The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on Microsoft Teams social engineering to gain access and establish persistence. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/muddywater-hackers-use-chaos-ransomware-as-a-decoy-in-attacks/
-
FEMITBOT Network Exploits Telegram Mini Apps to Spread Crypto Scams and Android Malware
A large-scale fraud and malware operation called FEMITBOT that abuses Telegram Mini Apps to steal cryptocurrency and infect Android devices. The campaign shows how trusted in-app web experiences can be turned into powerful tools for social engineering and credential theft. Telegram Mini Apps are lightweight web applications that run inside Telegram, offering seamless login, payments,…
-
Supply-chain attacks take aim at your AI coding agents
Tags: advisory, ai, attack, business, control, cybersecurity, github, infrastructure, injection, LLM, malicious, programming, risk, skills, social-engineering, software, supply-chain, threat, toolUsing LLMs to trick LLMs: ReversingLabs’ researchers observed clear signs of vibe coding in the creation of these malicious components, including LLM-generated code comments. However, something else stood out: the level of detail in their README files and the way the documentaton boasted about how effective these packages were at performing their tasks.The researchers questioned…
-
Coreview warnt vor Microsoft-Helpdesk-Betrug
Cyberkriminelle nutzen immer häufiger Microsoft-Teams für ihre Zwecke. In jüngster Zeit häufen sich dabei vor allem Vorfälle, in denen sie sich als Mitarbeitende des IT-Supports ausgeben. Hierfür richten sie spezielle Chats mit vermeintlichen IT-Supportanfragen ein, um mittels Echtzeit-Social-Engineering Zugriff auf die Unternehmenssysteme zu erhalten. In aller Regel beginnt eine solche Attacke mit dem Missbrauch externer…
-
Code of Conduct Phish Hits 35,000 Users in Multi-Stage AiTM Attack
A highly sophisticated phishing campaign leveraging code-of-conduct-themed lures has targeted more than 35,000 users across 13,000 organizations. The multi-stage attack, observed between April 14 and April 16, 2026, highlights how threat actors are refining social engineering, delivery infrastructure, and authentication abuse to bypass modern defenses. The campaign primarily impacted users in the United States, accounting…
-
DigiCert breached via malicious screensaver file
A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/04/digicert-breach-code-signing-certificates-malware/
-
Human-centric failures: Why BEC continues to work despite MFA
Tags: attack, authentication, awareness, banking, breach, business, cio, communications, compliance, control, credentials, cyber, cybersecurity, deep-fake, edr, email, endpoint, exploit, finance, fraud, governance, group, identity, mfa, monitoring, phishing, risk, scam, soc, social-engineering, technology, trainingtechnically compromised at all, which places these attacks outside the protection boundary of MFA controls.In 2019, Toyota Boshoku Corporation fell to a BEC attack with an employee transferring over $30m to scammers following a cloned email from a 3rd party company with urgency citing the need for the transaction to be completed urgently so as…
-
China Has its Sights Set on Scammers, Just Not Those Targeting Americans
A new report from the U.S.-China Economic and Security Review Commission reveals that while China is aggressively prosecuting fraud targeting its own citizens, it continues to turn a blind eye to industrial-scale scam centers victimizing Americans. This selective enforcement has incentivized Chinese criminal syndicates to pivot toward U.S. targets, resulting in over $10 billion in…
-
Lazarus Targets macOS Users With New “Mach-O Man” Malware Kit
Tags: access, corporate, credentials, crypto, cyber, fintech, group, intelligence, lazarus, macOS, malware, social-engineering, threatLazarus Group is abusing “ClickFix” social engineering to push a new macOS malware kit dubbed “Mach-O Man,” giving attackers a direct path to credentials, Keychain secrets, and corporate access in fintech and crypto environments. This research is authored by Mauro Eldritch, an offensive security expert and founder of BCA LTD, a company focused on threat intelligence and…
-
BlueNoroff Deploys Fileless PowerShell in AI-Generated Zoom Lure Campaign
A sophisticated BlueNoroff campaign targeting cryptocurrency executives through fake Zoom meetings enhanced with AI-generated deepfakes and fileless PowerShell malware. The North Korean state-sponsored group successfully compromised a North American Web3 company in January 2026, maintaining persistent access for 66 days through entirely memory-resident attacks. The campaign begins with social engineering through Calendly invitations that contain…
-
Germany Caught Up in Likely Russian Signal Phishing
Governments Have Long Warned About Kremlin Social Engineering Hacks. Signal is defending the security of its systems following a series of phishing attacks that took place on the encrypted messaging platform, and that reportedly compromised members of the German government including the president of the country’s parliament. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/germany-caught-up-in-likely-russian-signal-phishing-a-31535
-
North Korea-linked actor targets Web3 execs in social-engineering campaign
Founders and other top executives were compromised to gain access to crypto wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-web3-execs-social-engineering-hacker/818639/
-
North Korea-linked actor targets Web3 execs in social-engineering campaign
Founders and other top executives were compromised to gain access to crypto wallets. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/north-korea-web3-execs-social-engineering-hacker/818639/
-
Arctic Wolf deckt BlueNoroff-Kampagne mit gefälschten Zoom-Meetings auf
Arctic Wolf Labs hat eine gezielte Angriffskampagne identifiziert, hinter der mit hoher Wahrscheinlichkeit die Gruppe BlueNoroff, eine finanziell motivierte Subgruppierung des Lazarus-Kollektivs mit Verbindungen nach Nordkorea, steht. Ziel war ein nordamerikanisches Web3-/Kryptounternehmen. Die Kampagne macht deutlich, dass Angreifer zunehmend mehrstufige Social-Engineering-Techniken nutzen und dabei gezielt auf glaubwürdige Interaktionen setzen. Die Analyse zeigt eine mehrstufige Angriffskette,…
-
Arctic Wolf deckt BlueNoroff-Kampagne mit gefälschten Zoom-Meetings auf
Arctic Wolf Labs hat eine gezielte Angriffskampagne identifiziert, hinter der mit hoher Wahrscheinlichkeit die Gruppe BlueNoroff, eine finanziell motivierte Subgruppierung des Lazarus-Kollektivs mit Verbindungen nach Nordkorea, steht. Ziel war ein nordamerikanisches Web3-/Kryptounternehmen. Die Kampagne macht deutlich, dass Angreifer zunehmend mehrstufige Social-Engineering-Techniken nutzen und dabei gezielt auf glaubwürdige Interaktionen setzen. Die Analyse zeigt eine mehrstufige Angriffskette,…
-
Crypto-Targeting North Koreans Wield Fake Zoom Meetings
Video of Industry Figures Harvested During Meetings and Used to Lure Future Victims. North Korean hackers are pretending to be cryptocurrency insiders, in an attempt to trick targets into accepting Calendly calendar invites. The social engineering ruse is designed to infect Windows and macOS systems with crypto stealers, and to harvest video of real-life people…
-
UNC6692 Combines Social Engineering, Malware, Cloud Abuse
A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom Snow malware in a multipronged campaign. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/unc6692-social-engineering-malware-cloud-abuse