Tag: social-engineering
-
A new era of cyberthreats from sophisticated threat actors is here
Tags: access, ai, attack, authentication, backdoor, china, cisa, cloud, communications, control, credentials, crowdstrike, data, data-breach, detection, edr, encryption, endpoint, exploit, group, identity, intelligence, Internet, kev, linux, network, password, phishing, ransomware, remote-code-execution, service, siem, social-engineering, tactics, threat, tool, update, vulnerability, vulnerability-management, windows, zero-dayIdentity threats: Scattered Spider: Identity-oriented adversaries exploit human weaknesses to leverage compromised credentials obtained through social engineering and AI-based tools to gain access to networks.Voice-based phishing is one identity-based attack tool rising in prominence, having increased in use by 443% last year, according to Myers. “This is on track to double by the end of…
-
Social engineering attacks surged this past year, Palo Alto Networks report finds
Unit 42 said social engineering, the method of choice for groups as diverse as Scattered Spider and North Korean tech workers, was the top initial attack vector over the past year. First seen on cyberscoop.com Jump to article: cyberscoop.com/social-engineering-top-attack-vector-unit-42/
-
Hackers Exploit Microsoft 365’s Direct Send Feature for Internal Phishing Attacks
Threat actors are leveraging Microsoft 365’s Direct Send feature to launch sophisticated phishing campaigns that mimic internal organizational emails, eroding trust and heightening the success rate of social engineering exploits. This feature, designed for unauthenticated relaying of messages from devices like multifunction printers and legacy applications to internal recipients, allows external attackers to spoof sender…
-
Scattered Spider: Social Engineering erfolgreich wegen Drittanbietersoftware
Tags: social-engineeringFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/scattered-spider-social-engineering-drittanbietersoftware
-
Scattered Spider: Social Engineering erfolgreich wegen Drittsoftware
Tags: social-engineeringDie Herausforderung für Sicherheitsteam ist, dass sich Unternehmen zu oft auf Drittanbieter verlassen, um wichtige Sicherheitsfunktionen wie Identitäts- und Zugriffskontrolle bereitzustellen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/scattered-spider-social-engineering-erfolgreich-wegen-drittsoftware/a41564/
-
Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds
ClickFix abuses clipboards. FileFix hijacks File Explorer. Both social engineering attacks start in the browser”, and end in malware. See how Keep Aware stops these stealthy attacks before they break out of the browser in a run down of a real attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/inside-a-real-clickfix-attack-how-this-social-engineering-hack-unfolds/
-
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram.”Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their First seen on…
-
Warum Lösegeldzahlungen Unternehmen noch verwundbarer machen
Ein Ransomware-Angriff ist längst kein isoliertes Ereignis mehr, sondern ein hochdynamischer Prozess. Die Bedrohungslage hat sich in den letzten Jahren schnell verändert. Während Systeme ausfallen und der wirtschaftliche Schaden mit jeder Stunde wächst, setzen Angreifer immer raffiniertere Social-Engineering-Methoden ein, um maximalen psychologischen Druck aufzubauen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ransomware-warum-loesegeldzahlungen-unternehmen-noch-verwundbarer-machen/a41558/
-
GenAI als Security-Gamechanger?
Tags: ai, ciso, cloud, compliance, cve, cyber, cyberattack, cyersecurity, data, deep-fake, governance, hacker, LLM, mail, malware, mobile, phishing, risk, social-engineering, threat, tool, vulnerabilityFür CISOs bietet generative KI nicht nur eine bloße Arbeitserleichterung, sondern zahlreiche neue Möglichkeiten für die Cybersicherheit.Durch den Einsatz von GenAI ergeben sich für CISOs neue Chancen, da bewährte Verteidigungsmethoden immer mehr an ihre Grenzen stoßen. Doch auch Cyberkriminelle haben längst die Möglichkeiten erkannt, damit ihre Angriffe zu verstärken. Dies hat bereits jetzt zu einem…
-
Tangled in the web: Scattered Spider’s tactics changing to snare more victims
Tags: access, attack, authentication, awareness, business, cisa, control, credentials, cybersecurity, data, defense, detection, google, group, guide, identity, marketplace, mfa, microsoft, mitigation, monitoring, network, nist, password, phishing, phone, social-engineering, software, spear-phishing, tactics, threat, tool, training, vpn-helpdesk or a type of SSO to add credibility.In some instances, Scattered Spider members purchase employee or contractor credentials on illicit marketplaces to gain access. More commonly, they search business-to-business websites to gather information about specific individuals. Once they identify usernames, passwords, personally identifiable information (PII), and conduct SIM swapping (transferring a victim’s phone number…
-
Google Cloud Security Threat Horizons Report #12 Is Out!
Tags: access, ai, apt, attack, backup, business, cloud, credentials, cyber, cybersecurity, data, data-breach, defense, exploit, finance, google, group, identity, incident response, intelligence, malicious, mfa, ransomware, service, social-engineering, theft, threat, unauthorized, vulnerabilityThis is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Threat Horizons Report, #12 (full version) that we just released (the official blog for #1 report, my unofficial blogs for #2, #3, #4, #5, #6, #7, #8, #9, #10 and #11). My favorite quotes from the report…
-
Scattered Spider tactics continue to evolve, warn cyber cops
CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider’s playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628069/Scattered-Spider-tactics-continue-to-evolve-warn-cyber-cops
-
FBI: Watch out for these signs Scattered Spider is spinning its web around your org
New malware, even better social engineering chops First seen on theregister.com Jump to article: www.theregister.com/2025/07/29/fbi_scattered_spider_alert/
-
Allianz Life Data Breach Hits 1.4 Million Customers
Tags: breach, data, data-breach, exploit, finance, insurance, risk, social-engineering, supply-chain, tacticsAllianz Life Insurance confirms a July 2025 data breach impacting 1.4 million customers, financial pros and employees. Learn how social engineering exploited a third-party CRM, the hallmarks of Scattered Spider tactics, and the broader risks of supply chain vulnerabilities. First seen on hackread.com Jump to article: hackread.com/allianz-life-data-breach-hits-1-4-million-customers/
-
How the Browser Became the Main Cyber Battleground
Until recently, the cyber attacker methodology behind the biggest breaches of the last decade or so has been pretty consistent:Compromise an endpoint via software exploit, or social engineering a user to run malware on their device; Find ways to move laterally inside the network and compromise privileged identities;Repeat as needed until you can execute your…
-
How Scattered Spider Used Fake Calls to Breach Clorox via Cognizant
Specops Software’s analysis reveals how Scattered Spider’s persistent help desk exploitation cost Clorox $400 million. Understand the August 2023 breach, its operational disruption, and critical steps organisations must take to protect against similar social engineering threats. First seen on hackread.com Jump to article: hackread.com/how-scattered-spider-fake-calls-breach-clorox-cognizant/
-
How AI red teams find hidden flaws before attackers do
Tags: access, ai, api, attack, authentication, ceo, computer, control, cyber, data, data-breach, exploit, flaw, guide, hacker, identity, infrastructure, injection, LLM, malicious, microsoft, psychology, RedTeam, risk, service, skills, social-engineering, sql, technology, threat, tool, training, vulnerabilityA red teaming sequence in action Connor Tumbleson, director of engineering at Sourcetoad, breaks down a common AI pen testing workflow: Prompt extraction: Use known tricks to reveal hidden prompts or system instructions. “That’s going to give you details to go further.”Endpoint targeting: Bypass frontend logic and directly access the model’s backend interface. “We’re hitting…
-
Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google
A new report from Google’s GTIG reveals how UNC3944 (0ktapus) uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps. First seen on hackread.com Jump to article: hackread.com/scattered-spider-ransomware-hijack-vmware-systems-google/
-
Allianz Life discloses massive data breach linked to supply-chain attack
The intrusion comes amid a wave of recent social-engineering attacks targeting the insurance sector and other industries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/allianz-life-data-breach-supply-chain-attack/754192/
-
Social engineering attack obtains data on ‘majority’ of Allianz Life customers
Minneapolis-based Allianz Life said “a malicious threat actor gained access to a third-party CRM system” earlier in July, breaching data of a large amount of its customers. First seen on therecord.media Jump to article: therecord.media/allianz-life-social-engineering-data-breach
-
Scattered Spider targets VMware ESXi in using social engineering
Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software exploits. The cybercrime group Scattered Spider (aka 0ktapus, Muddled Libra, Octo Tempest, and UNC3944) is targeting VMware ESXi hypervisors in retail, airline, and transportation sectors across North America. According to Google’s Mandiant team, the group…
-
Allianz Life data breach exposed the data of most of its 1.4M customers
Allianz Life data breach exposed data of most of 1.4M customers via third-party CRM hack using social engineering. Allianz Life confirmed a data breach exposing personal information of most of its 1.4 million customers. On July 16, 2025, a threat actor accessed a third-party CRM system using social engineering, compromising the data of customers, financial…
-
Malware Campaign Uses YouTube and Discord to Harvest Credentials from Computers
The Acronis Threat Research Unit (TRU) has uncovered a sophisticated malware campaign deploying infostealers like Leet Stealer, its modified variant RMC Stealer, and Sniffer Stealer, leveraging social engineering tactics centered on gaming hype. These threats masquerade as indie game installers, such as Baruda Quest, Warstorm Fire, and Dire Talon, promoted via fraudulent websites and fake…
-
The books shaping today’s cybersecurity leaders
Tags: breach, business, ciso, control, cyber, cybersecurity, email, exploit, finance, framework, group, guide, hacker, intelligence, law, psychology, resilience, risk, skills, social-engineering, strategy, technology, theft, threat, tool, vulnerabilityby Douglas W. Hubbard and Richard Seiersen, was recommended by several CISOs including Daniel Schatz, Qiagen’s CISO, and Wolfgang Goerlich, faculty IANS and Oakland County’s CISO.James Blake, Cohesity’s CISO, said it’s a useful resource that provides spreadsheets and methods for semi-quantitative risk assessment. Similar to FAIR (factor analysis of information risk), this book provides tools…
-
7 Security-Praktiken zum Abgewöhnen
Tags: 2fa, access, antivirus, api, authentication, awareness, cio, ciso, cloud, compliance, cyberattack, cybersecurity, detection, edr, endpoint, grc, infrastructure, international, iot, mfa, microsoft, monitoring, phishing, ransomware, risk, service, siem, social-engineering, software, technology, tool, vpn, zero-trustAus der Zeit gefallen?Schlechte Angewohnheiten abzustellen (oder bessere zu entwickeln), ist ein Prozess, der Geduld, Selbstbeherrschung und Entschlossenheit erfordert. Das gilt sowohl auf persönlicher als auch auf Security-technischer Ebene. In diesem Artikel haben wir sieben Sicherheitspraktiken für Sie zusammengestellt, deren Haltbarkeitsdatum schon eine ganze Weile abgelaufen ist. Die meisten Arbeitsumgebungen sind heute Cloud-basiert in vielen…
-
Trump’s AI Plan Sparks Industry Praise and Warnings of Risk
Experts Warn White House AI Action Plan Could Prioritize Deregulation Over Security. The Trump administration pledged Wednesday an offensive against red tape hindering artificial intelligence developers in federal and state governments while vowing to ensure that such systems are objective rather than pursue social engineering agendas. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/trumps-ai-plan-sparks-industry-praise-warnings-risk-a-29042
-
Clorox sues Cognizant for $380M over alleged helpdesk failures in cyberattack
Tags: access, attack, breach, business, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, data-breach, deep-fake, group, mfa, password, resilience, service, social-engineering, tactics, threat, tool, trainingAttack attributed to social engineering specialists: The cyberattack in 2023 was attributed to Scattered Spider, a cybercriminal group known for sophisticated social engineering campaigns targeting IT helpdesks. However, in this case, the attackers succeeded through remarkably basic tactics rather than advanced technical methods.”Scattered Spider’s success with a plain ‘please reset my password’ call confirms that…
-
Interlock ransomware threat expands across the US and Europe, hits healthcare and smart cities
Tags: access, advisory, attack, authentication, backup, ceo, control, credentials, defense, detection, dns, endpoint, finance, firewall, firmware, government, group, healthcare, identity, infrastructure, mfa, mitigation, network, ransom, ransomware, risk, service, social-engineering, technology, threat, training, update, usa, vulnerabilityTarget sectors and global reach : The advisory did not disclose the names of targeted organizations, but noted that critical infrastructure and other organizations in North America and Europe have been targeted in the past.”Healthcare has been a primary target, with incidents involving DaVita and Kettering Health. Education, technology, manufacturing, and government have also been…
-
Top 10 MCP vulnerabilities: The hidden risks of AI integrations
Tags: access, ai, api, attack, authentication, backdoor, breach, business, data, data-breach, detection, email, encryption, github, google, identity, injection, least-privilege, LLM, login, malicious, mfa, network, risk, social-engineering, software, sql, supply-chain, theft, threat, tool, unauthorized, vulnerabilityLiving off AI attacks: A threat actor posing as an employee, business partner, or customer sends a request to a human support agent. But the request contains a hidden prompt injection with instructions that only an AI can read. When the human employee passes the request on to their AI assistant it then, by virtue…
-
Human Digital Twins Could Give Attackers a Dangerous Advantage
While this emerging technology offers many benefits, digital twins also have several drawbacks, as these convincing impersonations can be used in social engineering attacks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/human-digital-twins-attackers-dangerous-advantage