Tag: social-engineering
-
PoisonSeed überlistet FIDO-Schlüssel
Tags: authentication, ceo, crypto, cyberattack, encryption, fido, mfa, okta, password, phishing, qr, social-engineering, vulnerabilityCyberkriminelle nutzen die geräteübergreifende Anmeldeoption von FIDO aus, um eine von ihnen kontrollierte authentifizierte Sitzung zu erstellen.FIDO-Schlüssel verwenden eine hardwarebasierte Multi-Faktor-Authentifizierung, um Schwachstellen anderer MFA-Methoden zu beheben. Der berüchtigten Krypto-Hackergruppe PoisonSeed ist es jedoch offenbar gelungen, diese zusätzliche Sicherung zu umgehen. Forscher von Expel sind auf eine Angriffskampagne der Gruppe gestoßen, bei der FIDO mit…
-
Cybercriminals Merge Android Malware with Click Fraud Apps to Harvest Credentials
Tags: android, credentials, cyber, cybercrime, data, exploit, fraud, login, malicious, malware, social-engineering, tacticsResearchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package Kit (APK) files exploit social engineering and off-market distribution channels to evade traditional security measures, preying on user trust to exfiltrate sensitive data such as login credentials. The campaign deploys…
-
Accounting Firm Targeted by Malware Campaign Using New Crypter
An attack on a US accounting firm delivered PureRAT via Ghost Crypt, involving social engineering and advanced obfuscation techniques First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crypter-malware-targets-accounting/
-
Falsche interne E-Mails erzielen in Phishing-Simulationen die meisten Klicks
KnowBe4 veröffentlicht seinen ‘Simulated Phishing Roundup Report>> für das zweite Quartal 2025. Der Bericht zeigt einen anhaltenden Trend zur Anfälligkeit von Mitarbeitern für Social-Engineering-Techniken, die Vertrautheit und Vertrauen ausnutzen. Dies zeigt sich in den vorherrschenden Interaktionen mit internen Kommunikationskanälen und bekannten Marken, die 98 Prozent der wichtigsten E-Mail-Betreffzeilen ausmachen. Alle Daten für diesen Bericht stammen…
-
Check Point warnt vor FileFix: Social Engineering über Windows Explorer
Statt wie ClickFix auf das Ausführen-Fenster von Windows zu setzen, nutzt FileFix den Windows Explorer also ein Programm, das praktisch jeder täglich nutzt. Die Hacker greifen hier auf ein besonders perfides Vorgehen zurück First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-warnt-vor-filefix-social-engineering-ueber-windows-explorer/a41439/
-
New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where attackers weaponize common audio formats like WAV files to bypass traditional email security filters and…
-
Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
Tags: authentication, credentials, crypto, cyber, data, login, malware, phishing, social-engineering, tactics, threatInfostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens, login credentials, cryptocurrency wallet information, personally identifiable information (PII), multifactor authentication (MFA) artifacts, and pretty much any data stored in a browser. These threats propagate via phishing operations, social engineering tactics, malvertising, and SEO-manipulated campaigns,…
-
PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
PoisonSeed group tricks users into bypassing FIDO Keys by misusing QR code logins, highlighting new social engineering risk to secure MFA. First seen on hackread.com Jump to article: hackread.com/poisonseed-trick-users-bypassing-fido-keys-qr-codes/
-
Social Engineering weiterhin wichtigstes cyberkriminelles Einfallstor
Tags: social-engineeringFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/social-engineering-wichtigkeit-cyberkriminalitaet-einfallstor
-
Social-Engineering weiterhin eines der häufigsten Einfallstore
Social-Engineering ist eine der häufigsten Techniken, die von kriminellen Akteuren eingesetzt werden, heißt es unter anderem in einem Bericht von Europol . Initial-Access-Broker konzentrieren sich demnach zunehmend darauf, solche Techniken zu nutzen, um gültige Zugangsdaten für die Systeme ihrer Opfer zu erhalten. Dieser Erstzugang kann in der Folge von cyberkriminellen Akteuren auf vielfältige Weise genutzt…
-
Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer
Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into executing malicious commands under the guise of resolving common computer issues like performance glitches or verification prompts. By hijacking the clipboard through JavaScript…
-
FileFix: Wenn der Windows Explorer zur Falle wird
Cyberkriminelle nutzen mit der neuen Social-Engineering-Methode FileFix das Vertrauen der Nutzer in den Windows Explorer aus. Die Technik wirkt harmlos, birgt jedoch enormes Risiko und wird bereits aktiv eingesetzt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/filefix-windows-explorer
-
Microsoft Teams voice calls abused to push Matanbuchus malware
The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-teams-voice-calls-abused-to-push-matanbuchus-malware/
-
Social-Engineering-Taktik FileFix nutzt Vertrauen in Windows-Explorer aus
Check Point Software Technologies warnt vor einer neuen Masche im Bereich des Social-Engineerings, die von Hackern bereits eingesetzt wird: , eine gefährlichere Variante von . Während letztere die Microsoft-Nutzer verleiten wollte, schädliche Befehlszeilen über das Kommandofenster Windows Run auszuführen, stützt sich FileFix auf den Windows Explorer, also ein Alltagsprogramm jedes Windows-Anwenders. Eine betrügerische Website, auf…
-
UNG0002 Actors Weaponize LNK Files via ClickFix Fake CAPTCHA Pages
Cybersecurity researchers at Seqrite Labs have identified a sophisticated espionage group designated as UNG0002 (Unknown Group 0002) that has been conducting persistent campaigns across multiple Asian jurisdictions since May 2024. The threat actors have demonstrated remarkable adaptability by integrating social engineering techniques with advanced malware deployment methods, specifically targeting organizations in China, Hong Kong, and…
-
NimDoor MacOS Malware Abuses Zoom SDK Updates to Steal Keychain Credentials
Tags: credentials, crypto, cyber, exploit, macOS, malware, north-korea, social-engineering, tactics, threat, updateSentinelOne researchers have discovered NimDoor, a sophisticated MacOS malware campaign ascribed to North Korean-affiliated attackers, most likely the Stardust Chollima gang, in a notable increase in cyber threats targeting the bitcoin industry. Active since at least April 2025, NimDoor exploits social engineering tactics by masquerading as Zoom SDK updates to infiltrate Web3 and crypto organizations,…
-
Deepfakes. Fake Recruiters. Cloned CFOs, Learn How to Stop AI-Driven Attacks in Real Time
Social engineering attacks have entered a new era”, and they’re coming fast, smart, and deeply personalized.It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice.…
-
7 obsolete security practices that should be terminated immediately
Tags: access, advisory, antivirus, api, attack, authentication, awareness, breach, business, cloud, compliance, control, cybersecurity, data, defense, detection, edr, endpoint, exploit, google, grc, identity, infrastructure, iot, linkedin, mfa, microsoft, mobile, monitoring, network, office, password, phishing, phone, ransomware, risk, service, siem, social-engineering, strategy, tactics, technology, threat, tool, training, unauthorized, update, vpn, vulnerability, zero-trust2. Taking a compliance-driven approach to security: Too many teams let compliance drive their security programs, focusing more on checking boxes than solving actual cybersecurity challenges, says George Gerchow, CSO at data security services firm Bedrock Security. He notes that many enterprises drive to meet compliance standards, yet still suffer serious breaches. The reason? They…
-
So endet die Dienstreise nicht in Gewahrsam
Geschäftsreisen ins Ausland sind je nach Zieldestination zunehmend risikobehaftet.Angesichts des aktuellen weltpolitischen Klimas sind Dienst- und Geschäftsreisen keine routinemäßige, betriebliche Notwendigkeit mehr, sondern zunehmend ein strategisches Risiko. Dabei spielt es auch keine Rolle, ob es sich um ein Großunternehmen handelt, das auf sämtlichen Kontinenten tätig ist oder ein Startup, das einen seiner Spezialisten auf Messebesuch…
-
CBI Uncovers Noida Tech Support Scam Targeting Victims in UK and Australia
The Central Bureau of Investigation (CBI) has made a major breakthrough in Operation Chakra-V by taking down a sophisticated global cybercrime network that was primarily targeting people in Australia and the United Kingdom with tech support frauds. This operation highlights the evolving landscape of cyber-enabled fraud, where perpetrators leverage advanced telecommunications infrastructure and social engineering…
-
Google Gemini-Lücke ermöglicht versteckte Phishing-Angriffe
Tags: ai, bug, bug-bounty, cyberattack, google, hacker, LLM, mail, phishing, social-engineering, toolHacker können Google Gemini nutzen, um versteckte Phishing-Attacken durchzuführen.Google Gemini für Workspace kann missbraucht werden, um E-Mail-Zusammenfassungen zu generieren, die legitim erscheinen, aber bösartige Anweisungen oder Warnungen enthalten. Das Problem: Angreifer können ohne Anhänge oder direkte Links ihre Opfer auf Phishing-Sites umleiten. Die Sicherheitslücke wurde von einem Forscher namens Marco Figueroa entdeckt, der der für…
-
Fake Gaming and AI Companies Target Windows and macOS Users with Drainer Malware Attacks
Tags: ai, attack, cyber, cybersecurity, macOS, malware, social-engineering, startup, threat, windowsThe cybersecurity company Darktrace has uncovered a persistent, intricate social engineering campaign that targets bitcoin users, building on earlier findings by Cado Security Labs in December 2024. Threat actors are fabricating elaborate startup companies themed around AI, gaming, video conferencing, Web3, and social media to lure victims into downloading malware disguised as legitimate software. These…
-
ClickFix: The Emerging Technique Threat Actors Use to Dominate Targeted Organizations
Threat actors have increasingly adopted ClickFix, a sophisticated social engineering technique that deceives users into executing malicious commands under the guise of resolving common computer issues like performance lags or pop-up errors. This method, often delivered via compromised websites, malvertising, YouTube tutorials, or fake tech support forums, relies on clipboard hijacking also known as pastejacking…
-
McDonald’s AI hiring tool’s password ‘123456’ exposed data of 64M applicants
Tags: access, ai, authentication, automation, business, ceo, control, credentials, cybersecurity, data, data-breach, endpoint, jobs, password, phishing, privacy, risk, social-engineering, tool, update, vulnerabilityRapid patching saved the day: Following disclosure on June 30, 2025, Paradox.ai and McDonald’s acknowledged the vulnerability within the hour. By July 1, default credentials were disabled and the endpoint was secured. Paradox.ai also pledged to conduct further security audits, Carroll noted in the blog.”Even though there’s no indication the data has been used maliciously…
-
McDonald’s AI hiring tool’s password? ‘123456’: Exposes data of 64M applicants
Tags: access, ai, authentication, automation, business, ceo, control, credentials, cybersecurity, data, endpoint, jobs, password, phishing, privacy, risk, social-engineering, tool, update, vulnerabilityRapid patching saved the day: Following disclosure on June 30, 2025, Paradox.ai and McDonald’s acknowledged the vulnerability within the hour. By July 1, default credentials were disabled and the endpoint was secured. Paradox.ai also pledged to conduct further security audits, Carroll noted in the blog.”Even though there’s no indication the data has been used maliciously…
-
Anatomy of a Scattered Spider attack: A growing ransomware threat evolves
Tags: access, attack, authentication, business, cloud, control, data, detection, endpoint, exploit, finance, firewall, group, iam, identity, incident response, infrastructure, mfa, microsoft, monitoring, ransomware, social-engineering, tactics, technology, threat, tool, vulnerabilityEnsuing battle over IT resources: Despite the stealth of the attack incident response defenders at the compromised company detected the attack and began to fight back, setting up a tug-of-war to establish control over the organization’s IT resources. In response, Scattered Spider abandoned attempts at covert infiltration and began an aggressive attempt to disrupt business…
-
UK Arrests Woman and Three Men for Cyberattacks on MS Co-op and Harrods
Four suspects arrested by the NCA in April/May 2025 cyberattacks on MS, Co-op, and Harrods. Learn about the social engineering, ransomware disruption, and estimated £300M impact on MS. First seen on hackread.com Jump to article: hackread.com/uk-arrests-woman-men-cyberattacks-ms-co-op-harrods/
-
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems.”These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion…
-
M&S chairman calls for mandatory disclosure of material cyberattacks
The chairman testified before British lawmakers following a major social-engineering attack on the department-store chain. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ms-chairman-mandatory-disclosure-material-cyberattacks/752584/
-
Qantas says cyberattack affected 5.7 million customers
The incident follows a notorious hacker gang’s pivot to targeting transportation companies with its trademark social-engineering attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/qantas-cyberattack-57-million-customers/752571/