Tag: social-engineering
-
Amnesia RAT deployed in multi-stage phishing attacks against Russian users
A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign mainly targeting users in Russia. The attack uses fake business documents as social engineering lures to distract victims while malware runs in the background. It escalates to full…
-
Digitale Integrität: Warum Firewall und IDS nicht reichen
Tags: access, apt, breach, bsi, ceo, ciso, cloud, crowdstrike, cyber, cyberattack, cyersecurity, data, data-breach, detection, firewall, fraud, group, ibm, lazarus, linkedin, mail, malware, microsoft, phishing, privacy, social-engineering, spear-phishing, threat, tool, zero-trustDie systematische Erfassung von Daten über Mitarbeiter, Kunden und Geschäftspartner hat eine neue Angriffsfläche geschaffen, die von Cyberkriminellen ausgenutzt wird.In einer vernetzten Geschäftswelt stehen Unternehmen vor beispiellosen Cybersicherheits-Herausforderungen. Laut dem IBM Cost of a Data Breach Report 2024 betragen die durchschnittlichen Kosten eines durch Phishing verursachten Datenlecks etwa 4,88 Millionen Dollar. Nach Branchenschätzungen werden täglich etwa…
-
Cybercrime group claims credit for voice phishing attacks
Security researchers at Okta previously disclosed a social engineering campaign involving custom phishing kits. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybercrime-group-voice-phishing-attacks-Okta/810493/
-
Digitale Integrität: Warum Firewall und IDS nicht reichen
Tags: access, apt, breach, bsi, ceo, ciso, cloud, crowdstrike, cyber, cyberattack, cyersecurity, data, data-breach, detection, firewall, fraud, group, ibm, lazarus, linkedin, mail, malware, microsoft, phishing, privacy, social-engineering, spear-phishing, threat, tool, zero-trustDie systematische Erfassung von Daten über Mitarbeiter, Kunden und Geschäftspartner hat eine neue Angriffsfläche geschaffen, die von Cyberkriminellen ausgenutzt wird.In einer vernetzten Geschäftswelt stehen Unternehmen vor beispiellosen Cybersicherheits-Herausforderungen. Laut dem IBM Cost of a Data Breach Report 2024 betragen die durchschnittlichen Kosten eines durch Phishing verursachten Datenlecks etwa 4,88 Millionen Dollar. Nach Branchenschätzungen werden täglich etwa…
-
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT.”The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign,” Fortinet FortiGuard Labs researcher Cara Lin said in a technical breakdown published this week. “These documents and…
-
The cybercrime industry continues to challenge CISOs in 2026
Tags: access, ai, attack, automation, backup, best-practice, breach, business, ciso, compliance, control, credentials, crime, crowdstrike, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, espionage, exploit, extortion, fortinet, framework, fraud, governance, group, hacker, hacking, identity, incident response, infection, infrastructure, insurance, intelligence, malware, metric, network, phishing, ransom, ransomware, resilience, risk, saas, service, soar, social-engineering, sophos, strategy, supply-chain, technology, theft, threat, tool, training, update, usa, vpn, vulnerabilityEvolution of the security strategy: Alessandro Armenia, global head of cybersecurity at ReeVo, believes that three key aspects are emerging in the current landscape: “First, attacks are no longer isolated events, but coordinated, in some cases automated, operations that often originate within the organizations themselves, for example, due to human error or exposed credentials. Second,…
-
The cybercrime industry continues to challenge CISOs in 2026
Tags: access, ai, attack, automation, backup, best-practice, breach, business, ciso, compliance, control, credentials, crime, crowdstrike, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, espionage, exploit, extortion, fortinet, framework, fraud, governance, group, hacker, hacking, identity, incident response, infection, infrastructure, insurance, intelligence, malware, metric, network, phishing, ransom, ransomware, resilience, risk, saas, service, soar, social-engineering, sophos, strategy, supply-chain, technology, theft, threat, tool, training, update, usa, vpn, vulnerabilityEvolution of the security strategy: Alessandro Armenia, global head of cybersecurity at ReeVo, believes that three key aspects are emerging in the current landscape: “First, attacks are no longer isolated events, but coordinated, in some cases automated, operations that often originate within the organizations themselves, for example, due to human error or exposed credentials. Second,…
-
Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems
A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack begins with a deceptive LNK file named >>ì‹¤ì „ íŠ¸ë ˆì´ë, © 핵심 비법서.pdf.lnk<>Practical Trading Core Secret Book<<), specifically crafted to target South Korean investors seeking financial guidance. This social engineering approach exploits users' trust […] The…
-
MacSync macOS Infostealer Exploits ClickFix-style Attack to Trick Users with Single Terminal Command
A sophisticated macOS infostealer campaign that leverages deceptive ClickFix-style social engineering to distribute MacSync, a Malware-as-a-Service (MaaS) credential-stealing tool targeting cryptocurrency users. The attack chain begins with phishing redirects and culminates in persistent access through trojanized hardware wallet applications. The campaign initiates with credential harvesters impersonating Microsoft login pages. Analysis of crosoftonline[.]com/login[.]srf a domain spoofing official Microsoft…
-
Hackers Disable Windows Security With New Malware Attack
Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows’ own security architecture. The post Hackers Disable Windows Security With New Malware Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-hackers-disable-windows-security/
-
Okta SSO accounts targeted in vishing-based data theft attacks
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/okta-sso-accounts-targeted-in-vishing-based-data-theft-attacks/
-
Microsoft Teams to add brand impersonation warnings to calls
Microsoft will soon add new fraud protection features to Teams calls, warning users about external callers who attempt to impersonate trusted organizations in social engineering attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-add-brand-impersonation-warnings-to-calls/
-
New ClickFix Campaign Exploits Fake Verification Pages to Hijack Facebook Sessions
Tags: attack, credentials, cyber, exploit, guide, phishing, social-engineering, software, vulnerabilityA sophisticated ClickFix campaign targeting Facebook users has been identified, leveraging social engineering to extract live session credentials directly from victims’ browsers. Unlike traditional phishing exploits that rely on software vulnerabilities, this campaign guides victims through a guided credential-harvesting process disguised as account verification. Researchers identified 115 webpages across the attack chain and eight distinct…
-
New Multi-Stage Windows Malware Disables Microsoft Defender, Deploys Malicious Payloads
A sophisticated multi-stage malware campaign targeting Russian users, leveraging social engineering, legitimate cloud services, and native Windows functionality to achieve full system compromise without exploiting vulnerabilities. The campaign begins with deceptively crafted business-themed documents delivered via compressed archives. Victims receive Russian-language files that appear to be routine accounting tasks, but the archive contains a malicious…
-
ErrTraffic Exploits Visual Page Breaks to Fuel ClickFix Attacks, Rebranding Exploits as “GlitchFix”
ErrTraffic is a Traffic Distribution System (TDS) designed to power ClickFix social engineering attacks. Unlike traditional fake update prompts, ErrTraffic deliberately breaks website visuals creating garbled text, distorted CSS, and cursor jitter to convince victims their device is actually broken. Visual chaos technique, called >>GlitchFix,<>fixing<< their systems by running malware. […] The post ErrTraffic Exploits Visual Page Breaks…
-
ErrTraffic Exploits Visual Page Breaks to Fuel ClickFix Attacks, Rebranding Exploits as “GlitchFix”
ErrTraffic is a Traffic Distribution System (TDS) designed to power ClickFix social engineering attacks. Unlike traditional fake update prompts, ErrTraffic deliberately breaks website visuals creating garbled text, distorted CSS, and cursor jitter to convince victims their device is actually broken. Visual chaos technique, called >>GlitchFix,<>fixing<< their systems by running malware. […] The post ErrTraffic Exploits Visual Page Breaks…
-
Contagious Interview turns VS Code into an attack vector
Social engineering to developer trust abuse: The effectiveness of the campaign hinges on social engineering rather than technical exploitation. Victims are tricked into interacting with unfamiliar repositories as part of legitimate-looking projects. Once the repository is opened, VS Code’s built-in trust prompt becomes the key, and approving it enables the malicious task execution chain without…
-
‘CrashFix’ Scam Crashes Browsers, Delivers Malware
The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/crashfix-scam-crashes-browsers-delivers-malware
-
PDFSIDER Malware Exploitation of DLL Side-Loading for AV and EDR Evasion
Threat actors use PDFSIDER malware with social engineering and DLL sideloading to bypass AV/EDR, and ransomware gangs already abuse it. Resecurity has learned about PDFSIDER during an investigation of a network intrusion attempt that was successfully prevented by a Fortune 100 energy corporation. The threat actor contacted their staff, impersonating technical support, and used social…
-
KI-gestütztes Social Engineering setzt den KMUs zunehmend zu
Die Bedrohungslage für KMU ist ernst und sie verschärft sich weiter. KI-gestütztes Social Engineering erhöht nicht nur die Erfolgswahrscheinlichkeit von Angriffen, sondern auch den operativen und finanziellen Druck auf Unternehmen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-gestuetztes-social-engineering-setzt-den-kmus-zunehmend-zu/a43416/
-
What is AI fuzzing? And what tools, threats and challenges generative AI brings
Tags: ai, attack, breach, ceo, chatgpt, china, cisco, cve, cyber, cyberattack, cybercrime, cybersecurity, data, finance, gartner, google, government, group, hacker, injection, intelligence, LLM, malicious, mitre, open-source, RedTeam, russia, service, social-engineering, software, sql, technology, threat, tool, usa, vulnerabilityHow fuzzing works: In 2019, AI meant machine learning, and it was emerging as a new technique for generating test cases. The way traditional fuzzing works is you generate a lot of different inputs to an application in an attempt to crash it. Since every application accepts inputs in different ways, that requires a lot…
-
Allianz: KI birgt große Gefahr für Unternehmen
Tags: ai, cyberattack, cybercrime, encryption, extortion, germany, hacker, mail, risk, social-engineering, softwareKI birgt zahlreiche Risiken für die Sicherheit in Unternehmen.Künstliche Intelligenz (KI) hat sich nach Einschätzung der Allianz zu einem der größten globalen Geschäftsrisiken für Unternehmen entwickelt. Im neuen “Risikobarometer” des Unternehmensversicherers Allianz Commercial ist die KI vom zehnten auf den zweiten Platz hinter dem langjährigen Spitzenreiter Cyberkriminalität emporgeschossen.Beides steht in Zusammenhang: Kriminelle Hacker nutzen demnach…
-
Cybercrime Inc.: When hackers are better organized than IT
Tags: access, ai, attack, automation, awareness, botnet, breach, business, communications, compliance, computing, control, corporate, credentials, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, email, exploit, finance, group, hacker, healthcare, incident response, intelligence, jobs, leak, malicious, malware, marketplace, network, organized, phishing, programming, ransom, ransomware, resilience, risk, service, social-engineering, software, supply-chain, technology, tool, training, update, vulnerabilityRansomware-as-a-service: The Amazon of crime: The ransomware-as-a-service (RaaS) model has also revolutionized the cybercrime business. Criminal groups offer their malware like a software product. Attackers can license the code, select targets, and launch attacks, all without in-depth programming knowledge. The operator receives a commission for this.Thus, a marketplace developed where services, tools, and data are traded like…
-
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Tags: access, attack, best-practice, cloud, cve, cyber, exploit, firmware, flaw, Internet, malicious, microsoft, mitre, ntlm, office, rce, remote-code-execution, service, social-engineering, sql, technology, update, vulnerability, windows, zero-day8Critical 105Important 0Moderate 0Low Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild. Microsoft patched 113 CVEs in its January 2026 Patch Tuesday release, with eight rated critical and 105 rated as important. Our counts omitted one CVE that was assigned by…
-
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Tags: access, attack, best-practice, cloud, cve, cyber, exploit, firmware, flaw, Internet, malicious, microsoft, mitre, ntlm, office, rce, remote-code-execution, service, social-engineering, sql, technology, update, vulnerability, windows, zero-day8Critical 105Important 0Moderate 0Low Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild. Microsoft patched 113 CVEs in its January 2026 Patch Tuesday release, with eight rated critical and 105 rated as important. Our counts omitted one CVE that was assigned by…
-
Top 10 vendors for AI-enabled security, according to CISOs
Tags: access, ai, api, attack, automation, business, ceo, cisco, ciso, cloud, container, crowdstrike, cybersecurity, data, detection, edr, email, encryption, endpoint, firewall, gartner, google, governance, group, ibm, identity, incident response, intelligence, jobs, mandiant, microsoft, monitoring, network, openai, phishing, ransomware, risk, risk-assessment, service, siem, soar, soc, social-engineering, software, startup, technology, threat, tool, vmware, vulnerability, waf, zero-trust2. Microsoft: Why they’re here: Similar to Cisco, Microsoft is embedded in virtually every enterprise, and is also a vendor that has marshalled its considerable resources to build an AI-powered security ecosystem. The platform includes Microsoft Defender for securing cloud environments, Microsoft Sentinel for cloud-native SIEM, Microsoft Purview for data governance, Microsoft Intune for endpoint…
-
Hackers Exploit Browserthe-Browser Trick to Hijack Facebook Accounts
Tags: authentication, credentials, cyber, exploit, hacker, login, phishing, social-engineering, theft, windowsFacebook’s massive 3 billion active users make it an attractive target for sophisticated phishing campaigns. As attackers grow more inventive, a hazardous technique is gaining traction: the >>Browser-in-the-Browser<< (BitB) attack. This advanced social engineering method creates custom-built fake login pop-ups that are nearly indistinguishable from legitimate authentication windows, enabling credential theft on an unprecedented scale.…
-
Fintech firm Betterment confirms data breach after hackers send fake crypto scam notification to users
Hackers gained access to some Betterment customers’ personal information through a social engineering attack, then targeted some of them with a crypto-related phishing message. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/12/fintech-firm-betterment-confirms-data-breach-after-hackers-send-fake-crypto-scam-notification-to-users/
-
Cybercriminals Exploit Maduro Arrest News to Spread Backdoor Malware
Tags: attack, backdoor, cyber, cybercrime, email, exploit, malicious, malware, phishing, social-engineering, spear-phishing, threatCybercriminals are leveraging reports of Venezuelan President Nicolás Maduro’s arrest on January 3, 2025, to distribute backdoor malware through a sophisticated social engineering campaign. Security researchers at Darktrace have uncovered a malicious operation that exploits this high-profile geopolitical event to compromise unsuspecting victims. Attack Method The threat actors likely used spear-phishing emails containing a ZIP…
-
PeekBoo! 🫣 Emoji Smuggling and Modern LLMs FireTail Blog
Tags: ai, computer, control, cybersecurity, data, exploit, injection, LLM, malicious, monitoring, risk, social-engineering, tactics, threat, tool, vulnerabilityJan 09, 2026 – Viktor Markopoulos – We often trust what we see. In cybersecurity, we are trained to look for suspicious links, strange file extensions, or garbled code. But what if the threat looked exactly like a smiling face sent by a colleague?Based on research by Paul Butler and building on FireTail’s previous disclosures…