Tag: social-engineering
-
FBI: Watch out for these signs Scattered Spider is spinning its web around your org
New malware, even better social engineering chops First seen on theregister.com Jump to article: www.theregister.com/2025/07/29/fbi_scattered_spider_alert/
-
Allianz Life Data Breach Hits 1.4 Million Customers
Tags: breach, data, data-breach, exploit, finance, insurance, risk, social-engineering, supply-chain, tacticsAllianz Life Insurance confirms a July 2025 data breach impacting 1.4 million customers, financial pros and employees. Learn how social engineering exploited a third-party CRM, the hallmarks of Scattered Spider tactics, and the broader risks of supply chain vulnerabilities. First seen on hackread.com Jump to article: hackread.com/allianz-life-data-breach-hits-1-4-million-customers/
-
How the Browser Became the Main Cyber Battleground
Until recently, the cyber attacker methodology behind the biggest breaches of the last decade or so has been pretty consistent:Compromise an endpoint via software exploit, or social engineering a user to run malware on their device; Find ways to move laterally inside the network and compromise privileged identities;Repeat as needed until you can execute your…
-
How Scattered Spider Used Fake Calls to Breach Clorox via Cognizant
Specops Software’s analysis reveals how Scattered Spider’s persistent help desk exploitation cost Clorox $400 million. Understand the August 2023 breach, its operational disruption, and critical steps organisations must take to protect against similar social engineering threats. First seen on hackread.com Jump to article: hackread.com/how-scattered-spider-fake-calls-breach-clorox-cognizant/
-
How AI red teams find hidden flaws before attackers do
Tags: access, ai, api, attack, authentication, ceo, computer, control, cyber, data, data-breach, exploit, flaw, guide, hacker, identity, infrastructure, injection, LLM, malicious, microsoft, psychology, RedTeam, risk, service, skills, social-engineering, sql, technology, threat, tool, training, vulnerabilityA red teaming sequence in action Connor Tumbleson, director of engineering at Sourcetoad, breaks down a common AI pen testing workflow: Prompt extraction: Use known tricks to reveal hidden prompts or system instructions. “That’s going to give you details to go further.”Endpoint targeting: Bypass frontend logic and directly access the model’s backend interface. “We’re hitting…
-
Scattered Spider Launching Ransomware on Hijacked VMware Systems, Google
A new report from Google’s GTIG reveals how UNC3944 (0ktapus) uses social engineering to compromise Active Directory, then exploits VMware vSphere for data theft and direct ransomware deployment. Understand their tactics and learn vital mitigation steps. First seen on hackread.com Jump to article: hackread.com/scattered-spider-ransomware-hijack-vmware-systems-google/
-
Allianz Life discloses massive data breach linked to supply-chain attack
The intrusion comes amid a wave of recent social-engineering attacks targeting the insurance sector and other industries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/allianz-life-data-breach-supply-chain-attack/754192/
-
Social engineering attack obtains data on ‘majority’ of Allianz Life customers
Minneapolis-based Allianz Life said “a malicious threat actor gained access to a third-party CRM system” earlier in July, breaching data of a large amount of its customers. First seen on therecord.media Jump to article: therecord.media/allianz-life-social-engineering-data-breach
-
Scattered Spider targets VMware ESXi in using social engineering
Scattered Spider targets VMware ESXi in North America using social engineering, mainly fake IT help desk calls instead of software exploits. The cybercrime group Scattered Spider (aka 0ktapus, Muddled Libra, Octo Tempest, and UNC3944) is targeting VMware ESXi hypervisors in retail, airline, and transportation sectors across North America. According to Google’s Mandiant team, the group…
-
Allianz Life data breach exposed the data of most of its 1.4M customers
Allianz Life data breach exposed data of most of 1.4M customers via third-party CRM hack using social engineering. Allianz Life confirmed a data breach exposing personal information of most of its 1.4 million customers. On July 16, 2025, a threat actor accessed a third-party CRM system using social engineering, compromising the data of customers, financial…
-
Malware Campaign Uses YouTube and Discord to Harvest Credentials from Computers
The Acronis Threat Research Unit (TRU) has uncovered a sophisticated malware campaign deploying infostealers like Leet Stealer, its modified variant RMC Stealer, and Sniffer Stealer, leveraging social engineering tactics centered on gaming hype. These threats masquerade as indie game installers, such as Baruda Quest, Warstorm Fire, and Dire Talon, promoted via fraudulent websites and fake…
-
The books shaping today’s cybersecurity leaders
Tags: breach, business, ciso, control, cyber, cybersecurity, email, exploit, finance, framework, group, guide, hacker, intelligence, law, psychology, resilience, risk, skills, social-engineering, strategy, technology, theft, threat, tool, vulnerabilityby Douglas W. Hubbard and Richard Seiersen, was recommended by several CISOs including Daniel Schatz, Qiagen’s CISO, and Wolfgang Goerlich, faculty IANS and Oakland County’s CISO.James Blake, Cohesity’s CISO, said it’s a useful resource that provides spreadsheets and methods for semi-quantitative risk assessment. Similar to FAIR (factor analysis of information risk), this book provides tools…
-
7 Security-Praktiken zum Abgewöhnen
Tags: 2fa, access, antivirus, api, authentication, awareness, cio, ciso, cloud, compliance, cyberattack, cybersecurity, detection, edr, endpoint, grc, infrastructure, international, iot, mfa, microsoft, monitoring, phishing, ransomware, risk, service, siem, social-engineering, software, technology, tool, vpn, zero-trustAus der Zeit gefallen?Schlechte Angewohnheiten abzustellen (oder bessere zu entwickeln), ist ein Prozess, der Geduld, Selbstbeherrschung und Entschlossenheit erfordert. Das gilt sowohl auf persönlicher als auch auf Security-technischer Ebene. In diesem Artikel haben wir sieben Sicherheitspraktiken für Sie zusammengestellt, deren Haltbarkeitsdatum schon eine ganze Weile abgelaufen ist. Die meisten Arbeitsumgebungen sind heute Cloud-basiert in vielen…
-
Trump’s AI Plan Sparks Industry Praise and Warnings of Risk
Experts Warn White House AI Action Plan Could Prioritize Deregulation Over Security. The Trump administration pledged Wednesday an offensive against red tape hindering artificial intelligence developers in federal and state governments while vowing to ensure that such systems are objective rather than pursue social engineering agendas. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/trumps-ai-plan-sparks-industry-praise-warnings-risk-a-29042
-
Clorox sues Cognizant for $380M over alleged helpdesk failures in cyberattack
Tags: access, attack, breach, business, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, data-breach, deep-fake, group, mfa, password, resilience, service, social-engineering, tactics, threat, tool, trainingAttack attributed to social engineering specialists: The cyberattack in 2023 was attributed to Scattered Spider, a cybercriminal group known for sophisticated social engineering campaigns targeting IT helpdesks. However, in this case, the attackers succeeded through remarkably basic tactics rather than advanced technical methods.”Scattered Spider’s success with a plain ‘please reset my password’ call confirms that…
-
Interlock ransomware threat expands across the US and Europe, hits healthcare and smart cities
Tags: access, advisory, attack, authentication, backup, ceo, control, credentials, defense, detection, dns, endpoint, finance, firewall, firmware, government, group, healthcare, identity, infrastructure, mfa, mitigation, network, ransom, ransomware, risk, service, social-engineering, technology, threat, training, update, usa, vulnerabilityTarget sectors and global reach : The advisory did not disclose the names of targeted organizations, but noted that critical infrastructure and other organizations in North America and Europe have been targeted in the past.”Healthcare has been a primary target, with incidents involving DaVita and Kettering Health. Education, technology, manufacturing, and government have also been…
-
Top 10 MCP vulnerabilities: The hidden risks of AI integrations
Tags: access, ai, api, attack, authentication, backdoor, breach, business, data, data-breach, detection, email, encryption, github, google, identity, injection, least-privilege, LLM, login, malicious, mfa, network, risk, social-engineering, software, sql, supply-chain, theft, threat, tool, unauthorized, vulnerabilityLiving off AI attacks: A threat actor posing as an employee, business partner, or customer sends a request to a human support agent. But the request contains a hidden prompt injection with instructions that only an AI can read. When the human employee passes the request on to their AI assistant it then, by virtue…
-
Human Digital Twins Could Give Attackers a Dangerous Advantage
While this emerging technology offers many benefits, digital twins also have several drawbacks, as these convincing impersonations can be used in social engineering attacks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/human-digital-twins-attackers-dangerous-advantage
-
PoisonSeed überlistet FIDO-Schlüssel
Tags: authentication, ceo, crypto, cyberattack, encryption, fido, mfa, okta, password, phishing, qr, social-engineering, vulnerabilityCyberkriminelle nutzen die geräteübergreifende Anmeldeoption von FIDO aus, um eine von ihnen kontrollierte authentifizierte Sitzung zu erstellen.FIDO-Schlüssel verwenden eine hardwarebasierte Multi-Faktor-Authentifizierung, um Schwachstellen anderer MFA-Methoden zu beheben. Der berüchtigten Krypto-Hackergruppe PoisonSeed ist es jedoch offenbar gelungen, diese zusätzliche Sicherung zu umgehen. Forscher von Expel sind auf eine Angriffskampagne der Gruppe gestoßen, bei der FIDO mit…
-
Cybercriminals Merge Android Malware with Click Fraud Apps to Harvest Credentials
Tags: android, credentials, cyber, cybercrime, data, exploit, fraud, login, malicious, malware, social-engineering, tacticsResearchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package Kit (APK) files exploit social engineering and off-market distribution channels to evade traditional security measures, preying on user trust to exfiltrate sensitive data such as login credentials. The campaign deploys…
-
Accounting Firm Targeted by Malware Campaign Using New Crypter
An attack on a US accounting firm delivered PureRAT via Ghost Crypt, involving social engineering and advanced obfuscation techniques First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crypter-malware-targets-accounting/
-
Falsche interne E-Mails erzielen in Phishing-Simulationen die meisten Klicks
KnowBe4 veröffentlicht seinen ‘Simulated Phishing Roundup Report>> für das zweite Quartal 2025. Der Bericht zeigt einen anhaltenden Trend zur Anfälligkeit von Mitarbeitern für Social-Engineering-Techniken, die Vertrautheit und Vertrauen ausnutzen. Dies zeigt sich in den vorherrschenden Interaktionen mit internen Kommunikationskanälen und bekannten Marken, die 98 Prozent der wichtigsten E-Mail-Betreffzeilen ausmachen. Alle Daten für diesen Bericht stammen…
-
Check Point warnt vor FileFix: Social Engineering über Windows Explorer
Statt wie ClickFix auf das Ausführen-Fenster von Windows zu setzen, nutzt FileFix den Windows Explorer also ein Programm, das praktisch jeder täglich nutzt. Die Hacker greifen hier auf ein besonders perfides Vorgehen zurück First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-warnt-vor-filefix-social-engineering-ueber-windows-explorer/a41439/
-
New Veeam-Themed Phishing Attack Uses Weaponized WAV File to Target Users
Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where attackers weaponize common audio formats like WAV files to bypass traditional email security filters and…
-
Lumma Infostealer Steals Browser Data and Sells It as Logs on Underground Markets
Tags: authentication, credentials, crypto, cyber, data, login, malware, phishing, social-engineering, tactics, threatInfostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens, login credentials, cryptocurrency wallet information, personally identifiable information (PII), multifactor authentication (MFA) artifacts, and pretty much any data stored in a browser. These threats propagate via phishing operations, social engineering tactics, malvertising, and SEO-manipulated campaigns,…
-
PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
PoisonSeed group tricks users into bypassing FIDO Keys by misusing QR code logins, highlighting new social engineering risk to secure MFA. First seen on hackread.com Jump to article: hackread.com/poisonseed-trick-users-bypassing-fido-keys-qr-codes/
-
Social Engineering weiterhin wichtigstes cyberkriminelles Einfallstor
Tags: social-engineeringFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/social-engineering-wichtigkeit-cyberkriminalitaet-einfallstor
-
Social-Engineering weiterhin eines der häufigsten Einfallstore
Social-Engineering ist eine der häufigsten Techniken, die von kriminellen Akteuren eingesetzt werden, heißt es unter anderem in einem Bericht von Europol . Initial-Access-Broker konzentrieren sich demnach zunehmend darauf, solche Techniken zu nutzen, um gültige Zugangsdaten für die Systeme ihrer Opfer zu erhalten. Dieser Erstzugang kann in der Folge von cyberkriminellen Akteuren auf vielfältige Weise genutzt…
-
Hackers Exploit ClickFix Tactics to Spread NetSupport RAT, Latrodectus, and Lumma Stealer
Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into executing malicious commands under the guise of resolving common computer issues like performance glitches or verification prompts. By hijacking the clipboard through JavaScript…
-
FileFix: Wenn der Windows Explorer zur Falle wird
Cyberkriminelle nutzen mit der neuen Social-Engineering-Methode FileFix das Vertrauen der Nutzer in den Windows Explorer aus. Die Technik wirkt harmlos, birgt jedoch enormes Risiko und wird bereits aktiv eingesetzt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/filefix-windows-explorer

