Tag: social-engineering
-
ClickFix Attack Abuses finger.exe to Execute Malicious Code
Cybersecurity researchers have identified a resurgence in the abuse of legacy Windows protocols, specifically the finger.exe command, to facilitate social engineering attacks. Since November 2025, threat actors have integrated this decades-old utility into the >>ClickFix
-
KnowBe4 startet Deepfake-Training gegen KI-gestützte Social Engineering Bedrohungen
Deepfake-Videoinhalte werden immer realistischer und sind immer schwerer von der Realität zu unterscheiden. Führungskräfte im Bereich Cybersicherheit müssen ihre Unternehmen auf neue und aufkommende Bedrohungen vorbereiten und einen proaktiven Ansatz für ihre gesamten Schutzmaßnahmen verfolgen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/knowbe4-startet-deepfake-training-gegen-ki-gestuetzte-social-engineering-bedrohungen/a43213/
-
New ClickFix Attacks Exploit Official ChatGPT Website to Deliver macOS Infostealer
Infostealers have become 2025’s fastest-growing cyberthreat, targeting all operating systems and regions with sophisticated social engineering tactics. In a new campaign discovered by Kaspersky experts, attackers are exploiting users’ interest in OpenAI’s Atlas browser by leveraging the official ChatGPT website itself as a hosting platform for malicious installation guides. The attack begins with paid search…
-
Report Surfaces Multiple Novel Social Engineering Tactics and Techniques
HP’s latest threat report reveals rising use of sophisticated social engineering, SVG-based attacks, fake software updates, and AI-enhanced malware as cybercriminals escalate tactics to evade detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/report-surfaces-multiple-novel-social-engineering-tactics-and-techniques/
-
Report Surfaces Multiple Novel Social Engineering Tactics and Techniques
HP’s latest threat report reveals rising use of sophisticated social engineering, SVG-based attacks, fake software updates, and AI-enhanced malware as cybercriminals escalate tactics to evade detection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/report-surfaces-multiple-novel-social-engineering-tactics-and-techniques/
-
Ivantis EPM-Systeme anfällig für Angriffe
Tags: access, api, authentication, bug, cisa, cve, cvss, cyberattack, exploit, infrastructure, Internet, ivanti, malware, ransomware, social-engineering, software, update, vulnerability, xssUnternehmen sollten ihre EPM-Systeme von Ivanti so bald wie möglich patchen, da dort schwerwiegende Sicherheitslücken entdeckt wurden.Ivanti hat kürzlich einen schwerwiegenden Fehler in seinen EMP-Systemen gemeldet, der Admin-Sitzungen ohne Authentifizierung erlaubt. Angreifer könnten dadurch möglicherweise Tausende von Unternehmensgeräten kontrollieren.Der Software-Anbieter veröffentlichte die EPM-Version 2024 SU4 SR1, um mehrere Schwachstellen zu beheben. Dazu gehört die kritische…
-
Ivantis EPM-Systeme anfällig für Angriffe
Tags: access, api, authentication, bug, cisa, cve, cvss, cyberattack, exploit, infrastructure, Internet, ivanti, malware, ransomware, social-engineering, software, update, vulnerability, xssUnternehmen sollten ihre EPM-Systeme von Ivanti so bald wie möglich patchen, da dort schwerwiegende Sicherheitslücken entdeckt wurden.Ivanti hat kürzlich einen schwerwiegenden Fehler in seinen EMP-Systemen gemeldet, der Admin-Sitzungen ohne Authentifizierung erlaubt. Angreifer könnten dadurch möglicherweise Tausende von Unternehmensgeräten kontrollieren.Der Software-Anbieter veröffentlichte die EPM-Version 2024 SU4 SR1, um mehrere Schwachstellen zu beheben. Dazu gehört die kritische…
-
CastleLoader Malware Now Uses Python Loader to Bypass Security
Cybersecurity researchers at Blackpoint Cyber discovered a new, evasive CastleLoader malware variant using Python and ClickFix social engineering to deliver RATs and info-stealers directly from memory. First seen on hackread.com Jump to article: hackread.com/castleloader-malware-python-loader-bypass-security/
-
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims’ computers. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/clickfix-style-attack-grok-chatgpt-malware
-
Sicherheitshypotheken mit langer Laufzeit durch interne KI-Agenten
Cyberkriminelle werden auch in den kommenden zwölf Monaten neue Angriffswege ausloten. Die KI wird ihnen dabei in vielen Bereichen helfen. Wir sehen vier große Trends auf die IT-Sicherheitsverantwortlichen zukommen: Erstens werden Hacker vor allem zwei Angriffswege nutzen, um Opfernetze zu kompromittieren: Zum einem ist Social-Engineering ‘dank” der für breite Nutzerkreise verfügbaren generativen künstlichen Intelligenz nicht…
-
Sicherheitshypotheken mit langer Laufzeit durch interne KI-Agenten
Cyberkriminelle werden auch in den kommenden zwölf Monaten neue Angriffswege ausloten. Die KI wird ihnen dabei in vielen Bereichen helfen. Wir sehen vier große Trends auf die IT-Sicherheitsverantwortlichen zukommen: Erstens werden Hacker vor allem zwei Angriffswege nutzen, um Opfernetze zu kompromittieren: Zum einem ist Social-Engineering ‘dank” der für breite Nutzerkreise verfügbaren generativen künstlichen Intelligenz nicht…
-
California man pleads guilty to RICO charges as DOJ indicts crypto theft gang
Evan Tangeman became the ninth person to plead guilty as part of a wider Justice Department takedown of a criminal group known as the Social Engineering Enterprise. First seen on therecord.media Jump to article: therecord.media/california-man-pleads-guilty-rico-charges-crypto-theft
-
California man pleads guilty to RICO charges as DOJ indicts crypto theft gang
Evan Tangeman became the ninth person to plead guilty as part of a wider Justice Department takedown of a criminal group known as the Social Engineering Enterprise. First seen on therecord.media Jump to article: therecord.media/california-man-pleads-guilty-rico-charges-crypto-theft
-
New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims via Microsoft Teams and culminates in fileless malware execution through memory-based reflection techniques. The infection…
-
New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims via Microsoft Teams and culminates in fileless malware execution through memory-based reflection techniques. The infection…
-
Threat Actors Distribute CoinMiner Malware through USB Drives to Infect Workstations
Tags: crypto, cyber, cybercrime, detection, exploit, infection, intelligence, malware, social-engineering, threatCybercriminals continue to exploit USB drives as infection vectors, with recent campaigns delivering sophisticated CoinMiner malware that establishes persistent cryptocurrency-mining operations on compromised workstations. Security researchers have documented an evolving threat that leverages social engineering and evasion techniques to avoid detection while mining Monero cryptocurrency on infected systems. In February 2025, AhnLab Security Intelligence Center…
-
MuddyWater Hackers Use UDPGangster Backdoor to Bypass Network Defenses on Windows
The MuddyWater threat group has escalated its cyber espionage operations by deploying UDPGangster, a sophisticated UDP-based backdoor designed to infiltrate Windows systems while systematically evading traditional network defenses. Recent intelligence gathered by FortiGuard Labs reveals coordinated campaigns targeting high-value victims across Turkey, Israel, and Azerbaijan, employing social engineering tactics paired with advanced anti-analysis techniques that…
-
Russian Hackers Imitate European Events in Coordinated Phishing Campaigns
Tags: authentication, cloud, conference, cyber, cybersecurity, email, google, government, hacker, microsoft, phishing, russia, social-engineeringRussian state-linked hackers are impersonating high-profile European security conferences to compromise cloud email and collaboration accounts at governments, think tanks, and policy organizations, according to new research from cybersecurity firm Volexity. The campaigns, active through late 2025, abuse legitimate Microsoft and Google authentication workflows and rely on painstaking social engineering to trick victims into effectively…
-
Threat Actors Exploit Foxit PDF Reader to Seize System Access and Steal Data
A sophisticated malware campaign is leveraging a weaponized Foxit PDF Reader to target job seekers through email-based attacks, deploying ValleyRAT. This remote access trojan grants threat actors complete system control and data exfiltration capabilities. Security researchers have identified a significant uptick in this campaign, which combines social engineering, obfuscation techniques, and dynamic-link library (DLL) sideloading…
-
Submarine cable cybersecurity: protecting critical infrastructure
Tags: 5G, ai, awareness, business, cloud, compliance, computing, control, cyber, cybersecurity, data, detection, framework, google, government, infrastructure, intelligence, international, Internet, iot, microsoft, network, resilience, risk, service, social-engineering, software, technology, threat, tool, trainingthink tank Atlantic Council identifies several trends that threaten the security of submarine cables. On the one hand, linked to the geostrategic issue, the presence of authoritarian governments are reshaping the internet’s physical layout through companies that control internet infrastructure, to route data more favorably, interrupting the provision of services or taking advantage of infrastructures…
-
Smashing Security podcast #446: A hacker doxxes himself, and social engineering-as-a-service
A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer… and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime and how next year could be even nastier than 2025. First seen…
-
Hackers ready threat campaign aimed at Zendesk environments
Researchers warn that hackers linked to recent social engineering attacks are targeting customer service environments.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-threat-campaign-zendesk-environments/806666/
-
Hackers ready threat campaign aimed at Zendesk environments
Researchers warn that hackers linked to recent social engineering attacks are targeting customer service environments.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-threat-campaign-zendesk-environments/806666/
-
Contagious Interview attackers go ‘full stack’ to fool developers
Tags: attack, control, credentials, crypto, data, endpoint, exploit, github, infrastructure, intelligence, macOS, malicious, malware, open-source, social-engineering, supply-chain, theft, threat, update, windows, wormCoding tasks lead to malware delivery: These defensive measures are effective because Contagious Interview’s entry vector relies heavily on social engineering, using fake interview tasks to trick developers into installing compromised dependencies.The campaign exploits NPM, a widely used package registry for JavaScript and Node.js, by publishing packages that appear benign but carry hidden payloads. The…
-
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
BitSight research has revealed how threat actors exploit calendar subscriptions to deliver phishing links, malware and social engineering attacks through hijacked domains First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/threat-actors-exploit-calendar-subs/
-
Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
BitSight research has revealed how threat actors exploit calendar subscriptions to deliver phishing links, malware and social engineering attacks through hijacked domains First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/threat-actors-exploit-calendar-subs/
-
OpenAI-Dienstleister gehackt
Cyberkriminelle sind in das System des Datenanalyseanbieters von OpenAI eingedrungen.Laut einer Mitteilung von OpenAI haben sich Cyberkriminelle Anfang November Zugriff auf die Systeme des Analysedienst Mixpanel verschafft. Demnach wurden dabei Daten von API-Nutzern abgegriffen.Folgende Informationen sind möglicherweise davon betroffen:Name im API-Konto,E-Mail-Adressen, die mit dem API-Konto verknüpft sind,Ungefährer Standort basierend auf dem Browser des API-Nutzers (Stadt,…
-
AI browsers can be tricked with malicious prompts hidden in URL fragments
Tricking users into clicking poisoned links: HashJack is essentially a social engineering attack because it relies on tricking users to click on specially crafted URLs inside emails, chats, websites, or documents. However, this attack can be highly credible because it points to legitimate websites.For example, imagine a spoofed email that claims to be from a…
-
AI browsers can be tricked with malicious prompts hidden in URL fragments
Tricking users into clicking poisoned links: HashJack is essentially a social engineering attack because it relies on tricking users to click on specially crafted URLs inside emails, chats, websites, or documents. However, this attack can be highly credible because it points to legitimate websites.For example, imagine a spoofed email that claims to be from a…
-
Neue ClickFix-Kampagne nutzt Fake-Windows-Updates
Tags: captcha, cyberattack, endpoint, group, malware, monitoring, phishing, powershell, social-engineering, update, windowsCyberkriminelle nutzen eine gefälschte Windows-Update-Seite, um Mitarbeiter anzugreifen.Forscher des Security-Anbieters Huntress sind kürzlich auf eine neue ClickFix-Kampagne gestoßen, die auf Mitarbeiter in Unternehmen zielt. Laut Forschungsbericht haben die Angreifer ihre Malware dabei in den Pixeln eines Bildes versteckt, das eine Windows-Update-Seite vortäuscht. Dort werden die Benutzer aufgefordert, auf Ausführen zu klicken, um einen bösartigen Befehl…