Tag: social-engineering
-
Modern supply-chain attacks and their real-world impact
Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-dayThis is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
-
Modern supply-chain attacks and their real-world impact
Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-dayThis is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
-
Modern supply-chain attacks and their real-world impact
Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-dayThis is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
-
Hackernoon: How AI Phishing Is Putting Schools at Risk
This article was originally published in Hackernoon on 10/29/25 by Charlie Sander. AI is super-charging social engineering, and K-12 is still a precious target With an average of 2,739 edtech tools per district, staff and students rely heavily on laptops and classroom tech that must be protected from the latest threats. Today, these include anything from convincing…
-
Hackernoon: How AI Phishing Is Putting Schools at Risk
This article was originally published in Hackernoon on 10/29/25 by Charlie Sander. AI is super-charging social engineering, and K-12 is still a precious target With an average of 2,739 edtech tools per district, staff and students rely heavily on laptops and classroom tech that must be protected from the latest threats. Today, these include anything from convincing…
-
Legitime Plattformen werden zunehmend von Cyberkriminellen missbraucht
KnowBe4 veröffentlich neue Forschungsergebnisse aus ihrem ‘2025 Phishing Threat Trends Report Vol. Six” , die grundlegende Veränderungen in den Taktiken von Cybersicherheitsangreifern aufzeigen und zu einem deutlichen Anstieg der Phishing-Angriffe aus kompromittierten Konten führen. ‘Da Cyberkriminelle technische Abwehrmaßnahmen mithilfe von Techniken wie der Übernahme legitimer Plattformen umgehen und ihre Opfer durch eine Vielzahl ausgefeilter Social-Engineering-Methoden…
-
TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World Lessons
Tags: access, ai, attack, authentication, awareness, backup, breach, business, ceo, ciso, computer, country, crime, cyber, cybersecurity, data, deep-fake, email, exploit, extortion, finance, firewall, framework, fraud, government, group, guide, healthcare, ibm, incident, incident response, infrastructure, insurance, intelligence, law, mfa, microsoft, penetration-testing, phone, powershell, ransom, ransomware, risk, russia, scam, service, social-engineering, strategy, tactics, technology, theft, threat, tool, training, vpn, vulnerability, zero-daySummary In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape. Rau notes that the past summer was exceptionally busy for IR, driven largely by zero-day firewall vulnerabilities. He highlights that threat actors are innovating, even using AI chatbots for…
-
TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World Lessons
Tags: access, ai, attack, authentication, awareness, backup, breach, business, ceo, ciso, computer, country, crime, cyber, cybersecurity, data, deep-fake, email, exploit, extortion, finance, firewall, framework, fraud, government, group, guide, healthcare, ibm, incident, incident response, infrastructure, insurance, intelligence, law, mfa, microsoft, penetration-testing, phone, powershell, ransom, ransomware, risk, russia, scam, service, social-engineering, strategy, tactics, technology, theft, threat, tool, training, vpn, vulnerability, zero-daySummary In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape. Rau notes that the past summer was exceptionally busy for IR, driven largely by zero-day firewall vulnerabilities. He highlights that threat actors are innovating, even using AI chatbots for…
-
Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign is the exploitation of the Windows shortcut (LNK) UI misrepresentation vulnerability”, ZDI-CAN-25373, first disclosed in March 2025″, paired with tailored social engineering schemes mimicking authentic diplomatic conferences. UNC6384, previously documented…
-
Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign is the exploitation of the Windows shortcut (LNK) UI misrepresentation vulnerability”, ZDI-CAN-25373, first disclosed in March 2025″, paired with tailored social engineering schemes mimicking authentic diplomatic conferences. UNC6384, previously documented…
-
Lampion Stealer Resurfaces with ClickFix Attack to Steal User Credentials Stealthily
Tags: attack, banking, credentials, cyber, cybercrime, group, infection, malware, social-engineering, threatA Brazilian cybercriminal group has refined its long-running malware distribution campaign by incorporating innovative social engineering techniques and multi-stage infection chains to deliver the Lampion banking trojan. The campaign, which has operated continuously since at least June 2024 following its initial discovery in 2019, demonstrates the threat actor’s commitment to operational stealth and evasion. The…
-
Cybercriminals Launch Flood of Fake Forex Platforms to Harvest Logins
Fraudulent investment platforms impersonating legitimate cryptocurrency and forex exchanges have emerged as the primary financial threat across Asia, with organized crime groups operating at unprecedented scale. These sophisticated scams leverage social engineering tactics to deceive victims into transferring funds to attacker-controlled systems, blurring the lines between legitimate trading and criminal enterprise. The threat extends far…
-
BlueNoroff reemerges with new campaigns for crypto theft and espionage
Tags: attack, blockchain, credentials, crypto, espionage, github, group, jobs, lazarus, malware, social-engineering, supply-chain, theft, toolFake recruiters with real malware: The GhostHire operation takes a different approach, targeting Web3 developers through fake job offers and recruitment tests. Here BlueNoroff sets up fake developer tasks, often hosted on GitHub or shared via Telegram bots. “Based on historical attack cases of this campaign, we assess with medium confidence that this attack flow…
-
Is your perimeter having an identity crisis?
Tags: access, ai, attack, authentication, breach, business, cloud, communications, credentials, data, data-breach, defense, detection, email, endpoint, identity, infrastructure, intelligence, malicious, mfa, mobile, network, phishing, phone, RedTeam, resilience, smishing, social-engineering, strategy, tactics, threatCraft phishing, smishing and vishing. Creating hyper-personalized emails that can be grammatically perfect, contextually aware and emotionally resonant. These messages no longer demonstrate the telltale signs of traditional phishing like broken English or generic greetings.Synthesize trust. Using voice-cloning AI to leave a quick, urgent voicemail from a trusted executive, bypassing the skepticism you’ve trained into…
-
10 NPM Packages That Automatically Run on Install and Steal Credentials
Tags: attack, authentication, credentials, cyber, data, linux, macOS, malicious, malware, social-engineering, supply-chain, tactics, theft, threat, windowsA sophisticated supply chain attack involving ten malicious npm packages that execute automatically upon installation and deploy a comprehensive credential theft operation. The malware uses advanced obfuscation techniques, social engineering tactics, and cross-platform functionality to harvest sensitive authentication data from developers’ systems across Windows, Linux, and macOS environments. Socket’s Threat Research Team has uncovered a…
-
Ransomware Hackers Look for New Tactics Amid Falling Profits
Digital Extortionists Try Recruiting Insiders, Email Barrages. Collective efforts to bolster cybersecurity defenses have been taking a big bite out of ransomware groups’ earnings, leading groups to reach for new strategies, including social engineering, supply chain attacks, extortion services and bribing insiders, warn incident response experts. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ransomware-hackers-look-for-new-tactics-amid-falling-profits-a-29867
-
FileFix + Cache Smuggling: A New Evasion Combo
Cybersecurity researchers have uncovered a sophisticated evolution in phishing attacks that combines FileFix social engineering with cache smuggling techniques to bypass modern security defenses. This hybrid attack method eliminates the need for malicious code to make web requests, instead extracting payloads directly from the browser’s cache where they were planted through cache smuggling. The technique…
-
Zunehmende Bedrohung durch menschzentrierte Cyberangriffe
Bedrohungsakteure ändern ihre Taktik, um menschliche Kontaktpunkte aus jedem Blickwinkel anzugehen innerhalb von Geschäftsabläufen und über Kanäle hinweg , um koordinierte Kampagnen durchzuführen, die herkömmliche Abwehrmaßnahmen überwältigen. Die Auswertung des Global Threat Intelligence Report für 2025 von Mimecast zeigt zentrale Trends, darunter den Anstieg intelligenter KI-gestützter Phishing- und Social-Engineering-Angriffe sowie die verstärkte Nutzung… First seen…
-
News alert: Arsen rolls out ‘Smishing Simulation’ to strengthen defenses against mobile phishing threats
PARIS, Oct. 24, 2025, CyberNewswire, Arsen, the cybersecurity company dedicated to helping organizations defend against social engineering, today introduced its new Smishing Simulation module: a feature designed to let companies run realistic, large-scale SMS phishing simulations across their… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/news-alert-arsen-rolls-out-smishing-simulation-to-strengthen-defenses-against-mobile-phishing-threats/
-
Scammers try to trick LastPass users into giving up credentials by telling them they’re dead
Tags: access, advisory, authentication, breach, corporate, credentials, crypto, cybercrime, email, google, group, infosec, intelligence, login, mail, malicious, mfa, mitigation, password, phishing, phone, scam, social-engineering, threatStaff should be using MFA: CSOs and IT managers should ensure that any password managers their employees use have phishing-resistant multifactor authentication or require an additional login factor, so if staff fall for a scam like this, the scammer can’t log in just using stolen credentials, Grimes said.If the corporate approved password manager doesn’t allow…
-
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats
Tags: attack, ciso, cyber, cybersecurity, mobile, mssp, phishing, smishing, social-engineering, threatParis, France, October 24th, 2025, CyberNewsWire Arsen, the cybersecurity company dedicated to helping organizations defend against social engineering, today introduced its new Smishing Simulation module: a feature designed to let companies run realistic, large-scale SMS phishing simulations across their teams. Designed to address the growing wave of mobile-based attacks, the new module gives CISOs, MSSPs,…
-
Mimecast veröffentlicht seinen Global Threat Intelligence Report 2025
Die Auswertungen zeigen einen signifikanten Anstieg von Social-Engineering-Angriffen einschließlich Kampagnen wie ClickFix, KI-unterstütztem Phishing und Business Email Compromise (BEC) First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mimecast-veroeffentlicht-seinen-global-threat-intelligence-report-2025/a42484/
-
Google Warns of Cybercriminals Using Fake Job Postings to Spread Malware and Steal Credentials
Tags: corporate, credentials, cyber, cybercrime, google, group, intelligence, jobs, malware, social-engineering, threatGoogle’s Threat Intelligence Group (GTIG) has uncovered a sophisticated social engineering campaign orchestrated by financially motivated threat actors based in Vietnam. The ultimate objective is to compromise corporate advertising accounts and steal valuable credentials for resale or direct monetization. The threat cluster specifically targets remote workers in digital advertising roles, focusing on individuals with contract…
-
North Korea’s Lazarus group attacked three companies involved in drone development
The attacks, which involved fake job offers as a social engineering lure, were likely aimed at stealing proprietary information about drone manufacturing, ESET said in a report. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-lazarus-attacks-drone-companies/
-
Social engineering gains ground as preferred method of initial access
Senior executives and high-net-worth individuals are increasingly at risk as hackers use deepfakes, voice cloning and other tactics for targeted attacks.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/social-engineering-preferred-initial-access/803363/
-
Russian hackers evolve malware pushed in “I am not a robot” captchas
The Russian state-backed Star Blizzard hacker group has ramped up operations with new, constantly evolving malware families (NoRobot, MaybeRobot) deployed in complex delivery chains that start with ClickFix social engineering attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-hackers-evolve-malware-pushed-in-i-am-not-a-robot-clickfix-attacks/
-
AI-Driven Social Engineering Top Cyber Threat for 2026, ISACA Survey Reveals
Only one in ten IT and cybersecurity professionals feels “very prepared” to manage generative AI risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-social-engineering-top-cyber/
-
North Korean threat actors turn blockchains into malware delivery servers
Used in North Korean fake recruitment campaigns: As opposed to other nation-state actors, North Korean APT groups are known to conduct cybercriminal activity in addition to cyberespionage, because their goal includes gathering funds for the regime.One way they do this is by stealing cryptocurrency from companies and individuals. Between 2017 and 2023, it is estimated…
-
North Korean threat actors turn blockchains into malware delivery servers
Used in North Korean fake recruitment campaigns: As opposed to other nation-state actors, North Korean APT groups are known to conduct cybercriminal activity in addition to cyberespionage, because their goal includes gathering funds for the regime.One way they do this is by stealing cryptocurrency from companies and individuals. Between 2017 and 2023, it is estimated…
-
New Tech Support Scam Exploits Microsoft Logo to Steal User Credentials
Microsoft’s name and branding have long been associated with trust in computing, security, and innovation. Yet a newly uncovered campaign by the Cofense Phishing Defense Center demonstrates that even the most recognized logos can be hijacked by threat actors to exploit user trust. By blending classic social engineering tactics with advanced deceptive overlays, this scam…