ReliaQuest Uncovers New Black Basta Social Engineering Technique - ReliaQuest
ReliaQuest has observed a new Black Basta social engineering campaign targeting users via Microsoft Teams and malicious QR codes.
File hosting services misused for identity phishing
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
Don’t get Mad, get wise
The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for
Ongoing Social Engineering Campaign Refreshes Payloads
On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing Techniques, Tactics, and Procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7.
Open Source Security (OpenSSF) and OpenJS Foundations Issue Alert for Social Engineering Takeovers of Open Source Projects
XZ Utils cyberattack likely not an isolated incident
Scattered Spider laying new eggs
Discover the techniques, tactics (TTPs) used by Scattered Spider intrusion set, including social engineering and targeted phishing campaigns.