Search cyberveille.decio.ch

Found 251 bookmarks

Custom sorting

Why Phishers Love New TLDs Like .shop, .top and .xyz

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) -- such as .shop, .top, .xyz -- that attract scammers with rock-bottom…

#krebsonsecurity #EN #2024 #TLDs #.shop #.top #.xyz #Phishing #scammers

·krebsonsecurity.com·Dec 9, 2024

Why Phishers Love New TLDs Like .shop, .top and .xyz

Cloudflare’s developer domains increasingly abused by threat actors

Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities.

#bleepingcomputer #EN #2024 #Abuse #Cloudflare #Cloudflare-Pages #Cloudflare-Workers #Cybercrime #Phishing

·bleepingcomputer.com·Dec 5, 2024

Cloudflare’s developer domains increasingly abused by threat actors

Abnormal Security

Discover how Dropbox was exploited in a sophisticated phishing attack that leveraged AiTM tactics to steal credentials during the open enrollment period.

#abnormalsecurity #EN #2024 #exploited #sophisticated #phishing #attack #leveraged #aitm #tactics #steal #credentials #open #dropbox #enrollment #discover #period

·abnormalsecurity.com·Nov 20, 2024

Abnormal Security

Windows infected with backdoored Linux VMs in new phishing attacks

A new phishing campaign dubbed 'CRON#TRAP' infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks.

#Backdoor #Linux #Phishing #QEMU #Virtual-Machine #Windows #Security #InfoSec #Computer-Security

·bleepingcomputer.com·Nov 13, 2024

Windows infected with backdoored Linux VMs in new phishing attacks

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits

Check Point Research is tracking an ongoing, large scale and sophisticated phishing campaign deploying the newest version of the Rhadamanthys stealer (0.7). We dubbed this campaign CopyRh(ight)adamantys. This campaign utilizes a copyright infringement theme to target various regions, including the United States, Europe, East Asia, and South America. The campaign impersonates dozens of companies, while each email is sent to a specific targeted entity from a different Gmail account, adapting the impersonated company and the language per targeted entity. Almost 70% of the impersonated companies are from Entertainment /Media and Technology/Software sectors. Analysis of the lures and targets in this campaign suggests the threat actor uses automation for lures distribution. Due to the scale of the campaign and the variety of the lures and sender emails, there is a possibility that the threat actor also utilized AI tools. One of the main updates in the Rhadamanthys stealer version according to claims by the author, is AI-powered text recognition. However, we discovered that the component introduced by Rhadamanthys does not incorporate any of the modern AI engines, but instead uses much older classic machine learning, typical for OCR software.

#checkpoint #EN #2024 #phishing #Rhadamantys #analysis #Property #Intellectual #Infringement #Baits

·research.checkpoint.com·Nov 13, 2024

CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits

Cybercriminals impersonate OpenAI in large-scale phishing attack

Since the launch of ChatGPT, OpenAI has sparked significant interest among both businesses and cybercriminals. While companies are increasingly concerned about whether their existing cybersecurity measures can adequately defend against threats curated with generative AI tools, attackers are finding new ways to exploit them. From crafting convincing phishing campaigns to deploying advanced credential harvesting and malware delivery methods, cybercriminals are using AI to target end users and capitalize on potential vulnerabilities. Barracuda threat researchers recently uncovered a large-scale OpenAI impersonation campaign targeting businesses worldwide. Attackers targeted their victims with a well-known tactic — they impersonated OpenAI with an urgent message requesting updated payment information to process a monthly subscription.

#barracuda #EN #2024 #phishing #ChatGPT #OpenAI #large-scale #impersonation

·blog.barracuda.com·Nov 11, 2024

Cybercriminals impersonate OpenAI in large-scale phishing attack

DocuSign's Envelopes API abused to send realistic fake invoices

Threat actors are abusing DocuSign's Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal.

#bleepingcomputer #EN #2024 #API #DocuSign #Invoice #Phishing #Signature #Security #InfoSec #Computer-Security

·bleepingcomputer.com·Nov 11, 2024

DocuSign's Envelopes API abused to send realistic fake invoices

North Korean hackers employ new tactics to compromise crypto-related businesses - Help Net Security

North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware.

#helpnetsecurity #EN #2024 #NorthKorea #macOS #crypto-related #malware #phishing

·helpnetsecurity.com·Nov 11, 2024

North Korean hackers employ new tactics to compromise crypto-related businesses - Help Net Security

CRON#TRAP: Emulated Linux Environments as the Latest Tactic in Malware Staging - Securonix

In a rather novel attack chain, attackers deploy a custom-made emulated QEMU Linux box to persist on endpoints, delivered through phishing emails.

#securonix #EN #2024 #Linux #CRONTRAP #QEMU #phishing #emails

·securonix.com·Nov 4, 2024

CRON#TRAP: Emulated Linux Environments as the Latest Tactic in Malware Staging - Securonix

Every Doggo Has Its Day: Unleashing the Xiū Gǒu Phishing Kit

Key data This article explores Netcraft’s research into Xiū gǒu (修狗), a phishing kit in use since at least September 2024 to deploy phishing campaigns ...

#netcraft #EN #2024 #analysis #Xiū-gǒu #phishing #kit

·netcraft.com·Oct 31, 2024

Every Doggo Has Its Day: Unleashing the Xiū Gǒu Phishing Kit

Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials - SANS Internet Storm Center

Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials, Author: Jan Kopriva

#isc.sans.edu #EN #2024 #phishing #analysis #telegram #Self-contained #SHTML #HTML #attachement #Telegram

·isc.sans.edu·Oct 28, 2024

Self-contained HTML phishing attachment using Telegram to exfiltrate stolen credentials - SANS Internet Storm Center

Microsoft creates fake Azure tenants to pull phishers into honeypots

Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them. #Accounts #Computer #Fake #Honeypot #InfoSec #Microsoft #Phishing #Security

#InfoSec #Accounts #Computer #Phishing #Honeypot #Security #Microsoft #Fake

·bleepingcomputer.com·Oct 19, 2024

Microsoft creates fake Azure tenants to pull phishers into honeypots

File hosting services misused for identity phishing

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

#microsoft #EN #2024 #File #hosting #SharePoint #OneDrive #Dropbox #social-engineering #identity #phishing #research

·microsoft.com·Oct 9, 2024

File hosting services misused for identity phishing

Mamba 2FA: A new contender in the AiTM phishing ecosystem - Sekoia.io Blog

Discover Mamba 2FA, a previously unknown adversary-in-the-middle (AiTM) phishing kit and sold as phishing-as-a-service (PhaaS).

#sekoia #EN #2024 #Mamba #2FA #AiTM #phishing #phishing-as-a-service #PhaaS

·blog.sekoia.io·Oct 7, 2024

Mamba 2FA: A new contender in the AiTM phishing ecosystem - Sekoia.io Blog

Arrests in international operation targeting cybercriminals in West Africa

Eight individuals have been arrested as part of an ongoing international crackdown on cybercrime, dealing a major blow to criminal operations in Côte d’Ivoire and Nigeria. The arrests were made as part of INTERPOL’s Operation Contender 2.0, an initiative aimed at combating cyber-enabled crimes, primarily in West Africa, through enhanced international intelligence sharing. Phishing scam targets Swiss citizens In Côte d’Ivoire authorities dismantled a large-scale phishing scam, thanks to a collaborative effort with Swiss police and INTERPOL.

#interpol #EN #2024 #phishing #busted #romance-scam #cybercriminals #Swiss #Operation-Contender-2.0

·interpol.int·Oct 6, 2024

Arrests in international operation targeting cybercriminals in West Africa

Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol

Investigators reported 483 000 victims worldwide, who had attempted to regain access to their phones and been phished in the process. The victims are mainly Spanish-speaking nationals from European, North American and South American countries.The successful operation took place thanks to international cooperation between law enforcement and judiciary authorities from Spain, Argentina, Chile, Colombia, Ecuador and Peru.The action week took...

#europol #EN #2024 #phishing #busted #operacion-kaerb #seized #spain

·europol.europa.eu·Sep 21, 2024

Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol

Clever 'GitHub Scanner' campaign abusing repos to push malware

A clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new

#bleepingcomputer #EN #2024 #GitHub #Malware #Phishing

·bleepingcomputer.com·Sep 19, 2024

Clever 'GitHub Scanner' campaign abusing repos to push malware

A Single Iranian Hacker Group Targeted Both Presidential Campaigns

APT42, which is believed to work for Iran’s Revolutionary Guard Corps, targeted about a dozen people associated with both Trump’s and Biden’s campaigns this spring, according to Google’s Threat Analysis Group.

#iran #elections #joe #biden #politics #harris #cybersecurity #kamala #donald #trump #hacking #phishing

·wired.com·Aug 15, 2024

A Single Iranian Hacker Group Targeted Both Presidential Campaigns

Russia-linked phishing campaigns ensnare civil society and NGOs

Russia-linked phishing campaigns are targeting civil society and NGOs operating in the region and abroad, according to a new investigation by Access Now and the Citizen Lab.

#accessnow #EN #2024 #Russia #Russia-linked #phishing #campaigns #NGO #civil-society

·accessnow.org·Aug 14, 2024

Russia-linked phishing campaigns ensnare civil society and NGOs

Les cybercriminels ont copié dieci.ch à l'identique

Sous le domaine dleci.ch, une page de phishing a été mise en ligne, reproduisant à l'identique le contenu de dieci.ch.

#dieci #CH #FR #clone #phishing #pizza #identique #fake

·dieci.ch·Aug 12, 2024

Les cybercriminels ont copié dieci.ch à l'identique

USPS Text Scammers Duped His Wife, So He Hacked Their Operation | WIRED

The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities. #black #cybersecurity #defcon #hacking #hacks #hat #phishing #security

#hacks #black #cybersecurity #hacking #defcon #phishing #security #hat

·wired.com·Aug 8, 2024

USPS Text Scammers Duped His Wife, So He Hacked Their Operation | WIRED

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

#trendmicro #EN #2024 #malware #cyber-crime #research #phishing #malvertising #social #media #fake #mimic #campaign

·trendmicro.com·Aug 3, 2024

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

Behind the Attack: Live Chat Phishing

In this blog, we investigate a phishing attack that leverages the inherent trust we put in live-human-chat support.

#perception-point #EN #2024 #Live-Chat #Phishing #analysis

·perception-point.io·Jul 11, 2024

Behind the Attack: Live Chat Phishing

How do cryptocurrency drainer phishing scams work?

In recent months, a surge in cryptodrainer phishing attacks has been observed, targeting cryptocurrency holders with sophisticated schemes aimed at tricking them into divulging their valuable credentials.

#talosintelligence #EN #2024 #cryptodrainer #phishing #attacks #analysis

·blog.talosintelligence.com·Jul 11, 2024

How do cryptocurrency drainer phishing scams work?

Formula 1 governing body discloses data breach after email hacks

FIA (Fédération Internationale de l'Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack.

#bleepingcomputer #EN #2024 #Data-Breach #FIA #Formula-1 #Phishing

·bleepingcomputer.com·Jul 7, 2024

Formula 1 governing body discloses data breach after email hacks

Analysis of the Phishing Campaign: Behind the Incident

See the results of our investigation into the phishing campaign encountered by our company and get information to defend against it. Here are some key findings: We found around 72 phishing domains pretending to be real or fake companies. These domains created believable websites that tricked people into sharing their login details. The attack was sophisticated, using advanced techniques like direct human interaction to deceive targets. We analyzed several fake websites and reverse-engineered their web-facing application. At the end of the post, you will find a list of IOCs that can be used for improving your organization’s security.

#any.run #EN #2024 #incident #phishing #spear-phishing #IoCs

·any.run·Jul 2, 2024

Analysis of the Phishing Campaign: Behind the Incident