Verified Twitter accounts phished via hate speech warnings
We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
Hackers breach MailChimp's internal tools to target crypto customers
Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.
Ongoing phishing attacks on Trezor users
Trezor users have reported being targeted by a malicious phishing attack on April 3.
Behold, a password phishing site that can trick even savvy users
Just when you thought you'd seen every phishing trick out there, BitB comes along.
Phishing attacks target countries aiding Ukrainian refugees
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
Ukraine links phishing targeting military to Belarusian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.
Google Docs Comment Exploit Allows for Distribution of Phishing and Malware
An exploit in the Google Docs comment feature allows hackers to easily spread malware and phishing.
Les attaques informatiques contre les ENT continuent dans le Nord ...
La semaine dernière, des menaces d'attentats ont été envoyés aux élèves, aux personnels et aux familles suite au piratage de l'environnement numérique de travail de la région Ile de France. Cette fois, c'est l'académie de Lille qui est touchée, et ce dans un contexte sécuritaire inquiétant.
Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit
Tycoon 2FA has become one of the most widespread adversary-in-The-Middle (AiTM) phishing kits over the last few months.
Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season
Read the new Microsoft Threat Intelligence tax season report to learn about the techniques that threat actors use to mislead taxpayers.
New Attack Techniques Bypassing ML Security
Threat actors are exercising new attack techniques to bypass machine learning security controls.
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production," IBM X-Force said in a report published last week.
Google Chrome gets real-time phishing protection later this month
Google will roll out a Safe Browsing update later this month that will provide real-time malware and phishing protection to all Chrome users, without compromising their browsing privacy. The company launched Safe Browsing in 2005 to defend users against web phishing attacks and has since upgraded it to block malicious domains that push malware, unwanted software, and various social engineering schemes.
Threat actors leverage document publishing sites for ongoing credential and session token theft
Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks.
Flipper Zero WiFi phishing attack can unlock and steal Tesla cars
An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.
Jamf says 9% of smartphone have fallen for phishing attacks
In a report going over the state of malware in 2024, device management firm Jamf says that 9% of mobile users were caught by phishing, while 20% of companies were at risk because of bad smartphone configurations.
Scattered Spider laying new eggs
Discover the techniques, tactics (TTPs) used by Scattered Spider intrusion set, including social engineering and targeted phishing campaigns.
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
Ongoing phishing campaign can hack you even when you’re protected with MFA
Campaign that steals email has targeted at least 10,000 organizations since September.
Verified Twitter accounts phished via hate speech warnings
We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
Hackers breach MailChimp's internal tools to target crypto customers
Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.
Ongoing phishing attacks on Trezor users
Trezor users have reported being targeted by a malicious phishing attack on April 3.
Behold, a password phishing site that can trick even savvy users
Just when you thought you'd seen every phishing trick out there, BitB comes along.
Phishing attacks target countries aiding Ukrainian refugees
A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.
Ukraine links phishing targeting military to Belarusian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel.
Google Docs Comment Exploit Allows for Distribution of Phishing and Malware
An exploit in the Google Docs comment feature allows hackers to easily spread malware and phishing.
Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments
Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accoun...
DarkGate malware delivered via Microsoft Teams - detection and response
While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector. Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one organization to add users outside the organization to their Teams chats. Perhaps predictably, this feature has provided malicious actors a new avenue by which to exploit untrained or unaware users.