Found 251 bookmarks
Custom sorting
How we handled a recent phishing incident that targeted Dropbox
How we handled a recent phishing incident that targeted Dropbox
We were recently the target of a phishing campaign that successfully accessed some of the code we store in GitHub. No one’s content, passwords, or payment information was accessed, and the issue was quickly resolved. Our core apps and infrastructure were also unaffected, as access to this code is even more limited and strictly controlled. We believe the risk to customers is minimal. Because we take our commitment to security, privacy, and transparency seriously, we have notified those affected and are sharing more here.
#dropbox#EN#2022#incident#phishing#GitHub
·dropbox.tech·
How we handled a recent phishing incident that targeted Dropbox
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
Analysts at the Cofense Phishing Defense Center (PDC) have recently analyzed an email asking users to download a “Proof of Payment” as well as other documents. While it is important to never click on the link(s) or download the attachment(s) of any suspicious email, if the recipient interacts with the link, it downloaded the malware Lampion.
#cofense#EN#2022#Phishing#Lampion#malware#IoCs
·cofense.com·
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
DigitalOcean says customer email addresses were exposed after latest Mailchimp breach – TechCrunch
DigitalOcean says customer email addresses were exposed after latest Mailchimp breach – TechCrunch
Cloud giant DigitalOcean says that some customers’ email addresses were exposed because of a recent “security incident” at email marketing company Mailchimp. In a scant blog post dated August 12, just two days after the company’s co-founder and long-time CEO Ben Chestnut stepped down, Mailchimp said a recent but undated attack saw threat actors targeting […]
#techcrunch#EN#2022#digitalocean#mailchimp#password#phishing#sms#twilio
·techcrunch.com·
DigitalOcean says customer email addresses were exposed after latest Mailchimp breach – TechCrunch
Cisco confirms May attack by Yanluowang ransomware group
Cisco confirms May attack by Yanluowang ransomware group
Cisco confirmed on Wednesday that it was attack by the Yanluowang ransomware group in May, but said the hackers were not able to steal sensitive data or impact the company’s operations. In a statement to The Record, Cisco said the incident occured on their corporate network in late May and that they “immediately took action to contain and eradicate the bad actors.”
#therecord#EN#2022#Yanluowang#Cisco#talos#phishing#voicemail
·therecord.media·
Cisco confirms May attack by Yanluowang ransomware group
The mechanics of a sophisticated phishing scam and how we stopped it
The mechanics of a sophisticated phishing scam and how we stopped it
Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees. While individual employees did fall for the phishing messages, we were able to thwart the attack through our own use of Cloudflare One products, and physical security keys issued to every employee that are required to access all our applications.
#cloudflare#EN#2022#phishing#scam#Twilio#okra
·blog.cloudflare.com·
The mechanics of a sophisticated phishing scam and how we stopped it
IPFS: The New Hotbed of Phishing
IPFS: The New Hotbed of Phishing
We have observed more than 3,000 emails containing phishing URLs that have utilized IPFS for the past 90 days and it is evident that IPFS is increasingly becoming a popular platform for phishing websites.
#trustwave#2022#EN#Phishing#IPFS
·trustwave.com·
IPFS: The New Hotbed of Phishing
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).
#microsoft#EN#2022#phishing#MFA#AiTM#hijack#session
·microsoft.com·
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
Phishing tactics: how a threat actor stole 1M credentials in 4 months
Phishing tactics: how a threat actor stole 1M credentials in 4 months
It is rare that the identities of participants and ringleaders in criminal phishing schemes are uncovered. But in many cases, when untangling the web of a cyber criminal group (particularly with financially motivated e-crime actors), there are enough OSINT breadcrumbs left behind by a threat actor, on forums, in code, or elsewhere, to point investigators in the right direction.
#pixmsecurity#2022#EN#Phishing#tactics#Anti-Phishing#OSINT
·pixmsecurity.com·
Phishing tactics: how a threat actor stole 1M credentials in 4 months
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says
Belarus conducted widespread phishing attacks against members of the Polish military as well as Ukrainian officials, security researchers said Monday, providing more evidence that its role in Russia’s invasion of Ukraine has gone beyond serving as a staging area for Russian troops
#GoogleTAG#Belarus#EN#2022#Russia#cyberwar#phishing#FancyBear#washingtonpost
·washingtonpost.com·
Belarus conducted widespread phishing campaigns against Ukraine, Poland, Google says
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement
  • Proofpoint has identified a likely nation-state sponsored phishing campaign using a possibly compromised Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. * The email included a malicious macro attachment which attempted to download a Lua-based malware dubbed SunSeed. * The infection chain used in this campaign bears significant similarities to a historic campaign Proofpoint observed in July 2021, making it likely the same threat actor is behind both clusters of activity. * Proofpoint is releasing this report in an effort to balance accuracy with responsibility to disclose actionable intelligence during a time of high-tempo conflict.
#APT#Russia#Ukraine#Government#Military#proofpoint#EN#2022#phishing#refugees#SunSeed
·proofpoint.com·
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement