June 7, 2024 at 02:36AM SORBS, a popular source for identifying spam servers, has been shut down by Proofpoint, its owner. The DNS-based Block List contained over 12 million known spam and phishing servers and was used by over 200,000 organizations. The service, in existence for 20 years, may be acquired, but high operational costs … Read more
May 29, 2024 at 02:16PM Large-scale phishing campaign using unusual lure, offering baby grand piano for free, has earned over $900,000. Phishing emails from alleged university professor lead recipients to a second email purporting to be from a moving firm with payment options only through non-traditional methods. Bitcoin wallet linked to campaign holds over $900,000. … Read more
May 27, 2024 at 08:06AM The article discusses the increasing risk of phishing attacks due to cloud transition, poor password hygiene, and advancements in webpage technologies. LayerX’s report highlights the rising magnitude of phishing attacks and suggests methods for organizations to protect against them, focusing on browser security platforms and deep session inspection as effective … Read more
May 20, 2024 at 02:30AM Cybersecurity researchers have observed a surge in email phishing campaigns delivering Latrodectus, a new malware believed to be the successor to IcedID. The malware has advanced capabilities including execution, self-deletion, and persistence on Windows. Social engineering campaigns are also using updated techniques to propagate various malware loaders. Summary of Meeting … Read more
May 19, 2024 at 04:18AM The Grandoreiro banking trojan, previously targeted at Latin America, has reemerged in a global campaign, expanding its reach to over 1,500 banks across 60+ countries. The large-scale phishing attacks utilize a sophisticated malware, employing tactics to avoid detection and compromising victims’ systems, including the abuse of Microsoft Outlook to spread … Read more
May 16, 2024 at 09:38AM Microsoft Threat Intelligence revealed that a financially motivated threat actor, Storm-1811, is conducting a vishing campaign using Quick Assist for remote access, posing as trusted contacts. The attacker delivers Black Basta ransomware and additional malware through various means, emphasizing the need for vigilance and user education to combat social engineering … Read more
May 15, 2024 at 04:44PM Phishing attacks mimicking legitimate DocuSign requests are on the rise due to the availability of fake templates and login credentials in the underground market. Attackers leverage the familiarity of DocuSign emails to trick users into revealing sensitive information. Companies are at risk of data theft and extortion, and employees should … Read more
May 13, 2024 at 03:22PM A new large-scale LockBit Black ransomware campaign has been sending millions of phishing emails since April, utilizing the Phorpiex botnet. The campaign uses ZIP attachments containing an executable deploying the LockBit Black payload to encrypt systems. The phishing emails originate from various aliases and are sent from over 1,500 unique … Read more
May 9, 2024 at 06:18PM Monday.com, a widely used project management platform, has removed its “Share Update” feature due to abuse by threat actors in phishing attacks. Customers received phishing emails purportedly from Monday.com’s email accounts, prompting concerns of a security breach. The company confirmed that the feature was misused, leading to its suspension, and … Read more
May 3, 2024 at 05:45AM The U.S. government issued a cybersecurity advisory about North Korean threat actors using spear-phishing campaigns to gather intelligence. They exploit weak DMARC policies to send spoofed emails, targeting foreign policy experts. The group, known as Kimsuky, engages targets in prolonged, benign conversations to build trust and uses fake email addresses … Read more