March 14, 2024 at 09:37AM France Travail, formerly known as Pôle Emploi, disclosed a cyberattack that compromised personal details of 43 million individuals, including job seekers and individuals with a job candidate profile. The breach exposed sensitive information like full names, dates of birth, and social security numbers. The agency warns of identity theft and … Read more
March 7, 2024 at 09:34AM The FBI’s IC3 reported a 10% increase in cybercrime complaints in 2023, totaling over 880,000 in the US with $12.5 billion in losses, a 22% rise from 2022. Phishing dominates complaints, with investment fraud and BEC causing the highest losses. Ransomware affected critical sectors, with LockBit and BlackCat being active … Read more
March 6, 2024 at 03:41PM TA4903, a gang of hackers specializing in business email compromise attacks, has been impersonating U.S. government entities to carry out malicious activities through fake bidding processes. Proofpoint has been tracking their campaign, noting intensified activities since mid-2023 and a shift to impersonating small businesses. They pose a significant threat and … Read more
March 5, 2024 at 05:46AM TA577 threat actor employs ZIP archive attachments in phishing emails to obtain NTLM hashes, facilitating sensitive info gathering and follow-on activities. Delivery of the phishing waves on Feb 26 and 27, 2024, targeted hundreds of global organizations through thread hijacking technique. The actor aims to capture NTLMv2 Challenge/Response pairs for … Read more
February 27, 2024 at 02:23PM The Phishing as a Service (PhaaS) platform ‘LabHost’ has become a major concern, aiding cybercriminals in targeting North American banks, particularly Canadian institutions. LabHost offers customizable phishing kits, infrastructure, and a real-time phishing management tool for a monthly fee. Their new SMS spamming tool, ‘LabSend,’ further extends their reach in … Read more
February 26, 2024 at 10:45AM Ukrainian entities based in Finland are targeted in a malicious campaign distributing the Remcos RAT using the IDAT Loader. The attack utilizes steganography and has been attributed to the threat actor UAC-0184. Other loaders like Hijack Loader have been used to distribute additional payloads. CERT-UA disclosed a phishing campaign involving … Read more
February 19, 2024 at 10:10AM Ukrainian national Mark Sokolovsky, 28, appeared in a US court after extradition from the Netherlands. He was arrested in March 2022 for operating the Raccoon Infostealer malware. Sokolovsky was indicted for distributing the malware globally, stealing login credentials, financial data, and leasing access to the malware for $200 monthly. The … Read more
February 15, 2024 at 09:13AM Threat actors are conducting an innovative “smishing” campaign using AWS SNS and a custom script to impersonate the US Postal Service. This abuse of cloud-based messaging platforms reflects a growing trend. The SNS Sender attack lures users with fake USPS notifications to steal personally identifiable information and payment-card details. Businesses … Read more
February 14, 2024 at 10:02AM The rise of generative AI has intensified the cybersecurity battlefield, empowering cyber attackers with advanced phishing techniques and malware creation. However, responsible deployment of AI can provide security professionals with the contextual understanding needed to preempt and combat these threats, offering hope for an improved security posture in the ongoing … Read more
February 8, 2024 at 04:02PM Email attacks using QR codes surged in Q4 2023, targeting corporate executives and managers. Phishing emails using QR codes, or “quishing,” bypass spam filters, and attackers focus on stealing credentials for privileged users. While quishing has subsided, it remains a threat, emphasizing the need for user training and technical controls … Read more