July 4, 2024 at 05:14AM The Mekotio banking trojan is a significant threat to financial systems in Latin America, targeting countries such as Brazil, Chile, Mexico, Spain, and Peru. It infiltrates systems through phishing emails, aiming to steal sensitive information, particularly banking credentials. Users can protect themselves by being cautious with emails, avoiding clicking on … Read more
July 3, 2024 at 11:51PM Twilio, a cloud communications provider, disclosed a mobile security breach in the Authy 2FA app. Threat actors exploited an unauthenticated endpoint to access user data, prompting the company to secure the endpoint. Although no direct system breach was proven, Twilio urged users to upgrade their apps due to possible phishing … Read more
July 2, 2024 at 07:07AM The cybersecurity threat landscape has seen a substantial rise in average ransomware payments, with increases over 500%. The surge is attributed to cybercriminals better targeting organizations for larger ransom payments, as well as the utilization of Generative AI in creating convincing phishing attacks. Implementing next-generation MFA technologies, including biometrics, is … Read more
July 1, 2024 at 05:39AM Phishing emails, purportedly from a router maker’s helpdesk portal, are targeting users who submit support tickets. The emails claim to be from MetaMask and urge users to update their accounts within 24 hours to prevent loss of access. The malicious URL included in the email redirects to a suspended webpage. … Read more
July 1, 2024 at 04:02AM The Canadian router manufacturer, Mercku, has been identified as sending MetaMask phishing emails in response to support tickets. The phishing emails instruct users to update their MetaMask account within 24 hours, posing a potential security threat. Users are advised not to respond to these emails or click any links contained … Read more
June 24, 2024 at 01:38PM Four Vietnamese nationals linked to the cybercrime group FIN9 have been indicted for causing over $71 million in losses to U.S. companies. The defendants carried out cybercrimes from May 2018 to October 2021, using phishing campaigns and supply chain attacks to steal data and funds. They face multiple charges, with … Read more
June 20, 2024 at 01:31PM The need for enhanced email security is evident as cyber threats continue to rise in remote work environments. In 2023, Trend Micro discovered over 45 million high-risk email threats, emphasizing the insufficiency of native security in popular email services. Phishing incidents surged by 40%, with credential phishing and BEC attacks … Read more
June 20, 2024 at 12:45PM The text highlights the increasing risks associated with email threats in 2023, with a rise in phishing, malware attacks, and business email compromise (BEC) incidents. It emphasizes the limitations of built-in security for popular email services and recommends leveraging a SaaS-based platform like Cloud App Security for comprehensive visibility and … Read more
June 20, 2024 at 08:37AM The CERT-FR report on Nobelium’s cyber activities revealed the group’s espionage focus and targeting of French diplomatic entities, including the Ministry of Foreign Affairs. The report warns of Nobelium’s threat to national security and diplomatic interests, amid concerns about Russian interference in French affairs, particularly during election periods. The group’s … Read more
June 18, 2024 at 04:29PM ONNX Store, a phishing-as-a-service platform, targets Microsoft 365 and Office 365 accounts with PDF attachments containing QR codes. It bypasses 2FA, capturing login credentials and tokens, and provides a range of subscription tiers with customizable features. EclecticIQ recommends security measures to mitigate the threat’s impact. The platform poses a significant … Read more