December 3, 2024 at 04:52AM North Korea-aligned Kimsuky is linked to phishing attacks using Russian sender addresses to steal credentials. These attacks, primarily targeting South Korean users, exploit email services and impersonate institutions like Naver. Kimsuky utilizes compromised servers and tools for spoofing to evade security, aiming for account hijacking and further attacks. ### Meeting … Read more
December 2, 2024 at 05:49AM A new phishing attack exploits Microsoft Word’s file recovery feature by distributing corrupted documents as email attachments. These files bypass security software due to their damaged condition while remaining recoverable by users, posing a significant security risk. ### Meeting Takeaways: – **Phishing Attack Overview**: A new phishing attack leverages a … Read more
November 28, 2024 at 02:38AM A phishing campaign targets individuals by falsely claiming their employment has been terminated, using a legal-sounding email to induce panic. The scam preys on economic fears, spreading malware disguised as legal documents. Attackers aim to steal sensitive information, using tactics that may evolve across different platforms. ### Meeting Takeaways 1. … Read more
November 27, 2024 at 06:28AM APT-C-60, a South Korea-aligned cyber espionage group, targeted a Japanese organization in August 2024 using a job application phishing scheme to deploy the SpyGlace malware. The attack utilized services like Google Drive and Bitbucket, exploiting vulnerabilities in WPS Office, and involved sophisticated methods for executing and distributing the malware. ### … Read more
November 26, 2024 at 02:09PM Cyberattackers are targeting OpenSea NFT users with a phishing attack that mimics legitimate notifications to lure victims into connecting their cryptocurrency wallets to a fake page. Researchers caution that these schemes exploit entry-level collectors’ inexperience, urging vigilance to avoid financial loss through social engineering tactics and malicious links. ### Meeting … Read more
November 22, 2024 at 12:17PM The Mysterious Elephant threat actor, also known as APT-K-47, is using advanced malware called Asynshell in recent attacks, targeting Pakistani entities. Utilizing Hajj-themed lures, they employ phishing tactics to deliver malicious files. The group has improved their methods and tools, showcasing a focus on evolving their malware since 2023. **Meeting … Read more
November 21, 2024 at 05:43PM Microsoft seized 240 domains linked to ONNX, a phishing-as-a-service platform targeting companies and individuals since 2017. ONNX was the leading player in middle (AitM) phishing, promoting phishing kits on Telegram. Microsoft’s legal action aims to disrupt ONNX’s operations, though other threat providers may emerge. ### Meeting Takeaways 1. **Domain Seizure**: … Read more
November 21, 2024 at 01:56PM The Department of Justice has charged five members of the hacking group “Scattered Spider” with various crimes related to cyberattacks on companies like MGM Resorts and Caesar’s Palace. Allegations include phishing and stealing sensitive data, cryptocurrencies, and identity information. They face significant prison sentences if convicted. ### Meeting Takeaways: 1. … Read more
November 21, 2024 at 12:08PM Microsoft and the Justice Department seized over 240 domains linked to ONNX, a phishing-as-a-service platform targeting thousands of victims globally since 2017. ONNX was the leading provider of phishing kits in 2024, enabling sophisticated attacks that bypassed security measures. Operations ceased after the owner’s identity was revealed. ### Meeting Takeaways … Read more
November 18, 2024 at 12:14PM Fake Bitwarden ads on Facebook promote a malicious Chrome extension that steals user data. This phishing campaign, identified by Bitdefender Labs, uses deceptive tactics to mimic the Chrome Web Store. Users are advised to ignore update prompts and only install extensions from trusted sources to avoid risks. ### Meeting Takeaways: … Read more