#PhishingAwareness

Don’t open that ‘copyright infringement’ email attachment – it’s an infostealer

by

November 7, 2024 at 05:26PM Organizations should be wary of phishing emails falsely claiming copyright infringement, which deploy the Rhadamanthys malware. The campaign uses AI for automation, targeting various countries. Attackers aim to steal sensitive data, including cryptocurrency wallet seed phrases, indicating a financially motivated effort by lower-level cybercriminals rather than state-sponsored groups. ### Meeting … Read more

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims

by

November 7, 2024 at 05:04AM A phishing campaign named CopyRh(ight)adamantys is exploiting copyright themes to distribute the Rhadamanthys information stealer across various global regions. The attackers impersonate well-known companies and use sophisticated methods, including AI for targeted spear-phishing. Additionally, the SteelFox malware, posing as legitimate software, targets users worldwide through malicious links and data theft. … Read more

Attacker Hides Malicious Activity in Emulated Linux Environment

by

November 5, 2024 at 05:34PM Securonix identified a novel cyberattack campaign, CRON#TRAP, where attackers use an emulated Linux environment to stage malware undetected. This technique, utilizing QEMU and Tiny Core Linux, allows covert data harvesting. Targeting North America, the campaign highlights the need for stronger phishing defenses and endpoint monitoring by organizations. ### Meeting Takeaways … Read more

Criminals open DocuSign’s Envelope API to make BEC special delivery

by

November 5, 2024 at 01:43PM Business email compromise scammers are leveraging the DocuSign API to create seemingly legitimate e-signature requests, leading to fraud. These attackers use custom templates to send invoices, bypassing spam filters. In 2023, BEC scams have cost US businesses $2.9 billion, highlighting the need for vigilance and sender verification. **Meeting Takeaways:** 1. … Read more

Docusign API Abused in Widescale, Novel Invoice Attack

by

November 5, 2024 at 11:12AM Cybercriminals are exploiting a Docusign API in a phishing campaign, sending convincing fake invoices to companies. By creating legitimate Docusign accounts, attackers bypass typical security measures. This innovative scam leverages authentic-looking e-sign requests, prompting organizations to verify document origins to prevent fraud, while urging service providers to bolster API security. … Read more

DocuSign Abused to Deliver Fake Invoices

by

November 5, 2024 at 08:49AM Cybercriminals are exploiting DocuSign APIs to send fraudulent emails, including fake invoices, that evade spam and phishing filters. This highlights vulnerabilities in the platform, posing significant risks for users. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Issue Identified**: Cybercriminals are exploiting DocuSign APIs. 2. **Method of Attack**: They … Read more

Businesses Worldwide Targeted in Large-Scale ChatGPT Phishing Campaign

by

November 4, 2024 at 04:01AM Barracuda has identified a widespread phishing campaign impersonating OpenAI, aiming to steal ChatGPT credentials from businesses globally. This large-scale effort poses significant security risks as it targets various organizations. **Meeting Takeaways:** 1. **Observation of Campaign**: Barracuda has identified a significant impersonation campaign targeting OpenAI. 2. **Objective of the Campaign**: The … Read more

EmeraldWhale’s Massive Git Breach Highlights Config Gaps

by

November 1, 2024 at 05:59PM Researchers uncovered the EmeraldWhale cybercriminal operation, targeting Git configurations to steal over 15,000 credentials and clone 10,000 private repositories. The incident highlights the need for improved cloud security, proper configuration monitoring, and regular source code scans to avoid exposure of sensitive information. Enhanced security measures are essential for organizations. ### … Read more

Facebook Businesses Targeted in Infostealer Phishing Campaign

by

October 31, 2024 at 05:17PM A phishing campaign targeting Facebook businesses in Taiwan uses deceptive emails impersonating legal teams and well-known companies to distribute malware. Threat actors demand immediate content removal under copyright claims, while employing techniques to bypass antivirus detection. Key malware includes Lumma Stealer and Rhadamanthys, which harvest sensitive information from victims. ### … Read more

Business Email Compromise (BEC) Impersonation: The Weapon of Choice of Cybercriminals

by

October 30, 2024 at 03:18PM VIPRE Security Group’s Q3 2024 Email Threat Trends Report reveals a surge in business email compromise (BEC) attacks, particularly targeting the manufacturing sector. BEC scams comprised 58% of phishing attempts, with sophisticated impersonation tactics prevalent. The report highlights increased malicious attachments and emphasizes the need for enhanced cybersecurity measures and … Read more