Manufacturing Sector Under Fire From Microsoft Credential Thieves

August 28, 2024 at 12:00PM A threat actor has targeted the manufacturing sector with spear-phishing emails, impersonating real companies like Periscope Holdings and R.S. Hughes. When clicked, the emails direct victims to a counterfeit Microsoft page to input their password, allowing the hacker to harvest credentials and potentially compromise sensitive data. BlueVoyant researchers advise monitoring … Read more

Russia’s ‘Fighting Ursa’ APT Uses Car Ads to Install HeadLace Malware

August 5, 2024 at 07:47AM Fighting Ursa, a prolific Russian cyber threat group, is targeting diplomats with a used car sale phishing scheme, distributing HeadLace backdoor malware. The attack, which involves disguising executables as image files, aims to establish persistent access for data theft and surveillance. The group has a history of high-profile cyber offensives … Read more

Indian man stole $37 million in crypto using fake Coinbase Pro site

May 25, 2024 at 07:33PM Chirag Tomar, an Indian national, pleaded guilty to wire fraud conspiracy for stealing over $37 million through a fake Coinbase website. Using social engineering and a fake website, Tomar and his co-conspirators tricked legitimate Coinbase customers into revealing their login credentials and two-factor authentication codes. Tomar now faces a maximum … Read more

Bloomberg Crypto X account snafu leads to Discord phishing attack

November 17, 2023 at 06:36PM The official Twitter account for Bloomberg Crypto directed users to a deceptive website in a phishing attack. The link led to a Telegram channel with 14,000 members, urging visitors to join a fake Bloomberg Discord server. Scammers took advantage of Bloomberg’s previous Telegram link, which remained active, and used it … Read more