November 19, 2024 at 03:15PM Ford is investigating a potential data breach involving 44,000 customer records allegedly leaked by a hacker on a forum. The records, which include identifiable information, could facilitate phishing attacks. The company is currently assessing the situation, acknowledging the seriousness of the claims, and advising caution regarding unsolicited communications. ### Meeting … Read more
November 13, 2024 at 07:15AM The Iranian threat actor TA455 has mimicked North Korean tactics in a Dream Job campaign, targeting the aerospace industry with fake job offers. The campaign distributes SnailResin malware, enabling remote access and credential theft. This approach includes using social engineering, impostor personas, and multi-stage infection methods to evade detection. **Meeting … Read more
November 12, 2024 at 08:39AM North Korean threat actors have begun embedding malware in Flutter applications, targeting macOS devices. This technique includes a deceptive Minesweeper game and variants in Go and Python. Jamf Threat Labs notes this may involve social engineering near cryptocurrency sectors, and suspects links to known hacking sub-groups. Apple’s notarization process is … Read more
November 12, 2024 at 08:37AM Amazon employees’ data was included in a leak linked to the MOVEit vulnerability, affecting over 2.86 million records. Although Amazon maintains system security, the stolen information includes employee contact details, potentially facilitating social engineering threats. The data is being circulated by a user named Nam3L3ss on BreachForums. ### Meeting Takeaways … Read more
November 8, 2024 at 10:05AM Scattered Spider and BlackCat/ALPHV gangs have resurfaced after prior arrests, using social engineering and new tactics in cyberattacks. They recently breached a manufacturing firm, employing RansomHub malware for encryption. Ransomware threats persist, emphasizing the need for stringent security measures and vigilant defense against evolving criminal strategies. ### Meeting Takeaways 1. … Read more
November 7, 2024 at 05:33PM In 2024, Canadian banks report a 34% decrease in fraud cases, but customers may still lose as much as $569 million, mostly due to high-value impersonation scams. BioCatch notes fraud strategies are shifting towards targeting fewer individuals for larger amounts, with younger victims emerging as primary targets. ### Meeting Takeaways … Read more
November 7, 2024 at 07:42AM A North Korean threat actor, BlueNoroff, has targeted cryptocurrency businesses using multi-stage malware that infects macOS devices via phishing emails and disguised applications. The campaign, named Hidden Risk, employs social engineering tactics, exploiting Apple developer accounts for notarization and illustrates the evolving strategies of North Korean cyber operations. **Meeting Takeaways: … Read more
October 25, 2024 at 05:12PM Black Basta ransomware has shifted its social engineering tactics to Microsoft Teams, impersonating IT help desks to exploit employees. After inundating inboxes with emails, attackers contact users directly via Teams. Their goal is to trick employees into installing remote access tools, risking corporate networks. Organizations are advised to restrict external … Read more
October 25, 2024 at 04:57PM Black Basta ransomware is evolving, using Microsoft Teams for social engineering attacks by impersonating IT help desk personnel. Attackers overwhelm employees’ inboxes, then contact them via Teams to gain remote access and install malicious payloads, ultimately deploying ransomware. Organizations are advised to restrict external communication in Teams and enable logging. … Read more
October 24, 2024 at 06:06AM The Lazarus Group exploited a now-patched zero-day vulnerability in Google Chrome to control devices by targeting cryptocurrency sector individuals via a fake game website. Disguised as a decentralized finance game, the attack, discovered by Kaspersky, began in February 2024 and involved advanced social engineering tactics. ### Meeting Takeaways on Lazarus … Read more