November 1, 2023 at 05:36AM State-sponsored threat actors from North Korea’s Lazarus Group have been targeting blockchain engineers of a crypto exchange platform through Discord using a new macOS malware called KANDYKORN. The attacks involve social engineering lures and a multi-stage process to deliver the malware. The Lazarus Group has previously used macOS malware in … Read more
October 27, 2023 at 09:15AM Microsoft has released a report on Octo Tempest, a dangerous financial criminal group. The group, which primarily targets English-speaking organizations, is skilled in SMS phishing, SIM swapping, and advanced social engineering. Originally focused on data extortion, Octo Tempest has now expanded to full-scale ransomware attacks. The group uses various tactics, … Read more
October 26, 2023 at 07:11PM Octo Tempest is a threat actor group tracked by Microsoft, specializing in data extortion and ransomware attacks. They have evolved their tactics over time, targeting organizations in various sectors and partnering with the ALPHV/BlackCat ransomware group. With advanced social engineering capabilities, they gain initial access through phishing, social engineering, and … Read more
October 26, 2023 at 06:56PM Octo Tempest, a native English-speaking threat actor tracked by Microsoft, has evolved from selling SIM swaps and stealing cryptocurrency accounts to conducting data extortion and ransomware attacks. The group targets companies in various sectors and has partnered with the ALPHV/BlackCat ransomware group. They employ advanced social engineering techniques, physical threats, … Read more
October 24, 2023 at 01:51AM Password management solution 1Password had a breach of its Okta instance, but no user data was accessed. The breach involved a threat actor attempting to access an IT team member’s user dashboard and manipulate authentication flows. Measures have been taken to enhance security, including tighter MFA rules and reducing the … Read more
October 20, 2023 at 05:32PM Employees experience a physical “escape room” to enhance security awareness. They role-play as criminal social engineers and identify vulnerabilities in a mock office space. The aim is for employees to understand the importance of physical security and remember practices like keeping whiteboards clean, locking laptops, and hiding or shredding documents. … Read more
October 17, 2023 at 10:04AM Threat actors are constantly finding new ways to trick end-users into giving up their credentials, leading to a rise in credential theft. Cybercriminals target credentials because people often reuse the same login information across multiple sites, giving hackers access to sensitive accounts. They use social engineering tactics like tailgating, spear … Read more
October 13, 2023 at 03:05PM French cloud service Shadow has confirmed that criminals stole a database containing customer data in a social-engineering attack against one of its employees. The stolen data includes personal information such as names, email addresses, dates of birth, billing addresses, and credit card expiration dates. The company reassured customers that no … Read more
October 13, 2023 at 07:06AM DarkGate, a piece of malware, is being spread through instant messaging platforms like Skype and Microsoft Teams. The malware is delivered disguised as a PDF document and triggers the download and execution of an AutoIt script that launches the malware. The malware can harvest sensitive data, conduct cryptocurrency mining, and … Read more
October 10, 2023 at 10:06AM Many cybercriminals still rely on non-sophisticated attacks because they are effective. These include phishing attacks and credential harvesting, often obtained through social engineering. Automation and AI are increasingly being used by bad actors to conduct attacks more efficiently. To defend against these attacks, organizations need to bolster human defenses through … Read more