Threat Hunting Beyond Alerts: Finding the Activity Detection Misses
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
phishing
PhishLumos: Exposing phishing campaigns that evade detection by hiding content
Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and authority in ways that no amount of awareness training can completely overcome. The security communi…
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses.
The post FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service appeared first on SecurityWeek.
Decade-Long SniperDz Phishing Network Disrupted in Operation Ramz
Group-IB, INTERPOL and Algerian Police dismantle decade-old SniperDZ phishing network used to steal credentials, with its alleged developer arrested.
I Love Device-Bound Session Credentials, But They Are Still Phishable and Hackable
Google recently released Device-Bound Session Credentials (DBSC) for Google Chrome and Google Workspace. It is a long-awaited new security enhancement to fight back against local cookie theft. But, yes, it can still be hacked and phished. Noth…
NSO Group Hacking WhatsApp Despite Court Order
WhatsApp has caught the NSO Group phishing its users, in violation of a court order.
China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware
Proofpoint says TA4922, a suspected China aligned cybercrime group, is targeting UK and European organisations with tax, payroll and benefits themed malware campaigns.
Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys
Attackers are texting Signal users posing as Support, asking for backup recovery keys. Once obtained, they can decrypt the entire message history, not just future chats. A phishing campaign is currently targeting Signal users with text messages that impersonate Signal Support and ask them to hand over their backup recovery key. The message looks urgent, […]
MokN Raises $15 Million for Phish-Back Platform
MokN’s platform deploys realistic decoy access points to lure attackers into revealing compromised credentials, enabling organizations to respond before abuse occurs.
The post MokN Raises $15 Million for Phish-Back Platform appeared first on SecurityWe…
LinkedIn-themed phishing abuses Adobe’s A/B testing platform
A newly documented phishing campaign is targeting professionals with fake LinkedIn business emails and abusing a trusted service operated by Adobe. The attack from the victim’s perspective The attack starts with an email that looks, at first glan…