Scammers Use Spain-Portugal Blackout for TAP Air Refund Phishing Scam
SEO: Cybercriminals are using the recent power outages in Spain and Portugal to launch phishing attacks disguised as…
phishing
FBI shared a list of phishing domains associated with the LabHost PhaaS platform
The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises. The FBI shared a list of 42,000 domains registered from November 2021 to Apr 2024, linked to LabHost to raise awareness and aid in threat detection. The domain list helps prevent […]
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The financially-motivated group targeted organizations in the media, […]
FBI Uncovers 42,000 Phishing Domains Tied to LabHost PhaaS Operation
The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains associated with the notorious LabHost phishing-as-a-service (PhaaS) platform. This operation, which spanned from November 2021 through April 2024, was recen…
Low-tech phishing attacks are gaining ground
Cybercriminals are increasingly favoring low-tech, human-centric attacks to bypass email scanning technologies, according to VIPRE Security. The report is based on an analysis of global real-world data and highlights the most significant email security…
Cybercriminals Impersonate DHS Amid Deportation Efforts
Researchers at INKY warn that criminals are impersonating the US Department of Homeland Security to launch phishing scams.
Researchers Warn of Surge in Infostealers Delivered Via Phishing
The number of infostealers delivered via phishing emails increased by 84% last year, according to a new report from IBM’s X-Force researchers. Threat actors are using these malware strains to steal credentials for use in follow-on attacks.
AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens
Darktrace’s Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been exploiting legitimate Software-as-a-Service (SaaS) platforms like Milanote to orchestrate sophisticated phishing campaigns. These attacks, bolstere…
Property renters targeted in simple BEC scam
Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam preying on renters “Most campaigns are sent from compromised mailboxes belo…
China Hackers Used Trojanized UyghurEditPP App to Target Uyghur Activists
China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…