Securing Employee Identities: Expert Tips for Identity Management Day 2025
With this week being Identity Management Day on April 8th, it’s the perfect reminder for organizations to focus on protecting their employees’ digital identities.
phishing
Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians
The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.
Russian APT Hackers Use Device Code Phishing Technique to Bypass MFA
Russian state-backed advanced persistent threat (APT) group Storm-2372 has exploited device code phishing to bypass multi-factor authentication (MFA) and infiltrate high-value targets across governments, NGOs, and critical industries. Since August 2024…
Scattered Spider Launches Sophisticated Attacks to Steal Login Credentials and MFA Tokens
The cyber threat landscape has witnessed remarkable adaptation from the notorious hacker collective known as Scattered Spider. Active since at least 2022, this group has been consistently refining its strategies for system compromise, data exfiltration…
AI Now Outsmarts Humans in Spear Phishing, Analysis Shows
Agentic AI has improved spear phishing effectiveness by 55% since 2023, research shows.
The post AI Now Outsmarts Humans in Spear Phishing, Analysis Shows appeared first on SecurityWeek.
Hellcat Ransomware Upgrades Arsenal to Target Government, Education, and Energy Sectors
The cybersecurity community has raised alarms over the rapid evolution of the Hellcat ransomware group, which has escalated its tactics to target critical sectors. Hellcat, which emerged in mid-2024, now employs a sophisticated blend of psychological m…
Grandoreiro Strikes Again: Geofenced Phishing Attacks Target LATAM
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.
New GIFTEDCROOK Stealer Targets Government Organizations to Exfiltrate Sensitive Data
Cybersecurity experts have uncovered an alarming escalation in cyber-espionage operations targeting Ukrainian critical sectors, as outlined in CERT-UA’s latest alert, CERT-UA#14303. The campaign, attributed to the UAC-0226 hacking group, leverage…
Phishing, fraud, and the financial sector’s crisis of trust
The financial sector is under growing pressure from advanced phishing attacks and fraud, causing major financial losses and eroding customer trust. Escalation of phishing attacks While traditional phishing relied on generic emails to steal sensitive da…
Upgraded Phishing-as-a-Service Platform Drives a Wave of Smishing Attacks
A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft.