Phishing Attacks Abuse Microsoft 365 to Bypass Security Filters
Threat actors are abusing Microsoft’s infrastructure to launch phishing attacks that can bypass security measures, according to researchers at Guardz.
phishing
Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Surge by 130%
Menlo Security, a leader in Secure Enterprise Browsers, has released its annual State of Browser Security Report, revealing a sharp rise in browser-based cyberattacks. The report highlights a 130% surge in zero-hour phishing attacks and a significant i…
New KnowBe4 Report Reveals a Spike in Phishing Campaigns
KnowBe4, Security Awareness Training leader, today launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting organisations at the start of 2025. Based on data generated by KnowBe4 Defend, this edition highlights the growing threat of ransomware and explores how cybercriminals are using sophisticated tactics to […]
The post New KnowBe4 Report Reveals a Spike in Phishing Campaigns appeared first on IT Security Guru.
Hackers Hide VenomRAT Malware Inside Virtual Hard Disk Image File
Hackers are using .VHD files to spread VenomRAT malware, bypassing security software, reveals Forcepoint X-Labs. Learn how this stealthy attack works and how to protect yourself.
Scareware Combined With Phishing in Attacks Targeting macOS Users
A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
The post Scareware Combined With Phishing in Attacks Targeting macOS Users appeared first on SecurityWeek.
Fake Coinbase Migration Messages Target Users to Steal Wallet Credentials
A sophisticated phishing campaign is currently targeting cryptocurrency investors with fraudulent emails claiming to be from Coinbase. The scam attempts to trick users into transferring their funds to wallets controlled by attackers through a deceptive…
The Cybersecurity Confidence Gap: Are Your Employees as Secure as They Think?
Our recent research reveals a concerning discrepancy between employees’ confidence in their ability to identify social engineering attempts and their actual vulnerability to these attacks.
Booking.com Phishing Scam Targets Employees in the Hospitality Sector
A phishing campaign is impersonating travel agency Booking.com to target employees in the hospitality industry, according to researchers at Microsoft.
Hackers Exploit Hard Disk Image Files to Deploy VenomRAT
In a recent cybersecurity threat, hackers have been using virtual hard disk image files (.vhd) to distribute the VenomRAT malware, exploiting a novel technique to bypass security measures. This campaign begins with a phishing email that uses a purchase…
Squid Werewolf Mimics Recruiters to Target Job Seekers and Steal Personal Data
In a sophisticated phishing campaign uncovered by the BI.ZONE Threat Intelligence team, the Squid Werewolf group, also known as APT37, has been impersonating recruiters to target key employees in various organizations. This espionage cluster uses fake …