‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise
Proofpoint researchers have observed the growing use of the ClickFix social engineering tactic, which lures people into running malicious content on their computer
Information Security Magazine
Fake Donald Trump Assassination Story Used in Phishing Scam
1 year ago
A phishing email claims to be from the New York Times with a story about an assassination attempt against President-elect Donald Trump
Surge in DocuSign Phishing Attacks Target US State Contractors
1 year ago
Phishing attacks using DocuSign impersonations targeting state agencies have surged 98% since Nov 8
North Korean IT Worker Network Tied to BeaverTail Phishing Campaign
1 year ago
BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found
FTC Records 50% Drop in Nuisance Calls Since 2021
1 year ago
The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021
UK Shoppers Lost £11.5m Last Christmas, NCSC Warns
1 year 1 month ago
The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023
Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors
1 year 1 month ago
The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation
Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist
1 year 1 month ago
Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins
watchTowr Finds New Zero-Day Vulnerability in Fortinet Products
1 year 1 month ago
The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October
Ransomware Groups Use Cloud Services For Data Exfiltration
1 year 1 month ago
SentinelOne described some of ransomware groups’ favorite techniques for targeting cloud services
O2’s AI Granny Outsmarts Scam Callers with Knitting Tales
1 year 1 month ago
Sitting Ducks DNS Attacks Put Global Domains at Risk
1 year 1 month ago
Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations
Microsoft Power Pages Misconfiguration Leads to Data Exposure
1 year 1 month ago
Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to unauthorized users
Massive Telecom Hack Exposes US Officials to Chinese Espionage
1 year 1 month ago
The FBI and CISA have confirmed that US officials’ private communications have been compromised
API Security in Peril as 83% of Firms Suffer Incidents
1 year 1 month ago
Over 80% of UK organizations suffered an API security incident in the past year, with each costing over £400,000
Bank of England U-turns on Vulnerability Disclosure Rules
1 year 1 month ago
The UK’s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities
Hive0145 Targets Europe with Advanced Strela Stealer Campaigns
1 year 1 month ago
Hive0145 is targeting Spain, Germany, Ukraine with Strela Stealer malware in invoice phishing tactic
AI Threat to Escalate in 2025, Google Cloud Warns
1 year 1 month ago
2025 could see our biggest AI fears materialize, according to a Google Cloud forecast report
Lazarus Group Uses Extended Attributes for Code Smuggling in macOS
1 year 1 month ago
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection
Amazon MOVEit Leaker Claims to Be Ethical Hacker
1 year 1 month ago
An individual who posted data allegedly stolen via MOVEit from Amazon and other big-name firms claims not to be malicious
Checked
4 hours 51 minutes ago