Recherche : [Phishing]

AI will make scam emails look genuine, UK cybersecurity agency warns https://www.theguardian.com/technology/2024/jan/24/ai-scam-emails-uk-cybersecurity-agency-phishing

24/01/2024 21:36:36

NCSC says generative AI tools will soon allow amateur cybercriminals to launch sophisticated phishing attacks

Framework Data Breach - General Topics - Framework Community https://community.frame.work/t/framework-data-breach/43408

15/01/2024 11:26:23

Copypasta’d from an email from FW:

Hello,
Keating Consulting, Framework’s primary external accounting partner, brought to our attention at 8:13am PST on January 11th, 2024, that one of their accountants fell victim to…

NSA official: hackers use AI bots like ChatGPT to perfect English https://www.nbcnews.com/tech/security/nsa-hacker-ai-bot-chat-chatgpt-bard-english-google-openai-rcna133086

10/01/2024 08:57:00

NSA Cybersecurity Director Rob Joyce said the spy agency has seen hackers use chatbots like ChatGPT to perfect their English for phishing schemes.

Russian military hackers target Ukraine with new MASEPIE malware https://www.bleepingcomputer.com/news/security/russian-military-hackers-target-ukraine-with-new-masepie-malware/

31/12/2023 10:09:03

Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.

Crypto drainer steals $59 million from 63k people in Twitter ad push https://www.bleepingcomputer.com/news/security/crypto-drainer-steals-59-million-from-63k-people-in-twitter-ad-push/

23/12/2023 12:45:39

Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware https://thehackernews.com/2023/12/hackers-exploiting-old-ms-excel.html?m=1

21/12/2023 19:57:57

Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla

Hackers swipe Booking.com, damage from attack is global https://www.asahi.com/ajw/articles/15055042

18/11/2023 13:14:00

Hackers breached Booking.com, one of the world’s largest online accommodation reservation sites, by posing as hotel staff to steal credit card information from travelers making bookings.

Arnaque: les clients de booking.com ciblés par des pirates https://www.20min.ch/fr/story/arnaque-les-clients-de-booking-com-cibles-par-des-pirates-738242320587

18/11/2023 13:03:39

Des courriels frauduleux atterrissent dans les boîtes de clients de la plateforme spécialisée dans les hébergements. Les pirates tentent d’obtenir des données de cartes de crédit ou des versements.

Détournement de Microsoft et Cloudflare au cours d’une nouvelle attaque de QRishing https://www.vadesecure.com/fr/blog/attaque-qrishing-microsoft-cloudflare

13/11/2023 11:51:59

Une récente attaque de QRishing a été détectée par Vade. Découvrez l’attaque en détail et les mesures à prendre pour protéger votre entreprise.

D-Link confirms data breach after employee phishing attack https://www.bleepingcomputer.com/news/security/d-link-confirms-data-breach-after-employee-phishing-attack/

21/10/2023 12:40:05

Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month.

LinkedIn Smart Links Fuel Credential Phishing Campaign https://cofense.com/blog/linkedin-smart-links-credential-phishing-campaign/

13/10/2023 09:21:57

Learn what LinkedIn Smart Links are and how they're being used to bypass email security gateways. Get up-to-date information on this credential phishing threat

When MFA isn't actually MFA https://retool.com/blog/mfa-isnt-mfa/

16/09/2023 12:22:57

Due to a recent Google change, MFA isn't truly MFA.

Attacker combines phone, email lures into believable, complex attack chain https://news.sophos.com/en-us/2023/08/10/image-spam-attack/

13/09/2023 21:44:02

A social engineering phone call lends authenticity to the attacker’s malicious email

“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d

12/09/2023 07:25:33

Facebook’s Messenger platform has been heavily abused in the past month to spread endless messages with malicious attachments from a swarm of fake and hijacked personal accounts. These threat actors are targeting millions of business accounts on Facebook’s platform — from highly-rated marketplace sellers to large corporations, with fake business inquiries, achieving a staggering “success rate” with approximately 1 out of 70 infected!

W3LL oiled machine: Group-IB uncovers covert BEC phishing empire targeting Microsoft 365 https://www.group-ib.com/media-center/press-releases/w3ll-phishing-report/

07/09/2023 21:07:01

The report details the operations of W3LL, a threat actor behind a phishing empire that has remained largely unknown until now. Group-IB’s Threat Intelligence and Cyber Investigations teams have tracked the evolution of W3LL and uncovered that they played a major role in compromising Microsoft 365 business email accounts over the past 6 years. The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL Panel, designed to bypass MFA, as well as 16 other fully customized tools for business email compromise (BEC) attacks. Group-IB investigators identified that W3LL’s phishing tools were used to target over 56,000 corporate Microsoft 365 accounts in the USA, Australia and Europe between October 2022 and July 2023. According to Group-IB’s rough estimates, W3LL’s Store’s turnover for the last 10 months may have reached $500,000. All the information collected by Group-IB’s cyber investigators about W3LL has been shared with relevant law enforcement organizations.

PDF Document

Okta customers targeted in social engineering scam https://www.scmagazine.com/news/okta-customers-targeted-in-social-engineering-scam

06/09/2023 14:23:10

Help desk staff duped into resetting MFA on Okta super admin accounts, allowing threat actors to move laterally across targeted organizations.

Adversary On The Defense: ANTIBOT.PW https://inquest.net/blog/adversary-on-the-defense-antibot-pw/

28/08/2023 20:55:37

Discover the lifecycle of a commercial web traffic filtering service originating from a GitHub project and how it found success within phishing operations, including how it evolved into a commercial platform offering under new branding.

Phishing pages placed on hacked websites https://securelist.com/phishing-with-hacked-sites/110334/

18/08/2023 14:23:35

Scammers are hacking websites powered by WordPress and placing phishing pages inside hidden directories. We share some statistics and tips on recognizing a hacked site.

Threat Actors Add .zip Domains to Their Phishing Arsenals https://www.fortinet.com/blog/industry-trends/threat-actors-add-zip-domains-to-phishing-arsenals

20/07/2023 23:11:25

In the evolving cybersecurity landscape, understanding the phishing threat has become more critical than ever. Read into a new threat resulting from the addition of a new Top-Level Domain (TLD), '.ZIP'.

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html

15/07/2023 14:11:42

A new generative AI cybercrime tool called WormGPT is making waves in underground forums. It empowers cybercriminals to automate phishing attacks.

Liens par page

Filtres