Category

Phishing

Phishing Page 2

Caffeine PhaaS Newbie Hackers Cyberattack Hacking

New Caffeine PhaaS aids newbie hackers for easy attack headstart

A new phishing-as-a-service (PhaaS) platform ‘Caffeine’ has been introduced in the cyberthreat landscape, which aids threat actors in launching campaigns through an open registration process for an easier phishing operations headstart, especially for beginners. The Caffeine PhaaS has major differences from other platforms, for it does not require beginners in the field to have referrals...
Continue Reading
Phishing Threat Actor Fast Food Chains McDonalds KFC Saudi Arabia Spoofed Domains

Phishing actors target fast-food chains in selected countries

A new phishing campaign was spotted by researchers targeting the customers of two fast food chains based in the United Arab Emirates, Singapore, and Saudi Arabia. Based on reports, the phishing operators stole some of the payment details of KFC and McDonald’s customers. The initial campaign worked as a domain impersonating the Google Play Store...
Continue Reading
Hackers Software Abuse Application Mode Web Browsers Phishing Attacks Chrome Chromium

Hackers abused the app mode in web browsers for phishing attacks

Threat actors have utilised the “app mode” feature in Chrome web browsers to overlay fake login forms, allowing them to steal credentials from victims easier. All Chromium-based browsers, such as Google Chrome, Brave, and Microsoft Edge, have the “application mode” feature, which generates interfaces of websites to be opened, viewed, and used as applications. However,...
Continue Reading
Hackers Abuse Fake CircleCI Notifications Creadential Stealing Git Hub

Hackers abuse fake CircleCI notifications to steal GitHub accounts

Researchers have observed threat actors abusing the CircleCI notification feature to initiate a phishing attack. In this issue, it was reported that the adversaries had impersonated the CircleCI integration and delivery platform to execute their malicious intents. The malicious messages will inform the recipients that the terms and privacy policy of the spoofed company have...
Continue Reading
Humanitarian Groups Targeted RedAlpha APT Phishing Chinese Hackers

Humanitarian groups and other firms targeted by RedAlpha APT

Critical organisations worldwide have been warned about an ongoing credential theft phishing campaign executed by the China-based RedAlpha advance persistent threat (APT) group. This phishing campaign has been going on for the past three years and targets global government firms, think tanks, and humanitarian groups. The initial activities detected from the RedAlpha APT were in...
Continue Reading
Evernote Fake Website Impersonation Phishing Scheme Healthcare Trojan Cyber Threat

Evernote used as a fake website in a new phishing scheme

Authorities warn about a new phishing campaign utilising the popular notepad website, Evernote, to be a fake website that will hold a downloadable trojan file to hack into systems and collect victims’ credentials. This latest campaign was found to target the healthcare sector. As observed from the campaign, the victims are sent an email message,...
Continue Reading
PhaaS Platform Robin Banks Phishing Kits Dark Web Malicious Websites

A PhaaS platform, Robin Banks, offered phishing kits on the dark web

The latest dark web investigations spotted a phishing-as-a-service (PhaaS) platform, dubbed Robin Banks, launched by its operators to offer ready-made phishing kits that help their clients pose as financial institutions and other well-known brands to target victims. Hackers could choose from numerous organisations offered by the PhaaS platform, including popular ones like Netflix, Capital One,...
Continue Reading
New York US DMV Department of Motor Vehicles Threat Warning Phishing SMS Scams Fraud Prevention

New York’s DMV warns its customers regarding phishing scams

The New York State Department of Motor Vehicles (DMV) has published a threat advisory to warn its customers about a phishing scam that can steal sums by exfiltrating credentials. Based on reports, the phishing scam attempts to steal its targeted victims’ credentials and other essential information. The phishing attack includes spam messages containing malicious links...
Continue Reading
Luna Moth Hacking Group Extortion Ransomware Payloads Social Engineering Phishing Fraud Prevention

Luna Moth group extorts from victims without ransomware payloads

A new ransom group dubbed Luna Moth is said to have been utilising social engineering tactics, remote access trojans (RATs), and other legitimate commercially available software to be able to hack into their victims’ computers and extort ransom payments in exchange for their data. According to the reports published about Luna Moth, its operators execute...
Continue Reading
Crypto Platform Axie Infinity Compromised Links Spear Phishing Cybersecurity LinkedIn

Crypto platform Axie Infinity links compromise to spear-phishing

From the findings based on Axie Infinity’s cybersecurity compromise last March, researchers disclosed that it could have been initiated from a spear-phishing-based fake LinkedIn employment offer that caused the hack on the popular crypto play-to-earn platform. Since the attack, limited information was released on the investigation, including how the US authorities attributed it to the...
Continue Reading
1 2 3 4 31