Phishing Page 3

XFiles Infostealer Follina Vulnerability Infect Malware Targets

XFiles infostealer used the Follina vulnerability to infect targets

The infostealer malware dubbed XFiles has made its rounds of cybercriminal activities after researchers noticed that it had exploited the Follina critical flaw. Based on reports, the vulnerability (CVE-2022-30190) was abused by the malware operators to infect targeted devices with malicious payloads. A cybersecurity solutions vendor has spotted the new infostealer malware that used Follina...
Continue Reading

A new WhatsApp scam offers fake job opportunities to defraud victims

WhatsApp fraudsters have expanded their scam campaigns by defrauding job hunters that aspire to be employed in the UK. The threat actors spoof an agent from the UK government that offers free visas and other work benefits to people willing to fly to the country for work. These fraudsters use the WhatsApp social messaging app...
Continue Reading
New Attack Tactic Exploit MS WebView2 Evade MFA Protocol

A new attack tactic can exploit the MS WebView2 and evade MFA protocol

Researchers recently discovered a new phishing strategy that could exploit the Microsoft Edge WebView2 applications to exfiltrate and steal authentication cookies. Subsequently, malicious phishing operators can utilise these authentication cookies to avoid the MFA functionality and login accounts effortlessly. A cybersecurity researcher has developed this new phishing method called “WebView2-Cookie-Stealer.” The devised phishing attack includes...
Continue Reading
Telecom ISP Service Providers Ukraine RAT Malware Campaign

Telecom service providers in Ukraine targeted by a new RAT campaign

The CERT-UA had recently issued a new advisory concerning threat actors targeting Ukrainian telecom service providers in a recent attack campaign. As detailed, the cybercriminals spread malicious spam messages or malspam against their victims through email with the subject ‘Free Primary Legal Aid.’ The phishing emails’ objective is to lure the victims into installing the...
Continue Reading
Researchers Observed Malware Infection LNK Files Hostile URLs

Researchers observed the rise of malware infection based on LNK files

Microsoft researchers have observed a surge of LNK-based malware distribution during the second quarter of 2022. Based on reports, several threat actors have been using LNK files to disseminate malicious payloads. The LNK link is a pointer to open a folder, file, or application. Windows users are prone to this attack since many of the...
Continue Reading
Fake Software Cracks Attack Vector Pirated CopperStealer Malware Infostealer Trojan

Fake software cracks vector for spreading the CopperStealer malware

An updated version of the CopperStealer malware has been distributed by several websites that host fake cracks for applications and software. Based on reports, these programs are exploited by malicious entities to deploy cybercriminal attacks. The recent campaign showed that the hackers had taken advantage of the demand for cracked apps and software by providing...
Continue Reading
Microsoft Azure Front Door Cloud Computing CDN Phishing Sites Host

Microsoft’s Azure Front Door cloud CDN used to create phishing sites

Cybercriminals used Microsoft’s Azure Front Door (AFD) to host phishing content to victimise people. Based on reports, one of the malicious campaigns that imitated different services was created on the azurefd[.]net domain, allowing the threat actors to steal victims’ data. Using popular cloud services to carry out phishing attacks without being detected is an effective...
Continue Reading
Fake Facebook Emails Hackers EI-ISAC Members Fraud Prevention

Fake Facebook emails used by hackers to target EI-ISAC members

An ongoing phishing campaign from an unidentified group of threat actors uses a copyright-themed fake Facebook email to target Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) members. The malicious email portrayed a Facebook Business as its sender, and the email came with a subject line titled “Facebook Copyright #10034576734223762”. The body of the fake...
Continue Reading
HTML Attachments VIP3R Spear Phishing Hacker Group Security Bypass

HTML attachments used by VIP3R spear-phishing group to bypass security

Cybersecurity researchers have discovered a spear-phishing campaign used by the VIP3R group that utilises malicious HTML attachments to attack individuals or organisations. A recent study spotted the spear-phishing attack that sports a unique chain of DH4 VIP3R L337. The sting also contained about 150 baits for stealing the credentials of more than 150 users owned...
Continue Reading
Iranian Hackers Spearphishing Cyberattacks Israel Impersonation Social Engineering

Iranian hackers used spearphishing attacks to target Israel

An alleged group of Iranian hackers has been operating a spearphishing campaign that includes masquerading known government officials. Based on reports, the Iran-sponsored threat group posed as a former United States ambassador to target think tank officials. The malicious threat actors could obtain initial access to one of its two targeted email boxes through phishing...
Continue Reading
1 2 3 4 5 31