Here you will find all the articles with the tag: Phishing.
The new attack comes via an access request in a Microsoft Teams group chat to spread suspicious files for the DarkGate malware Telecom provider AT&T warns of this. If the target accepts the request, the attackers attempt to trick chat participants into downloading the file Navigating Future ... Read more
3 months ago
Passkeys have a marketing problem, in which they get presented as a holy grail that eliminates all forms of phishing. In reality, that story is much more nuanced; they actually only address one specific form of phishing. Even though passkeys cannot live up to the promises of the marketing stories, ... Read more
3 months ago
Hackers who want to carry out a phishing attack and misuse a well-known brand are most likely to use Microsoft's brand name. That's according to research for the fourth quarter of 2023 by Check Point. The brand name was used in 33 per cent of the total number of (email) phishing attacks during ... Read more
3 months ago
Phishing is a technique that is still commonly used by hackers even though the attack is years old. Small changes to the technique breathe new life into the phishing scheme each time. This mainly involves changing the medium. Whereas phishing was traditionally spread via email, hackers later switch... Read more
3 months ago
A new phishing method aims to sidestep the two-step verification of Instagram accounts. A misleading email message and login page lets users unintentionally reveal their credentials and a temporary six-digit backup code. The findings come from Trustwave, which previously described another method... Read more
4 months ago
A new form of e-mail spoofing was revealed this week: "SMTP Smuggling." The vulnerability allows threat actors to produce highly believable phishing emails. Although it seems decades past the time to move away from the ancient protocol, SMTP is here to stay. The new method bypasses email protect... Read more
4 months ago
MongoDB is still investigating a security incident in which hackers penetrated customers' business systems. Contact information and metadata were allegedly accessed. The number of involved customers stays unclear. During the weekend of Dec. 16 and 17, a security incident occurred at MongoDB. On... Read more
4 months ago
The infamous Qakbot malware has made a return. Microsoft Threat Intelligence warns of new phishing emails purporting to be from the U.S. Internal Revenue Service (IRS). In late August, international police units announced they had eliminated the giant Qakbot botnet during "Operation Duck Hunt." ... Read more
4 months ago
A new phishing campaign that aims to install a rogue extension specifically targets administrators of WordPress websites, reports Wordfence. Hackers are allegedly posing as the "WordPress Security Team" in the process. According to Wordfence, a phishing campaign is underway that targets administ... Read more
5 months ago
Russian state-affiliated hacker gang APT29 is exploiting the CVE-2023-38831 vulnerability in WinRAR 6.23 and older versions. A combined tactic of "old-school phishing and new cloaking capabilities" is used for this purpose. This is what the Ukrainian National Security and Defense Council (NDSC) ind... Read more
5 months ago
