Krebs on Security

NOVEMBER 21, 2024

A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. com and ouryahoo-okta[.]com.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Malwarebytes

FEBRUARY 11, 2025

There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. These Android phishing apps may sound high-tech, but they are not.

Phishing 129

Phishing Passwords Authentication Mobile 129

Security Affairs

OCTOBER 30, 2024

Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. The recent campaign is still ongoing and already targeted entities in multiple sectors, including government, defense, academia, NGO, and other sectors.

Phishing 126

Phishing Social Engineering Government Hacking 126

eSecurity Planet

FEBRUARY 10, 2025

In a stark warning to organizations and everyday users alike, cybersecurity experts and government agencies have sounded the alarm over a new breed of Gmail-targeted phishing attacks. AI-Enhanced Cyberthreats Recent intelligence indicates that the sophistication of Gmail phishing campaigns has reached new heights.

Phishing 115

Phishing Artificial Intelligence Password Management Accountability 115

Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. government for its hacking operations, CEO Eugene Kaspersky says he ordered workers to delete the code.

Malware 262

Malware Antivirus DDOS Software 262

Security Affairs

OCTOBER 17, 2024

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. “The infection chain consists of a spear-phishing message delivering a downloader consisting of either of two variants: “RustyClaw” – a RUST-based downloader, and a C++ based variant we track as “MeltingClaw”.”

Government 125

Government Malware Cyber Attacks Ransomware 125

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US government overall, nor to the US public.”

Phishing 311

Phishing Telecommunications Government DNS 311

Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.

Cryptocurrency 362

Cryptocurrency Phishing Accountability Cybercrime 362

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing 345

Phishing DNS Social Engineering Accountability 345

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Vishing: Also known as voice phishing. What is mishing? and 9%in Brazil.

Phishing 83

Phishing Mobile Social Engineering Data breaches 83

Penetration Testing

MAY 25, 2025

Recorded Futures Insikt Group has uncovered a new cyber-espionage campaign by Russia-aligned threat actor TAG-110 targeting public sector The post Russian-Aligned TAG-110 Targets Tajikistan Governments with Stealthy Cyber-Espionage appeared first on Daily CyberSecurity.

Government 111

Government Cybersecurity Phishing Malware 111

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government 80

Government Cybersecurity Risk CISO 80

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 140

Government Phishing Malware Banking 140

eSecurity Planet

JUNE 9, 2025

An organised crime gang has stolen £47 million ($64 million) from the UK’s tax office by hacking into over 100,000 customer accounts and fraudulently claiming government payments. The post Organised Crime Gang Steals £47 Million from UK Tax Office in Phishing Scam appeared first on eSecurity Planet.

Scams 86

Scams Phishing Password Management Accountability 86

Security Affairs

MAY 1, 2025

The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises. The domain list helps prevent future malicious use, allows security teams to scan past logs for breaches, and supports phishing analysis and model training.

Phishing 78

Phishing Banking Threat Detection Authentication 78

Penetration Testing

MAY 7, 2025

Hunt.io, a threat hunting platform, has revealed a sophisticated phishing campaign using ClickFix-style tactics and spoofed Indian government The post APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics appeared first on Daily CyberSecurity.

Phishing 80

Phishing Government Cybersecurity Social Engineering 80

Tech Republic Security

APRIL 1, 2022

A phishing technique called Browser in the Browser (BITB) has emerged, and it’s already aiming at government entities, including Ukraine. The post “Browser in the Browser” attacks: A devastating new phishing technique arises appeared first on TechRepublic. Find out how to protect against this new threat.

Phishing 215

Phishing Government 215

The Hacker News

MAY 27, 2025

Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian government objectives,

Phishing 133

Phishing Government Hacking 133

Security Affairs

SEPTEMBER 17, 2024

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to target employees of NASA, the U.S. Air Force, Navy, Army, and the FAA. Air Force, Navy, Army, and the FAA.”

Phishing 136

Phishing Government Identity Theft Engineering 136

Security Affairs

JANUARY 16, 2025

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection.

Accountability 126

Accountability Phishing Government Hacking 126

The Hacker News

MAY 13, 2025

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor's targeting beyond Russia. The group's interest in Ukraine follows historical targeting

Malware 128

Malware Phishing Government 128

Penetration Testing

MAY 4, 2025

Seqrite Labs APT team has revealed that Pakistan-linked threat actor APT36 (Transparent Tribe) has launched a coordinated phishing The post APT36 Targets India with Pahalgam Attack-Themed Phishing appeared first on Daily CyberSecurity.

Phishing 80

Phishing Cybersecurity Government 80

Security Affairs

APRIL 30, 2025

France blames Russia-linked APT28 for cyberattacks targeting or compromising a dozen French government bodies and other entities. The Russia-linked APT28 group has targeted or compromised a dozen government organizations and other French entities, the French Government states. CVE-2023-23397 ).

Government 117

Government Phishing DNS VPN 117

Security Affairs

JUNE 24, 2025

House has banned WhatsApp on government devices due to data security concerns. The CAO approved Microsoft Teams, Wickr, Signal, iMessage, and FaceTime as WhatsApp alternatives and warned staff to avoid phishing and unknown texts. Similar restrictions apply to AI tools like ChatGPT , ByteDance apps, and Microsoft Copilot.

Government 78

Government Spyware Mobile Encryption 78

eSecurity Planet

MARCH 28, 2025

A sophisticated cybercrime service known as “Lucid” is exploiting vulnerabilities in Apples iMessage and Androids Rich Communication Services (RCS), allowing cyberthieves to conduct large-scale phishing attacks with alarming success. Automated mobile farms that deploy phishing messages at scale.

Phishing 58

Phishing Scams Cybercrime Encryption 58

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 71

Government Cyber threats Phishing Malware 71

Schneier on Security

MAY 30, 2025

Current phishing attacks have evolved from those older Nigerian scams filled with grammar mistakes and typos. Recently, both cyberspace activist Cory Doctorow and security researcher Troy Hunt —two people who you’d expect to be excellent scam detectors—got phished. This is all hard.

Cybersecurity 229

Cybersecurity Scams Security Awareness Phishing 229

The Last Watchdog

SEPTEMBER 21, 2022

Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Cybersecurity experts are discussing a new trend in the cybercrime community called phishing-as-a-service. Phishing-as-a-Service (PhaaS). Ready-to-use phishing kits with all necessary attack items are available on the web.

Phishing 198

Phishing Artificial Intelligence Cybercrime Social Engineering 198

Malwarebytes

MARCH 19, 2025

” Whether it’s a so-called “subsidy program,” a “government grant,” or a “relief card,” these scams all share the same underlying goalto manipulate people into giving away their personal information, orworsetheir hard-earned cash. .” ” “482 Spots Remaining! gov domains).

Scams 98

Scams Government Identity Theft Phishing 98

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. In September 2024, Ukraines National Coordination Centre for Cybersecurity (NCCC) banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. continues the announcement.

Government 144

Government Surveillance Hacking Mobile 144

Security Affairs

DECEMBER 18, 2024

In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware.

Phishing 110

Phishing Government Firewall VPN 110

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Promoting continuous learning in privacy tech, AI governance, and Zero Trust, alongside partnerships with educational institutions, helps build a skilled workforce to meet evolving regulatory demands.

Risk 173

Risk Threat Detection Technology Phishing 173

The Hacker News

MAY 8, 2025

The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The ANEL file from

Malware 114

Malware Phishing Government 114

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. GAI is also a boon for attackers seeking financial gain. As the technology evolves, so will its misuse.

Artificial Intelligence 136

Artificial Intelligence Phishing Media Cybercrime 136

The Hacker News

OCTOBER 16, 2024

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails.

Banking 132

Banking Phishing Malware Retail 132

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. com usps.trckspost[.]com

Phishing 329

Phishing Scams Passwords Web Fraud 329

Security Affairs

SEPTEMBER 20, 2024

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. ” Despite the ban on military and government devices, Ukrainian users rely heavily on Telegram to communicate and receive news on ongoing conflicts. .”

Government 139

Government Phishing Hacking Malware 139