Krebs on Security

NOVEMBER 26, 2018

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “[link].

Phishing 279

Phishing Scams Cryptocurrency Internet 279

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. The automation of malware development is another worrying trend, as it lowers the barrier to entry for cybercrime.

Artificial Intelligence 135

Artificial Intelligence Phishing Media Cyber threats 135

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 242

Phishing Passwords Hacking Internet 242

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying.

Cyber threats 264

Cyber threats CISO IoT Phishing 264

The Last Watchdog

NOVEMBER 11, 2024

The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly a groundbreaking technology that will reinvent how we interact with the digital world. Related: Is the Metaverse truly secure?

Cybersecurity 130

Cybersecurity Social Engineering Technology Threat Detection 130

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. Agent Trojan.Win64.Convagent.gen

Malware 143

Malware Education Technology Media 143

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. A recent phishing site that abused LinkedIn’s marketing redirect. A recent phishing site that abused LinkedIn’s marketing redirect. Urlscan also found this phishing scam from Jan. Image: Urlscan.io.

Phishing 359

Phishing Marketing Scams Accountability 359

eSecurity Planet

APRIL 21, 2025

A notorious Russian hosting service provider known as Proton66 is at the center of a series of widespread cyberattacks and malware campaigns targeting organizations and users worldwide, according to fresh findings from cybersecurity experts. The malware connects to a C2 server at 193.143.1.139. 24 45.135.232.0/24 24 45.140.17.0/24

Malware 70

Malware Phishing VPN Ransomware 70

Security Affairs

OCTOBER 11, 2024

” Beyond previous reports on this threat actor’s focus on ICS and PLCs, the prompts observed during this campaign provide precious information on other technologies and software the state-sponsored hackers may target. This included working on malware that was still in development, and looking for information on potential targets.”

Malware 138

Malware Social Engineering Engineering Hacking 138

Malwarebytes

FEBRUARY 4, 2025

A paradigm shift in technology is hurtling towards us, and it could change everything we know about cybersecurity. When ChatGPT was unveiled to the public in late 2022, security experts looked on with cautious optimism, excited about the new technology but concerned about its use in cyberattacks. Uhh, again, that is.

Artificial Intelligence 144

Artificial Intelligence Small Business Malware Technology 144

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. While fully agentic AI malware remains years away, the industry must prepare now. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities.

Risk 173

Risk Threat Detection Technology Phishing 173

SecureList

MAY 15, 2025

Percentage of ICS computers on which denylisted internet resources were blocked, Jan 2022Mar 2025 Changes in the percentage of ICS computers on which initial-infection malware was blocked lead to changes in the percentage of next-stage malware. times more than in the previous quarter) and malicious documents (1.1

Spyware 93

Spyware Phishing Internet Internet 93

Krebs on Security

AUGUST 14, 2020

Sources close to the investigation tell KrebsOnSecurity the malware is known as Defray. “The phishing emails the authors use are well-crafted,” Trend Micro wrote. Defray was first spotted in 2017, and its purveyors have a history of specifically targeting companies in the healthcare space.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Security Boulevard

JANUARY 20, 2025

Specifically, stories and news items where public and/or private organizations have leveraged their capabilities to encroach on user privacy; for example, data brokers using underhanded means to harvest user location data without user knowledge or public organizations using technology without regard for user privacy.

Surveillance 97

Surveillance Malware Data breaches Scams 97

The Last Watchdog

FEBRUARY 4, 2025

These sprawling identities, exposed through breaches, infostealer infections, and phishing attacks, create shadow data that traditional tools simply cant address. SpyCloud , a leading identity threat protection company, announced key innovations in its portfolio, pioneering the shift to holistic identity threat protection.

Cybercrime 124

Cybercrime Accountability Phishing Malware 124

The Last Watchdog

JULY 27, 2023

In its H1 2023 Report: Cybersecurity Trends & Insights , Perception Point reported an overall increase in social engineering attacks, including a 20% growth in the prevalence of Business Email Compromise (BEC) attacks along with a 41% surge in phishing attacks from H2 2022 to H1 2023.

Phishing 186

Phishing Social Engineering Engineering Media 186

SecureWorld News

DECEMBER 4, 2024

The United States retail sector faced an especially aggressive wave of cyber threats, with phishing attacks mimicking major holiday brands [3] including Walmart, Target, and Best Buy increasing by more than 2,000% during peak shopping periods.

Retail 115

Retail Scams Phishing Cyber threats 115

IT Security Guru

APRIL 25, 2025

With the rapid expansion of technological advancements, there have been many great innovations across various industries that have had a positive impact on the world. However, these advancements also mean the latest technologies may not always be used for legal or ethical activities, making being online a very risky business these days.

Scams 44

Scams Phishing Cryptocurrency Cyber threats 44

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million detections compared to 5.84

Phishing 83

Phishing Banking Scams Mobile 83

Security Affairs

NOVEMBER 25, 2024

“This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.” ” first reported TechCrunch.

Mobile 126

Mobile Scams Technology Telecommunications 126

SecureWorld News

JANUARY 7, 2025

Their themes touch on phishing, man-in-the middle attacks, cryptography and decryption, incident response, and more. Lured by the Sweet: Avoiding the Phishing Trap Similar to Hansel and Gretel, who were tempted by a candy-coated trap, phishing attacks entice victims with seemingly irresistible offers or legitimate-looking emails and websites.

Cybersecurity 112

Cybersecurity Social Engineering Phishing Engineering 112

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). A progressive web app (PWA) is an app that’s built using web platform technologies, but that provides a user experience like that of a platform-specific app. ” reads the report published by ESET.

Phishing 134

Phishing Mobile Banking Social Engineering 134

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. But as technology advances, so do the threats. Anti-phishing protection Shields you from phishing attempts. Viruses and malware programs harm your devices or steal your data.

Antivirus 84

Antivirus Identity Theft Cyber threats Phishing 84

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. In particular, Avast and AVG solutions are of interest to the malware.

Malware 142

Malware Encryption Architecture Phishing 142

Security Boulevard

MAY 18, 2023

However, its widespread use has raised concerns about the potential for bad actors to misuse the technology. Experts are worried that ChatGPT’s ability to source recent data about an organization could make social engineering and phishing attacks more effective than ever.

Phishing 130

Phishing Social Engineering Engineering Technology 130

SecureList

MARCH 10, 2025

We continued to monitor the group throughout the rest of the year, observing intense activity that included updates to SideWinder’s toolset and the creation of a massive new infrastructure to spread malware and control compromised systems. Infection flow The attacker sends spear-phishing emails with a DOCX file attached.

Energy and Utilities 119

Energy and Utilities Malware Government Phishing 119

Jane Frankland

MAY 16, 2025

in parking lots) redirect to malware ridden websites. How Scammers Exploit Emotion and Technology Scammers rely on emotional manipulation and increasingly tech to catch people off guard especially when were distracted, tired, or just trying to get through a busy day. Goods are never delivered or are counterfeit.

Scams 130

Scams Password Management Passwords Banking 130

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. “This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S.

Hacking 313

Hacking Malware Ransomware Government 313

Krebs on Security

AUGUST 28, 2020

Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. This is part of the reason we acquired Authy and created a line of account security products and services.

Accountability 361

Accountability Hacking Authentication Marketing 361

Approachable Cyber Threats

MARCH 12, 2025

Category Awareness, Social Enginering Risk Level Phishing emails are getting harder to detect. What is phishing, and why is it such a big deal?" Phishing is one of the oldest tricks in the hacker playbook - but its also one of the most effective. Alright, but cant I just spot and delete phishing emails?"

Phishing 52

Phishing Scams Social Engineering Artificial Intelligence 52

Malwarebytes

DECEMBER 5, 2024

Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US. Among the culprits are four major APT groups: Volt Typhoon, Salt Typhoon, Flax Typhoon, and Velvet Ant.

Encryption 142

Encryption Identity Theft Media Telecommunications 142

SecureList

NOVEMBER 29, 2024

The malware utilizes cloud resources for its C2 (command and control) servers, which it accesses via APIs using authentication tokens. While the modus operandi of the threat actor is reminiscent of the CloudWizard APT that we reported on in 2023, the malware code is completely different.

Energy and Utilities 105

Energy and Utilities Ransomware Malware Government 105

SecureWorld News

FEBRUARY 25, 2025

It is recommended that organizations should consider AI-powered deception technologies to detect and neutralize AI-driven threats. Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise.

Cybersecurity 93

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 93

Jane Frankland

MAY 18, 2025

On the other, hackers are harnessing the same technology to outpace defences, sharing AI-enhanced strategies that make them faster, smarter, cheaper and more adaptable. They cannot keep pace with adversaries who are using adaptive and polymorphic malware that can evade and iterate faster than policies can be updated.

Cybersecurity 130

Cybersecurity Ransomware Backups Firewall 130

Duo's Security Blog

JANUARY 14, 2025

In recent webinar Preventing Helpdesk Phishing with Duo and Traceless , Duo PMM Katherine Yang sat down with Gene Reich, Co-founder of Traceless to discuss why stronger identity verification is critical for MSPs and helpdesk teamsespecially with the increased accessibility of AI technologies driving identity fraud.

Phishing 111

Phishing Technology Scams Cybercrime 111

IT Security Guru

NOVEMBER 1, 2024

As technology advances, so do the methods and motivations of those who seek to disrupt global stability. Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information.

Technology 109

Technology Cyber Attacks Government Social Engineering 109