article thumbnail

Clever Social Engineering Attack Using Captchas

Schneier on Security

This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line.

article thumbnail

Black Basta Ransomware Group Elevates Social Engineering with Microsoft Teams and Malicious QR Codes

Penetration Testing

The ReliaQuest Threat Research Team uncovered an intensified social engineering campaign tied to the ransomware group Black Basta.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

The Hacker News

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. This removes many opportunities for browsers or security

article thumbnail

CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks

Tech Republic Security

Trends in cybersecurity across 2024 showed less malware and phishing, though more social engineering. CrowdStrike offers tips on securing your business.

article thumbnail

Introduction to Fileless Malware

Doctor Chaos

Fileless malware is a type of cyber attack that does not rely on the traditional method of installing malicious software on a victim's computer.

Malware 130
article thumbnail

UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base

Penetration Testing

The attacks, attributed to... The post UAC-0185 APT Leverages Social Engineering to Target Ukrainian Defense Industrial Base appeared first on Cybersecurity News.

article thumbnail

Python Developers Targeted with Malware During Fake Job Interviews

Schneier on Security

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS.

Malware 300