Search Results for: phishing attacks

Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks

TheHackerNews / By

November 24, 2023 A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts. The activity has been attributed to a threat actor called Konni, which is assessed to share overlaps with a North Korean cluster tracked as Kimsuky (aka APT43). …

Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks Read More »

Iran’s MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign

TheHackerNews / By

November 3, 2023 The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign “exhibits updated TTPs to previously reported MuddyWater activity,” Article posted by: …

Iran’s MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign Read More »

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

TheHackerNews / By

October 10, 2023 Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and Article posted …

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms Read More »

QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks

TheHackerNews / By

October 6, 2023 Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted Qakbot operators’ …

QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks Read More »

W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts

TheHackerNews / By

September 7, 2023 A previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. “The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing …

W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts Read More »

Phishing Outlook 2023: Statistics, Real-Life Incidents, and Best Practices

Phishing Outlook 2023: Statistics, Real-Life Incidents, and Best Practices

CyberSecurity Updates, EC-Council, Knowledge Base / By

In the ever-changing world of cybersecurity, phishing attacks have emerged as a significant and deceptive threat, exploiting the human element and posing a challenge to organizations. In EC-Council’s latest whitepaper titled “Phishing Outlook 2023: Statistics, Real-Life Incidents, and Best Practices,” authored by Graham Thomson, CISO at Irwin Mitchell, we delve into some of the most…

The post Phishing Outlook 2023: Statistics, Real-Life Incidents, and Best Practices appeared first on Cybersecurity Exchange.

New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks

TheHackerNews / By

August 11, 2023 Malicious actors are using a legitimate Rust-based injector called Freeze[.]rs to deploy a commodity malware called XWorm in victim environments. The novel attack chain, detected by Fortinet FortiGuard Labs on July 13, 2023, is initiated via a phishing email containing a booby-trapped PDF file. It has also been used to introduce Remcos RAT by …

New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks Read More »

Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives

TheHackerNews / By

August 11, 2023 Threat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft 365 user accounts, sending approximately 120,000 phishing emails to hundreds of organizations …

Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives Read More »

Interpol Busts Phishing-as-a-Service Platform ’16Shop,’ Leading to 3 Arrests

TheHackerNews / By

August 11, 2023 Interpol has announced the takedown of a phishing-as-a-service (PhaaS) platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing attacks on a large scale, ultimately facilitating the theft of credentials and …

Interpol Busts Phishing-as-a-Service Platform ’16Shop,’ Leading to 3 Arrests Read More »

New AI Tool ‘FraudGPT’ Emerges, Tailored for Sophisticated Attacks

TheHackerNews / By

July 27, 2023 Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. “This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, etc.,” Netenrich security researcher Rakesh Krishnan  Article posted …

New AI Tool ‘FraudGPT’ Emerges, Tailored for Sophisticated Attacks Read More »

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.