The Schoolyard Bully Trojan is a malware campaign that targets Android applications to get into victims’ devices and steal their Facebook logins. This article shares the Schoolyard Bully Trojan, how it works, its capabilities, and how you can stay protected against it.
The IceXLoader malware has evolved and is striking via a phishing email, dropping the malware payload capable of advanced, evasive, and persistent system presence to exfiltrate data. This text shares IceXLoader’s history, how IceXLoader works, new features, IceXLoader attack pattern, how the IceXLoader malware can harm organizations, and what organizations need to do to stay protected.
Over the past years, phishing attacks have evolved in number and intensity. Organizations can stay resilient against threats by staying updated about the latest episodes. Here are this week’s phishing and data breach headlines.
You may hardly find an industry today that is not impacted by phishing attacks. Threat actors don’t spare anyone, be it a typical internet user or an organization with thousands of employees. This is why it is crucial to keep yourself updated about how these attacks happen to ensure you or your organization does not end up being a victim of such cyber threats. Here are threat week headlines that cover how threat actors exploit vulnerabilities and target your information assets.
The Robin Banks PhaaS platform is back with a new Russian server and a cookie stealer to bypass 2FA and compromise organizational accounts. This article shares the history of Robin Banks, attack patterns, how Robin Banks evolved, the Robin Banks cookie stealer and Russian server, how Robin Banks’s phishing kit works, and how organizations can stay protected against Robin Banks’s phishing.
Threat actors continue to target organizations worldwide to get access to their information assets. It may be challenging to anticipate a phishing attack, but one can surely learn from the attacks that have taken place to understand how these malicious actors operate and adopt anti-phishing measures accordingly. To that end, here are the phishing and breach-related updates for the week.
Scammers and hackers are exploiting the confusion regarding Twitter’s new CEO, Elon Musk’s plans for paid blue ticks on the platform. They are sending phishing emails disguised as official Twitter notices and luring users into sharing their details. This post covers the details regarding such phishing schemes.
Twilio has suffered a second attack, leading to the compromise of its former and current employee accounts and the loss of sensitive customer information. This text shares the details of the attack, how it happened, whether it is over, whether customers are safe, how Twilio is dealing with it, and what organizations could learn from the cyberattack.
The ICO has fined Interserve £4.4 million, which is about $5 million, due to the data breach compromising the financial and personal data of 113,000 employees. Here is how the attack occurred, the lost data, why Interserve was fined, and how organizations can avoid a similar fate by investing in anti-phishing solutions.
Taking cybercriminals lightly is no longer an option with the evolving threat landscape. One needs to be aware of what they are up to, to avoid becoming their victim. To that end, here are this week’s phishing and data breach headlines.
Airline giant, American Airlines released a data breach notification, informing about a data breach compromising the accounts of its employees. This article shares details of the data breach, the information that was leaked, how American Airlines is dealing with it, and what employees can do to protect themselves.
TA453, an Iranian-aligned cybercriminal group, is harvesting credentials by employing multi-persona impersonation. This article shares details about TA453, its Korg remote template injection, how TA453’s phishing campaign works, how to check if you are a target, and how to protect yourself.
Organizations implement Multi-factor authentication (MFA) as an enterprise identity security tool to protect them against credential theft, brute force techniques, and dictionary attacks. But what if a cybercriminal intercepts MFA? Read on to know how attackers planned the sophisticated attack on Okta customers.
Abnormal Security has released the H2 Email Security Threat report highlighting the top email security threats in the first six months of 2022. This article shares key statistics, discovered trends, and revelations of the report.
HIPAA journal has revealed the latest Healthcare Data Breach report highlighting millions of compromised healthcare records. With healthcare data breaches at their highest, affecting California and New York the most, this article shares the report’s findings, summary, and the reason behind the sudden spike in targeting cyber-attacks against Healthcare Industry.
Blockchain gaming is gaining popularity due to the lucrative earning opportunities it offers its players. But it seems even the secure and decentralized nature of Blockchain is not sufficient to stop adversaries from launching Phishing attacks. Read on to know how Axie Infinity became a victim.
The NakedPages phishing toolkit model has been making headlines since its discovery by CloudSEK researchers. This post explains what NakedPages is, everything you need to know, and shares NakedPages’ features, impact, and how you can protect yourself from the phishing toolkit.
There is a new phishing spam campaign making headlines in the cybersecurity world that delivers malware onto compromised machines. The malware is initiated by a phishing attack and delivered by “Matanbuchus,” specially designed to deliver DLL payloads, launch malicious PowerShell commands, and persist via additional task schedules.
The attack is highly sophisticated and makes use of malicious MSI installer files leading to an Adobe Acrobat installer running a beacon for Cobalt Strike in the background.
The following sections delve deeper into how the latest malware attack takes place.
The talk of the town is the phishing campaign on Facebook that has reportedly duped millions into providing their login credentials to cybercriminals. The Facebook phishing operation is the latest in a long line of cybersecurity news that has shaken people worldwide.
Phishing is one of the most formidable threats in the cyber world today. Even though various news, reports, and anti-phishing campaigns attempt to spread awareness and knowledge, people still fall victim to novel phishing methods. This article seeks to summarize key statistics observed so far in 2022 by various cybersecurity organizations and present them in a useful and comprehensive manner. It is also a warning for all organizations and individuals for the rest of the year.