Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain … [Read more...] about Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Phishing
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like … [Read more...] about How Phishing Attacks Adapt Quickly to Capitalize on Current Events
Malware Distributed Using Falcon Sensor Update Phishing Lure
Summary On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365[.]com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt. The domain was registered on July 23, 2024, days after July 19, 2024, when an issue … [Read more...] about Malware Distributed Using Falcon Sensor Update Phishing Lure
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered … [Read more...] about This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
Harnessing Email Data to Stop Phishing Attacks with Falcon Next-Gen SIEM
Phishing is a formidable–and financially devastating–threat costing organizations $4.76 million USD per breach on average. With a simple, deceptive email, adversaries can masquerade as trusted entities, tricking even savvy individuals into handing over their credentials and other sensitive information. Whether it’s a duplicitous link or a crafty call to action, phishing … [Read more...] about Harnessing Email Data to Stop Phishing Attacks with Falcon Next-Gen SIEM
Stop Phishing with Next-Gen SIEM and SOAR
Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch effective phishing campaigns thanks to off-the-shelf phishing kits and generative AI, and above all, it works — 71% of organizations reported at least one successful attack in 2023. To defend … [Read more...] about Stop Phishing with Next-Gen SIEM and SOAR
NG-SIEM – Stop Phishing Attacks
June 25, 2024|William Yelles |Tech Hub•Next-Gen SIEM Tweet Share Related Content Falcon NG-SIEM Data Onboarding: Demo Drill Down Harnessing Email Data to Stop Phishing Attacks with Falcon Next-Gen SIEM NG-SIEM – AI Assisted Investigation Falcon NG-SIEM Data Onboarding: Demo Drill Down Copyright © … [Read more...] about NG-SIEM – Stop Phishing Attacks
Hijacking GitHub accounts using phishing emails
We recently wrote about how attackers have learned to use legitimate social media infrastructure to deliver plausible-looking warnings about the blocking of business accounts, leading to password theft. It turns out that for several months now, a very similar method has been used to attack developer accounts on GitHub, which is a cause for concern for corporate information … [Read more...] about Hijacking GitHub accounts using phishing emails
How phishing using progressive web apps (PWAs) works
A security researcher known as mr.d0x has published a post detailing a new technique that can be used for phishing and potentially other malicious activities. The technique exploits so-called progressive web apps (PWAs). In this post, we discuss what these applications are, why they can be dangerous, how attackers can use them for their own purposes, and how to [placeholder … [Read more...] about How phishing using progressive web apps (PWAs) works
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack
Jun 10, 2024NewsroomPhishing Attack / Cybercrime Cybersecurity researchers have spotted a phishing attack distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago. The attack, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, Canadian cybersecurity firm … [Read more...] about More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack