ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
UNC1549 Hackers with Custom Tools Attacking Aerospace and Defense Systems to Steal Logins
Since mid-2024, a sophisticated Iranian-backed threat group known as UNC1549 has been conducting targeted campaigns against aerospace, aviation, and defense organizations across the globe. The hackers employ an advanced
DoorDash email spoofing vulnerability sparks messy disclosure dispute
A vulnerability in DoorDash's systems could allow anyone to send "official" DoorDash-themed emails right from company's authorized servers, paving a near-perfect phishing channel. DoorDash has now patched the issue, but
Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks
A new phishing campaign has emerged that weaponizes Microsoft Entra guest user invitations to deceive recipients into making phone calls to attackers posing as Microsoft support. The attack leverages a critical security
5 Reasons Why Attackers Are Phishing Over LinkedIn
Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a
Formbook Malware Delivered Using Weaponized Zip Files and Multiple Scripts
A new wave of Formbook malware attacks has appeared, using weaponized ZIP archives and multiple script layers to bypass security controls. The attacks begin with phishing emails containing ZIP files that hold VBS scripts
A Multi-Stage Phishing Kit Using Telegram to Harvest Credentials and Bypass Automated Detection
Phishing attacks continue to be one of the most persistent threats targeting organizations worldwide. Cybercriminals are constantly improving their methods to steal sensitive information, and a recently discovered phishi
Beware of Phishing Emails as Spam Filter Alerts Steal Your Email Logins in a Blink
Cybercriminals have launched a new phishing campaign that tricks users by impersonating legitimate spam-filter notifications from their own company. These fake emails claim that your organization recently upgraded its Se
Check Point deckt Malvertising-Netzwerk „Payroll Pirates“ auf
Check Point hat seine Lösung SmartPhish bereits aktualisiert, um Meta-bezogene Phishing-Angriffe dieser Art zuverlässig zu erkennen und zu stoppen.
Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit
The cybercriminals informed customers that their cloud server was shut down due to complaints. The post Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit appeared first on SecurityWeek.
Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data
A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to ta
Google Sues ‘Lighthouse’ Phishing-as-a-service Kit Behind Massive Phishing Attacks
Google security researchers recently uncovered a sophisticated criminal operation called “Lighthouse” that has victimized over one million people across more than 120 countries. This phishing-as-a-service platform repres
MastaStealer Weaponizes Windows LNK Files, Executes PowerShell Command, and Evades Defender
A newly documented malware campaign demonstrates how attackers are leveraging Windows LNK shortcuts to deliver the MastaStealer infostealer. The attack begins with spear-phishing emails containing ZIP archives with a sin
Google Sues to Disrupt Chinese SMS Phishing Triad
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast out text message lure
1 million victims, 17,500 fake sites: Google takes on toll-fee scammers
Google’s suing Lighthouse, a Chinese Phishing-as-a-Service platform that uses Google’s branding on scam sites to trick victims.
How Attackers Turn SVG Files Into Phishing Lures
Businesses today are dealing with faster, stealthier email threats that look routine yet unleash aggressively malicious scripts the moment a user engages. This is especially true when the lure arrives as an attachment th
New Phishing Attack Targeting iPhone Owners Who’ve Lost Their Devices
A new phishing campaign is targeting iPhone owners who have lost their devices, exploiting their hope of recovery to steal Apple ID credentials. The National Cyber Security Centre (NCSC) has received multiple reports of
Google sues to dismantle Chinese phishing platform behind US toll scams
Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service
Google sues cybercriminal group Smishing Triad
Google sues China-based group using “Lighthouse” phishing kit in large-scale smishing attacks to steal victims’ financial data. Google filed a lawsuit against a cybercriminal group largely based in China that is behind a
Massive Phishing Attack Impersonate as Travel Brands Attacking Users with 4,300 Malicious Domains
A large phishing campaign has been targeting travelers worldwide, using more than 4,300 fake domains to steal payment card information. The operation focuses on people planning vacations or about to check into hotels by
Phishing emails disguised as spam filter alerts are stealing logins
Think twice before clicking that "Secure Message" alert from your organization's spam filters. It might be a phish built to steal your credentials.