ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Scattered Spider playbook evolving fast, says Microsoft
<html><body><p><p>Microsoft has rolled out a series of targeted enhancements across its <a href="https://www.microsoft.com/en-us/security/business/microsoft-defender" target="_blank" rel="noopener">Defender&l
Amazon warns 200 million Prime customers that scammers are after their login info
<html><body><p>Amazon has emailed 200 million customers to warn them about a rather convincing phishing campaign.</p></body></html>
Universal ZTNA from Cisco Earns Coveted SE Labs AAA Rating
<html><body><p>Combining the power of Duo's Identity Management and Cisco's Secure Access and Identity Intelligence protects against stolen credentials and phishing attacks.</p></body></html>
What is cybersecurity?
<html><body><p><p>Cybersecurity is the practice of protecting systems, networks and data from digital threats. It involves strategies, tools and frameworks designed to safeguard sensitive information and ensure the
RenderShock 0-Click Vulnerability Executes Payloads via Background Process Without User Interaction
<html><body><p>A sophisticated zero-click attack methodology called RenderShock that exploits passive file preview and indexing behaviors in modern operating systems to execute malicious payloads without requiring any us
Die typischen Herausforderungen beim Umgang mit Datenrisiken
<html><body><p><p>Als eine spezielle Form des Risikomanagements bezieht sich das Datenrisikomanagement (Data Risk Management) in der Regel auf Datenschutz, Datensicherheit, Richtlinien zur akzeptablen Nutzung, gese
Google Gemini flaw hijacks email summaries for phishing
<html><body><p>Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments
GitPhish – A New Tool that Automates GitHub Device Code Phishing Attack
<html><body><p>GitPhish represents a significant advancement in automated social engineering tools, specifically targeting GitHub’s OAuth 2.0 Device Authorization Grant implementation. This open-source tool streamlines
The MFA You Trust Is Lying to You – and Here's How Attackers Exploit It
<html><body><p>MFA Authenticator apps aren't cutting it anymore. Attackers are bypassing legacy MFA with fake sites and real-time phishing. Token Ring and BioStick stop them cold—with fingerprint-bound hardware. Learn mo
10 Best Secure Web Gateway Vendors In 2025
<html><body><p>In 2025, the need for robust secure web gateways (SWGs) has never been greater. As organizations shift to hybrid work, cloud-first strategies, and digital transformation, threats targeting web traffic have
Tycoon2FA, EvilProxy, Sneaky2FA: How To Defend Against These Phishing Kit Attacks
<html><body><p>Phishing kits are evolving fast. Threat actors behind toolkits like Tycoon2FA, EvilProxy, and Sneaky2FA are getting smarter, setting up infrastructure that bypasses 2FA and mimics trusted platforms like Mi
Researchers Expose Scattered Spider’s Tools, Techniques and Key Indicators
<html><body><p>Scattered Spider’s phishing domain patterns provide actionable insights to proactively counter threats from the notorious cyber group responsible for recent airline attacks. Scattered Spider, a sophisticat
New Batavia spyware targets Russian industrial enterprises
<html><body><p>Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has use
New Batavia spyware targets Russian industrial enterprises
<html><body><p>Since March 2025, fake contract emails have been spreading Batavia spyware in targeted attacks on Russian organizations. Since March 2025, a targeted phishing campaign against Russian organizations has use
'Batavia' Windows spyware campaign targets dozens of Russian orgs
<html><body><p>A previously undocumented spyware called 'Batavia' has been targeting large industrial enterprises in Russia in a phishing email campaign that uses contract-related lures. [...]</p></body></html>
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates
<html><body><p>North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors. North Korea-linked threat actors are targeting Web3 and crypto firms with N
New Phishing Attack Impersonates as DWP Attacking Users to Steal Credit Card Data
<html><body><p>A sophisticated phishing campaign targeting UK citizens has emerged, masquerading as official communications from the Department for Work and Pensions (DWP) to steal sensitive financial information. The ca
Threat Actors Widely Abuse .COM TLD to Host Credential Phishing Website
<html><body><p>The .COM top-level domain continues to dominate the cybercriminal landscape as the primary vehicle for hosting credential phishing websites, maintaining its position as the most extensively abused TLD by t
AI Tools Like GPT Direct Users to Phishing Sites Instead of Legitimate Ones
<html><body><p>The popular artificial intelligence tools, including GPT models and Perplexity AI, are inadvertently directing users to phishing websites instead of legitimate login pages. The study found that when users
Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams
<html><body><p>Callback phishing scam emails are masquerading as messages from popular brands used for everyday tasks that put small businesses at risk.</p></body></html>