ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Phishing Defense Strategies – Advanced Techniques for Email Security
<html><body><p>Modern phishing attacks have evolved far beyond simple deceptive emails, now incorporating AI-generated content, deepfake impersonation, and sophisticated social engineering techniques that bypass traditio
FIN6 hackers pose as job seekers to backdoor recruiters’ devices
<html><body><p>In a twist on typical hiring-related social engineering attacks, the FIN6 hacking group impersonates job seekers to target recruiters, using convincing resumes and phishing sites to deliver malware. [...]<
New SharePoint Phishing Attacks Using Lick Deceptive Techniques
<html><body><p>A sophisticated new wave of phishing attacks is exploiting Microsoft SharePoint’s trusted platform to bypass traditional security measures, representing a significant evolution in cyberthreat tactics. Thes
APT41 Hackers Using Google Calendar for Malware Command-and-Control To Attack Government Entities
<html><body><p>A recent campaign by Chinese state-sponsored threat actor APT41 has unveiled a novel exploitation of Google Calendar for malware command-and-control (C2) operations, marking a significant escalation in cyb
Google patched bug leaking phone numbers tied to accounts
<html><body><p>A vulnerability allowed researchers to brute-force any Google account's recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk fo
New ClickFix Attack Exploits Fake Cloudflare Human Check to Install Malware Silently
<html><body><p>A sophisticated new social engineering attack campaign has emerged that exploits users’ familiarity with routine security checks to deliver malware through deceptive Cloudflare verification pages. The Clic
Hackers Exploiting Roundcube Vulnerability to Steal User Credentials
<html><body><p>A sophisticated spear phishing campaign targeting Polish organizations, where threat actors successfully exploited the CVE-2024-42009 vulnerability in Roundcube webmail systems. The attack enables JavaScr
DCRat Attacking Users In Latin America To Steal Banking Credentials
<html><body><p>A sophisticated malware campaign targeting Latin American users has emerged as a significant threat to the region’s banking sector, with cybercriminals deploying the DCRat banking trojan through elaborate
HMRC phishing breach wholly avoidable, but hard to stop
<html><body><p>A breach at HMRC saw innocent taxpayers tricked into letting scammers impersonate them through simple phishing attacks leading to account takeover. Such attacks are avoidable, but hard to stop.</p></body><
New Phishing Attack that Hides Malicious Link from Outlook Users
<html><body><p>A sophisticated phishing technique that exploits Microsoft Outlook‘s HTML rendering capabilities to hide malicious links from corporate security systems while maintaining their effectiveness against end us
APT37 Hackers Mimic Academic Forum Invites To Deliver Malicious LNK Files Via Dropbox Platform
<html><body><p>The North Korea-linked APT37 threat group has launched a sophisticated spear phishing campaign targeting South Korean activists and researchers focused on North Korean affairs, employing deceptive academic
Erhöhte Phishing Angriffe zur Steuersaison
<html><body><p>Mindestens genauso wichtig ist die Vorbereitung der Mitarbeitenden. Regelmäßige, praxisnahe Schulungen helfen, betrügerische Mails schneller zu erkennen und angemessen darauf zu reagieren.</p></body></html
Scattered Spider: Three things the news doesn’t tell you
<html><body><p>Scattered Spider isn't one group — it's an identity-first threat model evolving fast. From vishing to AiTM phishing, they're exploiting MFA gaps to hijack the cloud. Watch the Push Security webinar to lear
Haozi’s Plug-and-Play Phishing Attack Stolen Over $280,000 From Users
<html><body><p>A sophisticated phishing-as-a-service operation known as Haozi has emerged as a significant threat in the cybercriminal landscape, facilitating over $280,000 in fraudulent transactions within just five mon
KnowBe4 gibt praktische Tipps für den Datenschutz in der Urlaubszeit
<html><body><p>Ob Phishing-Mails im Urlaubslook, unsichere WLAN-Verbindungen oder anfällige mobile Geräte: Die Bedrohungslage für Reisende hat sich weiterentwickelt. Umso wichtiger ist es, vorbereitet zu sein. KnowBe4 gi
Phishing-as-a-Service: The Rise of Subscription-Based Cybercrime
<html><body><p>In the ever-evolving world of cybercrime, phishing continues to dominate as one of the most effective and widespread attack methods. But the way these attacks are executed has dramatically changed. What wa
Threat Actors Leverage Google Apps Script To Host Phishing Websites
<html><body><p>Cybercriminals have escalated their tactics by exploiting Google Apps Script, a trusted development platform, to host sophisticated phishing campaigns that bypass traditional security measures. This emergi
Tycoon2FA Infra Used by Dadsec Hacker Group to Steal Office365 Credentials
<html><body><p>A sophisticated phishing campaign leveraging shared infrastructure between two prominent cybercriminal operations has emerged as a significant threat to Office 365 users worldwide. The Tycoon2FA Phishing-a
Countering Spear Phishing with Advanced Email Security Solutions
<html><body><p>According to the Anti-Phishing Working Group, 989,123 phishing attacks occurred in the final quarter of 2024, continuing an upward trend from previous quarters. Spear phishing remains a dominant threat vec
Detecting Evolving Phishing Campaigns in 2025 Cyber Environments
<html><body><p>Cybersecurity experts are warning of a dramatic shift in phishing attack strategies in 2025. Threat actors are leveraging artificial intelligence to create hyper-targeted campaigns that bypass traditional