ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Threat Actors Bypass MFA Using AiTM Attack via Reverse Proxies
<html><body><p>Multi-factor authentication (MFA) has long been touted as a robust security measure against phishing attacks, but sophisticated threat actors have developed new techniques to circumvent these protections.
New Subscription-Based Scams Attacking Users to Steal Credit Card Data
<html><body><p>A sophisticated wave of subscription-based scams is sweeping across the internet, specifically designed to steal credit card information from unsuspecting users. These fraudulent operations have evolved be
Microsoft sets all new accounts passwordless by default
<html><body><p>Microsoft announced that all new accounts will be “passwordless by default” to increase their level of security. Microsoft now makes all new accounts “passwordless by default,” enhancing protection against
Nebulous Mantis Hackers Actively Deploying RomCom RAT to Attack Organizations Worldwide
<html><body><p>Cybersecurity experts have uncovered a sophisticated espionage campaign orchestrated by the threat actor group known as Nebulous Mantis, utilizing an advanced remote access trojan called RomCom to target o
Microsoft makes all new accounts passwordless by default
<html><body><p>Microsoft has announced that all new Microsoft accounts will be "passwordless by default" to secure them against password attacks such as phishing, brute force, and credential stuffing. [...]</p></body></h
Trellix Unveils New Phishing Simulator to Proactively Identify & Mitigate Phishing Attacks
<html><body><p>In a significant advancement for cybersecurity training, Trellix has introduced its new Phishing Simulator, designed to strengthen organizational defenses against one of the most persistent threat vectors
AiTM Phishing Kits Bypassing MFA By Intercepting Credentials & Tokens
<html><body><p>Adversary-in-the-Middle (AiTM) phishing kits are emerging as sophisticated threats specifically designed to circumvent multi-factor authentication (MFA), once considered an impenetrable defense against acc
FBI shared a list of phishing domains associated with the LabHost PhaaS platform
<html><body><p>The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises. The FBI shared a list of 42,000 domains registered from Nove
Researchers Find Way to Bypass Phishing-Resistant MFA in Microsoft Entra ID
<html><body><p>Cybersecurity researchers have uncovered a sophisticated technique to bypass Microsoft’s phishing-resistant multi-factor authentication (MFA) by exploiting the device code authentication flow and Primary R
Proactive Phishing Defense – CISO’s Essential Guide
<html><body><p>Phishing remains one of the most pervasive and damaging cyber threats, accounting for over 36% of data breaches globally. For Chief Information Security Officers (CISOs), the challenge lies in reacting to
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
<html><body><p>Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that tar
Russia-linked group Nebulous Mantis targets NATO-related defense organizations
<html><body><p>PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978, Tropical Sc
42,000 Phishing Domains Linked to the LabHost PhaaS Service Disclosed by FBI
<html><body><p>The FBI has released a comprehensive list of 42,000 phishing domains connected to the dismantled LabHost phishing-as-a-service (PhaaS) platform. This disclosure aims to provide cybersecurity professionals
Phishing Kit Attacks: How Businesses Can Stop Them Early
<html><body><p>Phishing kits have changed the game and not in a good way for businesses. Today, attackers don’t need to be tech experts to launch a convincing phishing attack. Ready-made phishing kits hand them everythin
FBI shares massive list of 42,000 LabHost phishing domains
<html><body><p>The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. [...]</p></body></ht
AI-Powered Threats – How CISOs Can Stay Ahead of the Curve
<html><body><p>Artificial Intelligence (AI) is rapidly transforming the cybersecurity landscape, introducing both unprecedented opportunities and formidable challenges. For Chief Information Security Officers (CISOs), th
Hackers Exploit MS Equation Editor Vulnerability to Deploy XLoader Malware
<html><body><p>A sophisticated phishing campaign exploiting a nearly 8-year-old Microsoft Office vulnerability to distribute the dangerous XLoader information stealer. The attack leverages CVE-2017-11882, a memory corru
Hackers Leveraging GetShared to Deploy Malware Bypassing Defenses
<html><body><p>Cybercriminals have discovered a new attack vector utilizing the legitimate file-sharing service GetShared to distribute malware and conduct phishing campaigns. This emerging threat allows attackers to cir
Weltpassworttag 2025: Warum das klassische Passwort bald der Vergangenheit angehören könnte
<html><body><p>Die Zukunft gehört passwortlosen, phishing-resistenten Lösungen wie Passkeys. Wer dennoch (noch) bei Passwörtern bleibt, sollte zumindest auf starke, einzigartige Kombinationen setzen – und die Verwaltung
JokerOTP Platform With 28,000+ Phishing Attacks Dismantled
<html><body><p>In a major cybersecurity breakthrough, law enforcement agencies from the UK and Netherlands have dismantled the notorious JokerOTP platform, a sophisticated phishing tool responsible for compromising finan