phishing
-
Blog
Windows NTLM hash leak flaw exploited in phishing attacks on governments
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw tracked as CVE-2025-24054 was fixed in Microsoft’s March 2025 Patch Tuesday. Initially, it was not marked as actively exploited and was assessed as ‘less likely’ to be. However, Check Point researchers report having…
Read More » -
Blog
Don’t Fall for This New Gmail Phishing Scheme
If you receive an email from Google that appears to be a legitimate security alert, do not proceed. Scammers are taking advantage of vulnerabilities in Google’s authentication protocols to send phishing messages that appear convincing enough to steal unsuspecting users’ account credentials. Here’s how to protect yourself. How this new Google phishing scam works As Android Authority reports, a developer…
Read More » -
Blog
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing
Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. Midnight Blizzard, aka ‘Cozy Bear’ or ‘APT29,’ is a state-sponsored cyberespionage group linked to Russia’s Foreign Intelligence Service (SVR). According to Check Point Research, the new campaign introduces a previously unseen malware loader called ‘GrapeLoader,’ and a new variant of the ‘WineLoader’…
Read More » -
Blog
Tycoon2FA phishing kit targets Microsoft 365 with new tricks
Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. Tycoon2FA was discovered in October 2023 by Sekoia researchers, who later reported significant updates on the phishing kit that increased its sophistication and effectiveness. Trustwave now reports that the Tycoon 2FA threat actors have added several…
Read More » -
Blog
‘Phishing kits are a force multiplier’: Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers
While inflation is rising around the world, some things are getting cheaper – and one is the cost of launching a phishing attack. Phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25. This means that even criminals with minimal tech skills can easily steal personal…
Read More » -
Blog
E-ZPass toll payment texts return in massive phishing wave
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority that attempts to steal their personal information including…
Read More » -
Blog
PoisonSeed phishing campaign behind emails with wallet seed phrases
A large-scale phishing campaign dubbed ‘PoisonSeed’ compromises corporate email marketing accounts to distribute emails containing crypto seed phrases used to drain cryptocurrency wallets. According to SilentPush, the campaign targets Coinbase and Ledger using compromised accounts at Mailchimp, SendGrid, HubSpot, Mailgun, and Zoho. The researchers link the campaign to recent incidents, such as the case of Troy Hunt’s Mailchimp account compromise from late…
Read More » -
Blog
Phishing platform ‘Lucid’ behind wave of iOS, Android SMS attacks
A phishing-as-a-service (PhaaS) platform named ‘Lucid’ has been targeting 169 entities in 88 countries using well-crafted messages sent on iMessage (iOS) and RCS (Android). Lucid, which has been operated by Chinese cybercriminals known as the ‘XinXin group’ since mid-2023, is sold to other threat actors via a subscription-based model that gives them access to over 1,000 phishing domains, tailored auto-generated…
Read More » -
Blog
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
Troy Hunt, the security blogger behind data breach site Have I Been Pwned, has fallen victim to a phishing attack targeting his email subscriber list. In a blog post disclosing the incident, Hunt described how the attack took place, with screen shots of the phishing email, which purported to come from his email marketing provider, Mailchimp. The trap used a…
Read More » -
Blog
Mac Users Should Be on the Alert for This New Phishing Scheme
Mac users take note: A well-known (and relatively sophisticated) phishing scheme previously targeting Windows is now being redirected at macOS and Safari in an attempt to obtain login credentials (your Apple ID). On Windows, this scam worked by displaying fake security alerts on compromised websites claiming that the user’s device had been “compromised” or locked” at the same time that…
Read More »