phishing
-
Blog
How hackers are using legitimate tools to distribute phishing links
As both security tools and employees have become more astute at detecting traditional phishing attacks, threat actors have turned to manipulating trusted platforms to distribute phishing links hidden in seemingly legitimate URLs. In one example of this approach, a report from Barracuda Networks published on 12 September detailed a rise in phishing attacks leveraging trusted content creation and collaboration platforms.…
Read More » -
Blog
How not to conduct cyber awareness training: UCSC slammed for ‘tone deaf’ Ebola phishing tests
The University of California Santa Cruz (UCSC) has come under fire after it conducted phishing training using a fake Ebola virus track and trace alert. Security experts have criticized the test after it caused panic on campus, forcing senior leaders at the university to come out and publicly acknowledge its error of judgment. On 18 August 2024, UCSC’s IT department…
Read More » -
Blog
Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns
A new report from cybersecurity company Netskope reveals details about attack campaigns abusing Microsoft Sway and CloudFlare Turnstile and leveraging QR codes to trick users into providing their Microsoft Office credentials to the phishing platform. These campaigns have targeted victims in Asia and North America across multiple segments led by technology, manufacturing, and finance. What is quishing? QR codes are…
Read More » -
Blog
Hackers are flocking to a new SMS spam tool – ‘Xeon Sender’ exploits cloud APIs and exposed credentials to supercharge phishing campaigns
Security researchers have issued a warning over a phishing tool that threat actors can use via SaaS providers to send spam messages en-masse. The tool, dubbed ‘Xeon Sender’ by SentinelLabs, is a cloud-based attack tool that can send spam messages via nine different SaaS providers. The tool is also known by alternative names, including ‘XeonV5’ and ‘SVG Sender’. It’s built…
Read More » -
Blog
Thousands targeted with phishing emails after cyber attack on Greater Manchester councils
A major cyber attack that’s hit councils across Greater Manchester has highlighted the risks local authorities face. The attack on Locata affected the housing websites for Manchester, Salford, and Bolton councils, which are run by the software firm. It’s led to thousands of users being sent a phishing email asking them to ‘activate your tenancy options’ and hand over their…
Read More »