target
-
Blog
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and has successfully hijacked multiple accounts, say researchers at cybersecurity company Proofpoint, who attribute the activity to a threat actor called UNK_SneakyStrike. According to the researchers, the peak of the campaign happened on January…
Read More » -
Blog
FIN6 attackers target recruiters with fraudulent resumes
The FIN6 hacking group, also known as Skeleton Spider, has been spotted impersonating job seekers to target recruiters with malware. Contacting recruiters and HR departments on sites such as LinkedIn or Indeed, the group is submitting convincing-looking job resumes containing phishing links. These links lead to the applicant’s ‘personal website’, said to contain their resume. The links are given in…
Read More » -
Blog
Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization’s Salesforce platforms. According to Google’s Threat Intelligence Group (GTIG), which tracks the threat cluster as ‘UNC6040,’ the attacks target English-speaking employees with voice phishing attacks to trick them into connecting a modified modified version of Salesforce’s Data…
Read More » -
Blog
Hackers are using fake tool installers to dupe victims – and AI tools like ChatGPT are a key target
Cyber criminals are spreading malware disguised as popular tool installers to target B2B sales and the technology and marketing sectors, according to new threat research. Cisco Talos said it has found the CyberLock and Lucky_Gh0$t ransomware, along with a newly-discovered malware dubbed ‘Numero’, masquerading as popular and legitimate AI tool installers to dupe victims. Chetan Raghuprasad, a cybersecurity researcher at…
Read More » -
Blog
Hackers are abusing Microsoft email notifications to target enterprises
Windows users are being warned to look out for a scam delivered via emails from a genuine Microsoft address. According to Kaspersky, threat actors have been able to insert their own text into genuine thank-you messages sent by Microsoft 365 to its new business subscribers, from the legitimate microsoft-noreply@microsoft.com address. “One would be hard-pressed to imagine an email address with…
Read More » -
Blog
Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware
The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff. BleepingComputer was able to find two cases leveraging the notoriety of Zenmap, the GUI for the Nmap network scanning tool, and the WinMTR tracerout utility. Both of these tools are commonly used by IT staff…
Read More » -
Blog
These Scammers Target People Recovering From Natural Disasters
It’s always storm season somewhere, and recent disasters in the South and Midwest have left significant damage in their wake. Unfortunately, scammers strike when people are vulnerable. Some seemingly helpful individuals and organizations may be what the Better Business Bureau calls “storm chasers”—fraudsters who target homeowners impacted by severe weather or a natural disaster that causes damage and necessitates major…
Read More » -
Blog
This hacker group is posing as IT helpdesk workers to target enterprises – and researchers warn its social engineering techniques are exceptionally hard to spot
Hackers are ramping up phishing campaigns involving fake helpdesk domains to target the legal, financial services, and accounting sectors in the US. According to researchers at EclecticIQ, with the help of threat researchers Silent Push, the Luna Moth group – also known as Silent Ransom Group, UNC3753, and Storm-0252 – has carried out a flurry of ‘callback phishing’ attacks since…
Read More » -
Blog
Why cybercriminals target Apple devices – Computerworld
About Smart Answers Smart Answers is an AI-based chatbot tool designed to help you discover content, answer questions, and go deep on the topics that matter to you. Each week we send you the three most popular questions asked by our readers, and the answers Smart Answers provides. Developed in partnership with Miso.ai, Smart Answers draws only on editorial content…
Read More » -
Blog
Criminals target APIs as web attacks skyrocket globally
The number of web attacks around the world is surging, with APIs emerging as the primary target. In total, there were 311 billion web attacks in 2024, up 33% on the year before. Europe, the Middle East and Africa accounted for 62 billion of these attacks – up 16% year-on-year. More than 230 billion web attacks targeted commerce organizations, making…
Read More »