Big Brand Jobs Scam Targets Marketing Pros' Google Accounts
The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.
A malware-free phishing campaign targets corporate inboxes and asks employees to view "request orders," ultimately leading to Dropbox credential theft.
The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks.
Attackers compromise hospitality providers with an infostealer and RAT malware and then use stolen data to launch a phishing attacks against customers via both email and WhatsApp.
Attackers not only steal credentials but also can maintain long-term, persistent access to corporate networks through the global campaign.
The networking giant said this week that an employee suffered a voice phishing attack that resulted in the compromise of select user data, including email addresses and phone numbers.
While passkeys offer enhanced security against phishing and credential theft, implementation hurdles, cross-platform inconsistencies, and user experience challenges pose significant barriers to widespread adoption.
Attackers are using credentials stolen via phishing websites that purport to be legitimate securities company homepages, duping victims and selling their stocks before they realize they've been hacked.
Kremlin intelligence carried out a wide-scale phishing campaign in contrast to its usual, more targeted operations.
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer.
An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.
Various anti-detection features, including the use of the ScrubCrypt antivirus-evasion tool, fuel an attack that aims to take over Microsoft Windows machines.
Just over half of the stolen funds have been recovered.
Cyberattackers could exploit CVE-2023-20238 to carry out a variety of nefarious deeds, from data theft and code execution to phishing, fraud, and DoS.
Attackers sent more than 1,000 emails with 2FA, MFA, and other security-related lures aimed at stealing Microsoft credentials.
The Nobelium APT is launching highly targeted Teams-based phishing attacks on government and industrial targets using compromised Microsoft 365 tenants, with the aim of data theft and cyber espionage.
The group's mastermind was nabbed in Côte d'Ivoire for stealing up to $30 million using malware, phishing campaigns, and BEC scams, as part of international law enforcement's Operation Nervone.