Fake US govt job offers push Cobalt Strike in phishing attacks
A new phishing campaign targets US and New Zealand job seekers with malicious documents installing Cobalt Strike beacons for remote access to victims' devices. [...]
The Victims tag covers people and organizations harmed by cyberattacks, including breaches, scams, malware, identity theft, and data exposure.
Search across headline titles and summaries.
Background for this topic.
Victims are people, organizations, or public bodies that suffer harm from cyber-enabled activity, such as account compromise, fraud, unauthorized data access, malware, or service disruption. The term may describe both the directly compromised party and individuals whose information, devices, or accounts are affected through an incident involving another organization.
For security practitioners, victim impact guides triage and response: identify affected systems and data, contain access, preserve evidence, and restore trustworthy operations. Exposed personal or confidential information can create privacy and notification obligations, while compromised credentials or devices may enable further attacks against the victim or its contacts. Recording victim details in threat intelligence—such as the targeted sector, initial access method, and affected assets—can help identify campaigns and improve controls. Clear communication and support also matter, because victims need accurate guidance on credential resets, account monitoring, fraud reporting, and available remediation.
A new phishing campaign targets US and New Zealand job seekers with malicious documents installing Cobalt Strike beacons for remote access to victims' devices. [...]
The Australian Federal Police (AFP) announced today the launch of Operation Guardian which will ensure that more than 10,000 customers who had their personal info leaked in the Optus data breach will get priority protection against fraud attempts. [...]
The SolarMarker group is exploiting a vulnerable WordPress-run website to encourage victims to download fake Chrome browser updates, part of a new tactic in its watering-hole attacks.
Report reveals surging cloud bills for crypto-jacking victims
Cloud-native threats are costing cloud customer victims money as cryptojackers mine their vulnerable cloud instances.
Security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency threat actors mine on hijacked devices. [...]
The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. [...]
From small town in North Dakota with a crime problem to file-scrambling nasty Organizations are being warned about a wave of attacks targeting Microsoft SQL Server with ransomware known as Fargo, which encrypts files and threatens victims that their data may be published online if they do not pay up.…
The victims of the plot were users of Mastercard, Visa, and American Express, among others