Security News

Three large-scale campaigns targeted Docker Hub users, planting millions of repositories that pushed malware and phishing sites since early 2021. As JFrog security researchers found, around 20% of the 15 million repositories hosted by Docker Hub contained malicious content, ranging from spam to dangerous malware and phishing sites.

Security researchers analyzing phishing campaigns that target United States Postal Service saw that the traffic to the fake domains is typically similar to what the legitimate site records and it is even higher during holidays. "The amount of traffic to the illegitimate domains was almost equal to the amount of traffic to legitimate domains on a normal day - and greatly exceeded legitimate traffic during the holidays." - Akamai.

The Los Angeles County Department of Health Services disclosed a data breach after thousands of patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. This integrated health system operates the public hospitals and clinics in L.A. County and is the second largest public health care system in the country after NYC Health + Hospitals.

The Los Angeles County Department of Health Services disclosed a data breach after patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. This integrated health system operates the public hospitals and clinics in L.A. County and is the second largest public health care system in the country after NYC Health + Hospitals.

Social engineering has also increased, now representing 19% of phishing attacks and phishing emails are over three times longer than they were in 2021, likely due to the increase in use of generative AI. On the other hand, the use of attachment-based payloads has decreased since 2021; three years ago, these accounted for 72.7% of attacks detected by Egress, and by the first quarter of 2024, this had fallen to 35.7% as threat actors evolve their payloads to evade cybersecurity efforts. Generative AI is also expected to increase attack success rate, including creating payloads such as malware, phishing websites and invoices for wire fraud attacks as cybercriminals look to streamline their processes and deliver more efficient campaigns at even swifter pace.

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from...

Will LabHost stay offline following this latest action, or will it bounce back like LockBit seemingly did after the National Crime Agency - the UK's FBI - and its partners dramatically attempted to dismantle the crew earlier this year? Richter told us LabHost, at its peak, offered phishing kits for about 170 organizations, 47 of which had a UK focus.

The LabHost phishing-as-a-service platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer. The phishing platform launched in 2021 and enabled cybercriminals paying a monthly subscription fee to launch effective attacks using a variety of phishing kits for banks and services in North America.

Law enforcement from 19 countries severely disrupted one of the world's largest phishing-as-a-service platform, known as LabHost. International investigation disrupts phishing-as-a-service platform LabHost.

The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. BlackBerry attributed the attacks to FIN7 with a high level of confidence based on the use of unique PowerShell scripts using the adversary's signature 'PowerTrash' obfuscated shellcode invoker, first seen in a 2022 campaign.