Security News

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack
2024-02-28 14:32

Pepco Group has confirmed that its Hungarian business has been hit by a "Sophisticated fraudulent phishing attack." The European company, which operates shops under the Pepco, Poundland and Dealz brands, said that the company lost approximately €15.5 million in cash as a consequence of the attack.

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users
2024-02-28 07:43

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos,...

Secure email gateways struggle to keep pace with sophisticated phishing campaigns
2024-02-23 05:00

In 2023, malicious email threats bypassing secure email gateways increased by more than 100%, according to Cofense. "As we unveil the statistics from the 2024 Annual State of Email Security Report, it's evident that the email-based attack vector is evolving at an unprecedented pace going into 2024," said David Van Allen, CEO of Cofense.

Bitwarden’s new auto-fill option adds phishing resistance
2024-02-22 19:12

The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields. A few days later, the Bitwarden team announced they would add another layer of safety, allowing iframe auto-fills only on trusted sites and subdomains from the origin domain.

Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days
2024-02-18 09:00

The future of cybersecurity: Anticipating changes with data analytics and automationIn this Help Net Security interview, Mick Baccio, Staff Security Strategist at Splunk SURGe, discusses the future of cybersecurity, emphasizing the importance of data analytics and automation in addressing evolving threats. Rise in cyberwarfare tactics fueled by geopolitical tensionsIn this Help Net Security interview, Matt Shelton, Head of Threat Research and Analysis at Google Cloud, discusses the latest Threat Horizons Report, which provides intelligence-derived trends, expertise, and recommendations on threat actors to help inform cloud customer security strategies in 2024.

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond
2024-02-13 14:20

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers since spinning it up in November. In addition to the hundreds of ATOs, "Dozens" of Azure environments were also compromised, Proofpoint said.

Spear Phishing vs Phishing: What Are The Main Differences?
2024-02-06 19:36

Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. While phishing is generalized in that one phishing email may be sent to millions of people, spear phishing is highly targeted.

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware
2024-01-31 12:21

Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to...

Microsoft Teams phishing pushes DarkGate malware via group chats
2024-01-30 17:47

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems. The attackers used what looks like a compromised Teams user to send over 1,000 malicious Teams group chat invites, according to AT&T Cybersecurity research.

Watch out for "I can't believe he is gone" Facebook phishing posts
2024-01-21 16:19

A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting users to a website that steals your Facebook credentials. The phishing campaign started around a year ago, with Facebook having trouble blocking the posts as they continue to this day.