Security News
Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over...
The frequency of phishing attacks is rising as attackers increasingly utilize AI to execute more scams than ever before. In this Help Net Security video, Abhilash Garimella, Head Of Research at...
Resources hosted at Tencent Cloud involved in Cobalt Strike campaign Chinese web champ Tencent's cloud is being used by unknown attackers as part of a phishing campaign that aims to achieve...
Threat actors are abusing Microsoft Sway to host QR Code phishing campaigns.
Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest...
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse...
A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their...
Needless to say, it backfired in a big way University of California Santa Cruz (UCSC) students may be relieved to hear that an emailed warning about a staff member infected with the Ebola virus...
The Computer Emergency Response Team of Ukraine has warned of new phishing attacks that aim to infect devices with malware. The ZIP file contains a Microsoft Compiled HTML Help file that embeds JavaScript code responsible for launching an obfuscated PowerShell script.
ESET researchers discovered an uncommon type of phishing campaign targeting Android and iPhone users. The phishing websites targeting iOS instruct victims to add a Progressive Web Application to their home screens, while on Android, the PWA is installed after confirming custom pop-ups in the browser.