Security News

Inside the incident: Uncovering an advanced phishing attack
2024-12-10 15:01

Recently, Varonis investigated a phishing campaign in which a malicious email enabled a threat actor to access the organization. This blog post will reveal the tactics used to avoid detection and...

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
2024-12-10 14:13

Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers...

Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands
2024-12-10 11:19

Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data...

Ongoing Phishing and Malware Campaigns in December 2024
2024-12-10 10:01

Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats.  Here's a quick rundown of the current malware and...

CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force
2024-12-10 09:12

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense...

GenAI makes phishing attacks more believable and cost-effective
2024-12-06 04:30

GenAI is a powerful tool that can be used by security teams to protect organizations, however, it can also be used by malicious actors, making phishing-related attacks a growing and concerning...

Novel phishing campaign uses corrupted Word documents to evade security
2024-12-01 15:20

A novel phishing attack abuses Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state...

New Rockstar 2FA phishing service targets Microsoft 365 accounts
2024-11-29 19:01

A new phishing-as-a-service (PhaaS) platform named 'Rockstar 2FA' has emerged, facilitating large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials. [...]

Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks
2024-11-29 10:06

Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials....

Microsoft disrupts ONNX phishing-as-a-service infrastructure
2024-11-21 17:00

​Microsoft has seized 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across the United States and worldwide since at least 2017. [...]