Security News

Kaseya has warned customers that an ongoing phishing campaign attempts to breach their networks by spamming emails bundling malicious attachments and embedded links posing as legitimate VSA security updates. "Spammers are using the news about the Kaseya Incident to send out fake email notifications that appear to be Kaseya updates. These are phishing emails that may contain malicious links and/or attachments," the company said in an alert issued on Thursday evening.

A Moroccan man suspected of being "Dr HeX" - the prolific threat actor behind a nine-year cyber-blitz on thousands of victims through phishing, website defacing, malware development, fraud and carding - has been arrested. Interpol announced the bust - which took place in Morocco in May - on Tuesday, describing it as the result of a joint two-year probe dubbed Operation Lyrebird that saw Interpol working closely with the Moroccan police and security firm Group-IB. The unnamed suspect allegedly helped to develop carding and phishing kits to sell on criminal online forums.

Palo Alto Networks' global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year - along with an estimation of the multimillion-dollar payouts it's receiving. REvil threat actors often encrypted the environment within seven days of the initial compromise.

DeltaNet International announced the availability of its Phishing Simulator, to help organizations strengthen their cybersecurity awareness training against phishing attacks. The phishing simulation tool can be used simply to test the susceptibility of an organization from falling victim to a phishing attack, but when combined with follow-up training to close knowledge and risk gaps, users can experience true added value.

US securities industry regulator FINRA is warning brokerage firms of an ongoing phishing attack pretending to be from 'FINRA Support. FINRA is a government-authorized non-profit organization that regulates all exchange markets and securities firms publicly active in the United States.

As secure email gateways and security software become more advanced and adapt to ever-changing phishing campaigns, threat actors resort to more unusual file formats to bypass detection. In the past, phishing scams switched to unusual attachments such as ISO files or TAR files which are not commonly found as email attachments.

The police has arrested an individual last week for sending fraudulent text messages to thousands of people to obtain banking details and defraud them. The arrest took place on June 17 at a hotel in Manchester, UK, where the 21-years old fraudster had taken a room and used it as the headquarters of the phishing operation.

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims' credentials. The attack begins with an email that includes a message that could be relevant to business users who commonly use Google Docs within their corporate environment.

Google Workspace has been updated with client-side encryption and new Google Drive phishing and malware content protection. Enabling Client-side encryption for a document will only allow you and your partner who holds the key to access the contents of the encrypted Google Workspace files.

The APWG's new Phishing Activity Trends Report reveals that phishing maintained near-record levels in the first quarter of 2021, after landmark increases of 2020 in which reported phishing websites doubled. The number of reported phishing websites peaked in January 2021 with an all-time high of 245,771 before declining later in the quarter.