Accountability, Phishing, Social Engineering and Telecommunications

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries.

Phishing

Phishing VPN Social Engineering Media

Octo Tempest cybercriminal group is "a growing concern"—Microsoft

Malwarebytes

OCTOBER 27, 2023

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. This can be done in a number of ways, but the most common ones involve social engineering attacks on the victim's carrier.

Social Engineering

Social Engineering Engineering Ransomware Backups

Sprint Exposed Customer Support Site to Web

Krebs on Security

JANUARY 29, 2020

A review of the exposed support forum by this author suggests that while none of the posts exposed customer information such as payment card data, a number of them did include customer account information, such customer names, device identifiers and in some cases location information.

Social Engineering

Social Engineering Telecommunications Data privacy Engineering

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs

MAY 21, 2020

The APT group targets telecommunication and travel industries in the Middle East to gather intelligence on Iran’s geopolitical interests. The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. ” continues the report.

Government

Government Social Engineering Telecommunications Hacking

Cybersecurity awareness: Train your employees and reduce cyber threats

IT Security Guru

DECEMBER 1, 2022

Speaking of training and taking into account humans’ perceptions, cybersecurity awareness training is by far the best place to start. Phishing attacks can be minimized by knowing the key indicators of a phishing attempt and how to address them. The importance of cybersecurity awareness training. He is also a writer for Bora.

Cyber threats

Cyber threats Cybersecurity Education Risk

Top 5 Industries Most Vulnerable to Data Breaches in 2023

Security Boulevard

JUNE 26, 2023

Unfortunately, the increasing reliance on digital systems and capabilities has also attracted an ever-growing number of malicious actors seeking to defraud businesses through phishing , social engineering , or ransomware attacks. Health Insurance Portability and Accountability Act (HIPAA).

Data breaches

Data breaches Healthcare Telecommunications Financial Services

Globant suffers network breach due to LAPSUS$ compromise

Malwarebytes

APRIL 1, 2022

When LAPSUS first grabbed the attention of the cybersecurity community, they had already compromised companies like Impresa, the largest media conglomerate in Brazil; Claro, one of Brazil’s telecommunications operators; and Brazil’s Ministry of Health. Notably, their use of Spanish and Portuguese was akin to native speakers.

Hacking

Hacking Social Engineering Telecommunications Ransomware

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. One of the groups that reliably posted “Tmo up!

Mobile

Mobile Phishing Authentication Advertising

Iran-Linked APT TA450 embeds malicious links in PDF attachments

Security Affairs

MARCH 25, 2024

Proofpoint researchers observed the Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , TA450, and Static Kitten ) was behind a new phishing campaign in March 2024 that attempted to drop a legitimate Remote Monitoring and Management (RMM) solution called Atera on the target systems. sender account.

Phishing

Phishing Social Engineering Telecommunications Accountability

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. A single bitcoin is trading at around $45,000. It emerges that email marketing giant Mailchimp got hacked.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Spam and phishing in 2023

SecureList

MARCH 7, 2024

To get access to the content (or contest), phishing sites prompted the victim to sign in to one of their gaming accounts. If the victim entered their credentials on the phishing form, the account was hijacked. The information could later be used to steal both funds from victims’ accounts and their identities.

Phishing

Phishing Scams Cryptocurrency Accountability

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. Phishing grows by 118%. billion, while textual data – to $361.7

Banking

Banking Ransomware Phishing Marketing

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. It determined that the injection point was situated within the connection between two Egyptian telecommunication providers. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

Voice Phishers Targeting Corporate VPNs

Octo Tempest cybercriminal group is "a growing concern"—Microsoft

Trending Sources

Sprint Exposed Customer Support Site to Web

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Cybersecurity awareness: Train your employees and reduce cyber threats

Top 5 Industries Most Vulnerable to Data Breaches in 2023

Globant suffers network breach due to LAPSUS$ compromise

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Iran-Linked APT TA450 embeds malicious links in PDF attachments

Cyber Security Awareness and Risk Management

Happy 13th Birthday, KrebsOnSecurity!

Spam and phishing in 2023

Group-IB Hi-Tech Crime Trends 2020/2021 report

Advanced threat predictions for 2024

Stay Connected