Authentication, Phishing and Software - Cyber Security Informer

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. An image from one Chinese phishing group’s Telegram channel shows various toll road phish kits available.

Phishing

Phishing Mobile Scams Retail

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The “fud” bit stands for “Fully Un-Detectable,” and it refers to cybercrime resources that will evade detection by security tools like antivirus software or anti-spam appliances. ” Manipulaters advertisement for Office 365 Private Page with Antibot phishing kit sold via Heartsender. Image: DomainTools.

Phishing

Phishing Cybercrime Advertising Malware

AI-Powered Phishing: Defending Against New Browser-Based Attacks

SecureWorld News

JANUARY 22, 2025

The cybersecurity landscape has witnessed a dramatic shift with the rise of AI-powered phishing attacks. The evolution of AI-enhanced phishing Today's phishing attempts are far more sophisticated than ever before. AI-powered phishing campaigns can now adapt in real-time, learning from user interactions to refine their approach.

Phishing

Phishing Threat Detection Social Engineering DNS

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

and Dutch law enforcement agencies have dismantled 39 domains and their associated servers in an effort to disrupt a Pakistan-based network of online marketplaces selling phishing and fraud-enabling tools. Organizations should enforce least privilege access and enable multi-factor authentication (MFA) on all accounts that have it available.

Phishing

Phishing Cybercrime Scams Authentication

Phishing evolves beyond email to become latest Android app threat

Malwarebytes

FEBRUARY 11, 2025

There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. These Android phishing apps may sound high-tech, but they are not.

Phishing

Phishing Passwords Mobile Authentication

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. ” U-Admin, a.k.a.

Phishing

Phishing Scams Banking Mobile

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

eSecurity Planet

FEBRUARY 10, 2025

In a stark warning to organizations and everyday users alike, cybersecurity experts and government agencies have sounded the alarm over a new breed of Gmail-targeted phishing attacks. AI-Enhanced Cyberthreats Recent intelligence indicates that the sophistication of Gmail phishing campaigns has reached new heights.

Phishing

Phishing Artificial Intelligence Password Management Accountability

How AI was used in an advanced phishing campaign targeting Gmail users

Malwarebytes

FEBRUARY 13, 2025

Phishers are using AI-based phishing attacks which have proven to raise the effectiveness of phishing campaigns. Around the same time, users receive legitimate looking emails from what appears to be an authentic Google domain to add credibility to what the caller is claiming to have happened.

Phishing

Phishing Artificial Intelligence Identity Theft Accountability

Vulnerability Recap 10/28/24 – Phishing, DoS, RCE & a Zero-Day

eSecurity Planet

OCTOBER 28, 2024

We’ll also look at increased phishing attacks, a couple of different Cisco flaws, and a Fortinet vulnerability that took some time to get its own CVE. The problem: VMware released patches for its vCenter Server software, which manages vSphere virtual computing environments. Broadcom also released patches for the 8.0 base score.

Phishing

Phishing Authentication Software VPN

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Krebs on Security

JUNE 28, 2019

says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors. As it happened, the PCM employee was not using multi-factor authentication.

Authentication

Authentication Accountability Data breaches Software

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service.

Phishing

Phishing Passwords Accountability Authentication

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing

Phishing Cybercrime Malware Advertising

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Malwarebytes

MAY 16, 2024

More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. A type of phishing we’re calling authentication-in-the-middle is showing up in online media. Use security software. That’s a great thing.

Authentication

Authentication Phishing Password Management Scams

Video: How Hackers Steal Your Cookies & How to Stop Them

eSecurity Planet

NOVEMBER 6, 2024

Attackers can steal your cookies through phishing, malware, and MITM attacks, leading to data theft, financial loss, and identity theft. Initial Attack Vector Attackers might send phishing emails or create fake websites. Then, invalidate active sessions, update passwords and security keys, and then refresh the website software.

Identity Theft

Identity Theft Passwords Phishing Accountability

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Figure 12: The actual phishing page that follows Finally, all the data is combined with the username and password and sent to the remote server via a POST request.

Advertising

Advertising Accountability Phishing Scams

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA

Thales Cloud Protection & Licensing

JANUARY 31, 2025

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA andrew.gertz@t Fri, 01/31/2025 - 15:17 Celebrate Change Your Password Day and 2FA Day by embracing passkeys and phishing-resistant 2FA. Learn why these modern security practices are essential for safer, stronger authentication. Passwordless authentication.

Phishing

Phishing Passwords Password Management Authentication

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Malwarebytes

NOVEMBER 5, 2024

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Cybercriminals could use your account to spread spam and phishing emails to your contacts.

Accountability

Accountability Authentication Malware Banking

Deceptive Google Meet Invites Lures Users Into Malware Scams

eSecurity Planet

OCTOBER 22, 2024

One of the most concerning tactics currently on the rise is the ClickFix campaign — a sophisticated phishing scheme targeting unsuspecting Google Meet users. ClickFix campaigns represent a new wave of phishing tactics that emerged in May 2024, aimed at exploiting users of popular software applications.

Scams

Scams Malware Phishing Social Engineering

Tax deadline threat: QuickBooks phishing scam exploits Google Ads

Malwarebytes

APRIL 8, 2025

Brand impersonation: from Google ad to phishing page Accounting and tax preparation software has traditionally been a common lure for scammers, particularly those related to online support operating out of large call centres in India and surrounding areas.

Phishing

Phishing Scams Accountability Passwords

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. A Scattered Spider phishing lure sent to Twilio employees.

Hacking

Hacking Cybercrime Phishing Passwords

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing

Phishing VPN Social Engineering Media

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. In a filing with the U.S.

Hacking

Hacking Social Engineering Phishing Scams

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which finally installs the XMRig cryptominer. ” The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website.”

Phishing

Phishing Scams Malware Authentication

GUEST ESSAY: ‘Nag attacks’ — this new phishing variant takes full advantage of notification fatigue

The Last Watchdog

NOVEMBER 29, 2022

A new development in phishing is the “nag attack.” The nag might be a spoofed multifactor authentication push or system error alert – a notification message that annoying repeats on a seemingly infinite loop. Usually, they’ll claim to be from the IT department or perhaps from a software or service provider. Spear phishing.

Phishing

Phishing Social Engineering Scams Software

Threat actor impersonates Google via fake ad for Authenticator

Malwarebytes

JULY 30, 2024

Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it also erodes trust in brands and by association in Google Search itself. This was the case here with this ad for Authenticator: The truth is Larry Marr has nothing to do with Google, and is likely a fake account.

Authentication

Authentication Computers and Electronics Social Engineering Malware

Recognizing and Reporting Phishing

Duo's Security Blog

OCTOBER 18, 2023

Once delivered, a phish typically wants to invoke emotion and prey on our natural desires to act and help fix a problem, such as “you have to do X, or else X will happen”. Phishing requires you to act with a specific set of instructions Don’t engage and trust nothing. Look beyond the email sender and website URLs used.

Phishing

Phishing Security Awareness Software Media

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Our research reveals 69% of breaches are rooted in inadequate authentication and 78% of organizations have been targeted by identity-based attacks. Supply chain attacks will intensify through poisoned APIs and unchecked software dependencies. AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities.

Risk

Risk Threat Detection Technology Phishing

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

Microsoft Patch Tuesday, November 2023 Edition

Krebs on Security

NOVEMBER 14, 2023

Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three “zero day” vulnerabilities that Microsoft warns are already being exploited in active attacks.

Social Engineering

Social Engineering Internet Internet Phishing

American Water Shuts Down Services After Cybersecurity Breach

eSecurity Planet

OCTOBER 15, 2024

While American Water has not disclosed the exact method of attack, such incidents often involve tactics like ransomware or phishing , where hackers gain access to sensitive systems and either steal or encrypt data, demanding a ransom in return for restoring access.

Cybersecurity

Cybersecurity Penetration Testing Cyber threats Firewall

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Krebs on Security

SEPTEMBER 27, 2023

The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord. The Moscow Internet address 80.66.64[.]15 com and www-discord[.]com. com and www-discord[.]com.

Ransomware

Ransomware Internet Internet Phishing

Android 7.0+ Phones Can Now Double as Google Security Keys

Krebs on Security

APRIL 11, 2019

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. and higher can now be used as Security Keys , an additional authentication layer that helps thwart phishing sites and password theft. a one-time token, key fob or mobile device).

Mobile

Mobile Authentication Passwords Accountability

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Krebs on Security

AUGUST 21, 2020

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “ vishing ” attacks targeting companies. authenticate the phone call before sensitive information can be discussed.

VPN

VPN Social Engineering Authentication Engineering

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware

Malware Banking Phishing DDOS

RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment

The Last Watchdog

MAY 11, 2021

Obviously, one change for the better would be if software developers and security analysts paid much closer attention to the new and updated coding packages being assembled and deployed on the fly, in pursuit of digital agility. For a full drill down, please give the accompanying podcast a listen.

Software

Software Hacking Malware Engineering

Malicious Office 365 Apps Are the Ultimate Insiders

Krebs on Security

MAY 5, 2021

After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Accountability

Accountability Advertising Passwords Phishing

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

SecureWorld News

JANUARY 16, 2025

Strategies for protecting oil and gas infrastructure Regular updates and patching: Outdated software and hardware are the most common entry points for cyberattacks. Regularly updating and patching systems, including antivirus software, firewalls, and SCADA networks, can mitigate this risk.

Energy and Utilities

Energy and Utilities IoT Artificial Intelligence Backups

Bypassing 2FA with phishing and OTP bots

SecureList

JUNE 10, 2024

Introduction Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. An OTP bot is a piece of software programmed to intercept OTPs with the help of social engineering. Phishing is typically how they get the most up-to-date credentials. The message contains a link to a phishing website.

Phishing

Phishing Banking Social Engineering Accountability

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

eSecurity Planet

NOVEMBER 6, 2024

Rhysida went so far as to publish sample files to verify the authenticity of the data, revealing access to a trove of information, including city databases, employee credentials, cloud management files, and even the city’s traffic camera feeds. Another effective solution is to invest in attack surface management (ASM) software.

Ransomware

Ransomware Authentication Identity Theft Penetration Testing

Microsoft Announces Security Update with Windows Resiliency Initiative

eSecurity Planet

DECEMBER 4, 2024

With cyberattacks on operating systems, applications, and networks becoming more sophisticated, the tech giant formulated a strategy to enhance the protection of Windows systems, focusing strongly on phishing attacks. During the Ignite 2024 conference, Microsoft announced the Windows Resiliency Initiative to address these security concerns.

Encryption

Encryption Phishing Passwords Authentication

Phishers are Angling for Your Cloud Providers

Krebs on Security

AUGUST 30, 2019

But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals. Stamford, Ct. .

Phishing

Phishing Marketing Accountability DNS

Passkeys and The Beginning of Stronger Authentication

Thales Cloud Protection & Licensing

FEBRUARY 1, 2024

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. Lillian knew that a shift in authentication couldn't wait. FIDO is an overarching framework for secure and passwordless authentication.

Authentication

Authentication Passwords CISO Password Management

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. ” TMO UP!

Mobile

Mobile Phishing Authentication Advertising

Amazon's Latest Data Breach a Ripple Effect of MOVEit

SecureWorld News

NOVEMBER 13, 2024

MOVEit, a file transfer software developed by Progress Software, was exploited by the Cl0p ransomware group, which used a Zero-Day vulnerability to steal sensitive data from organizations using the software. Shortly after the attacks, the SEC launched an investigation into Progress Software.

Data breaches

Data breaches Identity Theft Education Software

How Phished Data Turns into Apple & Google Wallets

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Trending Sources

AI-Powered Phishing: Defending Against New Browser-Based Attacks

Operation Heart Blocker: International Police Disrupt Phishing Network

Phishing evolves beyond email to become latest Android app threat

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

How AI was used in an advanced phishing campaign targeting Gmail users

Vulnerability Recap 10/28/24 – Phishing, DoS, RCE & a Zero-Day

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Tricky Phish Angles for Persistence, Not Passwords

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Video: How Hackers Steal Your Cookies & How to Stop Them

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Deceptive Google Meet Invites Lures Users Into Malware Scams

Tax deadline threat: QuickBooks phishing scam exploits Google Ads

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Voice Phishers Targeting Corporate VPNs

When Low-Tech Hacks Cause High-Impact Breaches

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

GUEST ESSAY: ‘Nag attacks’ — this new phishing variant takes full advantage of notification fatigue

Threat actor impersonates Google via fake ad for Authenticator

Recognizing and Reporting Phishing

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Microsoft Patch Tuesday, November 2023 Edition

American Water Shuts Down Services After Cybersecurity Breach

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Android 7.0+ Phones Can Now Double as Google Security Keys

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Disneyland Malware Team: It’s a Puny World After All

RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment

Malicious Office 365 Apps Are the Ultimate Insiders

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

Bypassing 2FA with phishing and OTP bots

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

Microsoft Announces Security Update with Windows Resiliency Initiative

Phishers are Angling for Your Cloud Providers

Passkeys and The Beginning of Stronger Authentication

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Amazon's Latest Data Breach a Ripple Effect of MOVEit

Stay Connected