Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing 329

Phishing Scams Banking Mobile 329

Krebs on Security

NOVEMBER 9, 2024

The trouble is, these EDRs largely bypass any official review and do not require the requester to supply any court-approved documents. Others simply sell access to hacked government or police email accounts, and leave it up to the buyer to forge any needed documents. “Unlimited Emergency Data Requests. . Reset as you please.

Hacking 279

Hacking Accountability Government Social Engineering 279

Malwarebytes

JANUARY 17, 2025

Once a relationship had been established, the target would receive a phishing link or a document that contained a phishing link. How to stay safe These spear phishing campaigns are highly targeted and youll probably never see an invite to this group. Always hover over links before clicking them.

Phishing 139

Phishing Accountability Mobile Risk 139

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 103

Phishing Identity Theft Cryptocurrency Cybercrime 103

Tech Republic Security

APRIL 29, 2020

Application Guard for Office and Safe Documents will make phishing attacks harder and the Office experience better for users, starting with Office 365 Pro Plus and E5 licences.

Phishing 216

Phishing Malware 216

Krebs on Security

NOVEMBER 2, 2018

Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. That phishing site prompted visitors to enter their account credentials — including usernames, passwords, one-time passcodes and PIN numbers — to unlock their accounts.

Phishing 267

Phishing Banking Scams Accountability 267

The Hacker News

MARCH 19, 2024

Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends.

Phishing 133

Phishing 133

Krebs on Security

AUGUST 4, 2023

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. The file included in this phishing scam uses what’s known as a “right-to-left override” or RLO character.

Phishing 238

Phishing Scams Computers and Electronics Software 238

Malwarebytes

MARCH 4, 2025

PayPal scammers are using an old Docusign trick to enhance the trustworthiness of their phishing emails. Also, it seems weird that Docusign has been used to send a document that doesnt require a signature. If you get an error message, that means the document was removed or never even existed. It doesnt even exist. What can I do?

Scams 136

Scams Accountability Phishing Banking 136

Joseph Steinberg

DECEMBER 1, 2020

As such, scammers sending bogus Verification messages request that recipients do the same, and exploit the fact that so many people both expect to be asked for copies of such documents as part of the Verification process, and are willing to share such documents in order to become Verified.

Media 246

Media Accountability Phishing Scams 246

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. 16Shop documentation instructing operators on how to deploy the kit. Image: Akamai.com. Image: Akamai. Image: ZeroFox.

Phishing 229

Phishing Passwords Internet Internet 229

Security Boulevard

FEBRUARY 2, 2025

Attackers are capitalizing on public interest in these historical documents to launch potential malware campaigns, phishing schemes, and exploit attempts. The post Hackers Hijack JFK File Release: Malware & Phishing Surge appeared first on Security Boulevard.

Phishing 72

Phishing Malware Cyber threats 72

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. 31 that uses Linkedin.com links to redirect anyone who clicks to a site that spoofs Adobe , and then prompts users to log in to their Microsoft email account to view a shared document. Here’s one example from Jan.

Phishing 358

Phishing Marketing Scams Accountability 358

The Hacker News

FEBRUARY 28, 2025

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the Lumma stealer malware.

Phishing 130

Phishing Malware Cybersecurity 130

SecureList

MARCH 10, 2025

Infection flow The attacker sends spear-phishing emails with a DOCX file attached. The document uses the remote template injection technique to download an RTF file stored on a remote server controlled by the attacker. The documents used various themes to deceive victims into believing they are legitimate. pro document-viewer[.]info

Energy and Utilities 108

Energy and Utilities Malware Government Phishing 108

Schneier on Security

FEBRUARY 28, 2020

It's challenging to tell the difference between legitimate documents in all their infinite variations and those that have specifically been manipulated to conceal something dangerous. Google says that 63 percent of the malicious documents it blocks each day are different than the ones its systems flagged the day before.

Phishing 360

Phishing Malware 360

Krebs on Security

AUGUST 14, 2020

The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption 133

Encryption Malware Phishing Hacking 133

Schneier on Security

FEBRUARY 11, 2022

It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event. Over 30,000 machines were running Windows 7 (out of support since January 2020).

Antivirus 354

Antivirus Hacking Ransomware CISO 354

The Hacker News

SEPTEMBER 12, 2023

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A

Phishing 142

Phishing 142

The Hacker News

MARCH 17, 2024

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.

Phishing 142

Phishing Government 142

Security Affairs

JULY 30, 2024

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. ” reads the report published by Trellix.

Phishing 143

Phishing DNS Social Engineering Engineering 143

SecureWorld News

OCTOBER 31, 2024

From zombie botnets to phishing phantoms, these threats might sound like campfire tales, but they're some of the most sinister forces in cybersecurity today. Phishing phantoms: masters of disguise Phishing scams have become more sophisticated. Like a phantom in disguise, a phishing attack can appear harmless—until it's too late.

IoT 118

IoT Phishing DDOS Backups 118

Penetration Testing

AUGUST 29, 2024

Fortinet’s FortiGuard Labs has unearthed a new variant of the notorious Snake Keylogger, delivered through a malicious Excel document in a phishing campaign. This keylogger, also known as “404 Keylogger”... The post New Snake Keylogger Variant Slithers Into Phishing Campaigns appeared first on Cybersecurity News.

Phishing 113

Phishing Cybersecurity Malware 113

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

SecureList

MARCH 27, 2023

technologies — the distributed file system IPFS — for email phishing attacks. URL formats can be quite different, for example: [link] [link] Phishing and IPFS In 2022, scammers began actively using IPFS for email phishing attacks. The use of a distributed file system allows attackers to cut back on phishing page hosting costs.

Phishing 137

Phishing Technology Internet Internet 137

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The operation was first documented on OSINT Fans by Gabor Szathmari in October 2020.

Phishing 142

Phishing Cybercrime Advertising Hacking 142

Schneier on Security

JANUARY 28, 2021

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware.

Malware 257

Malware Phishing Ransomware Cybercrime 257

Security Affairs

JULY 30, 2024

The domains and documents employed in the campaign as part of the first stage of the attack suggest threat actors are targeting of Pakistan, Egypt and Sri Lanka. In recent campaign, the threat actors used meticulously crafted documents that appear to be legitimate and familiar to the target.

Phishing 120

Phishing Malware Hacking Information Security 120

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. ” concludes the report.

Phishing 132

Phishing Cyber Attacks Malware Internet 132

Krebs on Security

AUGUST 30, 2019

But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals. Stamford, Ct. .

Phishing 239

Phishing Marketing Accountability DNS 239

Schneier on Security

FEBRUARY 7, 2023

In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.

Malware 285

Malware Phishing Cybercrime 285

Krebs on Security

MAY 24, 2019

NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. He said anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link.

Insurance 279

Insurance Banking Identity Theft Scams 279

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Subject lines included “your document” and “photo of you???”. Phishing Reporting : Report phishing emails and other malicious cyber activities to relevant authorities like the FBI’s IC3 and the NJCCIC.

Phishing 131

Phishing Ransomware Security Awareness Authentication 131

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. OpenSSH is also used for external access.

Phishing 130

Phishing Cybercrime Manufacturing Hacking 130

Krebs on Security

MARCH 7, 2023

The move comes just days after the Dutch registrar was sued by Meta , which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains. ” Image: Interisle Consulting Group, Phishing Landscape 2021, Sept. for Tokelau. Please accept our apologies for the inconvenience.

Phishing 304

Phishing Media Internet Internet 304

Security Affairs

OCTOBER 25, 2024

The company published a document containing recommendations against password spray attacks aimed at Remote Access VPN (RAVPN) services. The attackers exploited the flaw as part of a phishing campaign aimed at stealing the credentials of Roundcube users. in the open-source Roundcube webmail software.

VPN 112

VPN Firewall Technology Passwords 112