#phishing

#phishing

Enterprises today are expected to have at least 6-8 detection tools, as detection is considered a standard investment and the first line of defense. Yet security leaders struggle to justify dedicating resources further down the alert lifecycle to their superiors. As a result, most organizations' security investments are asymmetrical, robust detection tools paired with an under-resourced SOC, their last line of defense.

Neither I nor anyone on my team can access it, or any of our accounts. We received emails of an unknown administrative user being added. This person then linked their own MCC to many of our accounts. That's all we know. We have 2FA enabled on all accounts. No idea how this happened. Is there anyone who has dealt with this and can help?

Cybersecurity company Guardio is taking aim at a fresh market born amid this flux: finding malicious code written using AI tools. The company says it has found that with AI tools, malicious actors now find it easier than ever to build scam and phishing sites as well as the infrastructure needed to run them. Now, Guardio is leveraging its experience building browser extensions and apps that scan for malicious and phishing sites.

Caitlin Emma, a spokesperson for CBO, told TechCrunch on Friday that the agency is investigating the breach and "has identified the security incident, has taken immediate action to contain it, and has implemented additional monitoring and new security controls to further protect the agency's systems going forward." CBO is a nonpartisan agency that provides economic analysis and cost estimates to lawmakers during the federal budget process, including after legislative bills get approved at the committee level in the House and Senate.

KnowBe4 summarizes the effort to do exactly that under the banner of Human Risk Management (HRM), with the main goal of generating workforce trust. What exactly does that mean? We discussed this shift from security awareness to HRM earlier this year. Awareness of cyber risks is not something that one instantly knows how to measure. Human risk, at least with respect to how KnowBe4 envisions it, should now appear on the radar with a defined score.

The University of Pennsylvania is investigating a vulgar email that was sent to members of its campus community. Penn told CBS News Philadelphia that it was not hacked, but the university is working to find the source of the fraudulent email. The email's subject line read "We Got Hacked" and included explicit language while urging recipients to "stop giving money" to the university.

Among their discoveries can be OAuth tokens, which these digital assistants then pass on to malicious parties. Datadog uncovered how agents use Microsoft Copilot Studio to assist in phishing campaigns. Copilot Studio enables a pervasive form of automation. To increase their usability, users can share the workflows of these agents, which are called "topics." The Login topic can be configured in such a way that users are misled.

If a person dies, their immediate family may not know how to get into the deceased's password manager, and may contact the vendor asking for access. Scammers suspected of being part of the CryptoChameleon cyber criminal group are trying to take advantage of that by sending oddly-worded phishing messages to LastPass customers. The goal, presumably, is not only to get LastPass login credentials, but also to access the user's cryptocurrency wallet and drain its contents.

"I would say [I get them] two or three times a week. Sometimes I get multiple texts in one day. A lot of it is almost catfish, where they tell you you can work from home for x amount of money per week," said Sheree Delice.

"I started to create videos about cryptocurrency and launch my own exchange on cryptocurrency," the Durham, North Carolina, resident said.

The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan (RAT) tracked as HoldingHands RAT (aka Gh0stBins). "The campaign relied on phishing emails with PDFs that contained embedded malicious links," Pei Han Liao, researcher with Fortinet's FortiGuard Labs, said in a report shared with The Hacker News.

Members of Gen Z are often referred to as "digital natives." They were born and raised in the internet era and have been engaging with computers, tablets, smartphones, and other connected devices from an early age. In many ways, this gives Gen Z an advantage in today's increasingly digital working environments-but that isn't always the case. In fact, research has consistently shown that each generation has its own unique blind spots when it comes to safely navigating the digital realm.

"Instead of relying solely on traditional command-and-control (C2) servers that can be taken down, these attackers are leveraging GitHub repositories to host malware configurations," McAfee Labs researchers Harshil Patel and Prabudh Chakravorty said in a report. "When law enforcement or security researchers shut down their C2 infrastructure, Astaroth simply pulls fresh configurations from GitHub and keeps running."

A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. "Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with the front camera; and even send SMS messages or place calls directly from the victim's device," Zimperium researcher Vishnu Pratapagiri said in a report shared with The Hacker News.

Cybercrime continues to make headlines, with major brands and institutions recently forced to suspend online operations in the wake of attacks. Bad actors can exploit the Domain Name System (DNS) in schemes like phishing and ransomware, using fraudulent or lookalike domains to deceive consumers and carry out malicious activity.

OpenAI has intensified its efforts to combat the misuse of artificial intelligence. In a new report, the company reveals that it has dismantled several international networks in recent months that were using its models for cyberattacks, scams, and political influence. The analysis shows how malicious actors are becoming increasingly sophisticated in their use of AI, while OpenAI is simultaneously expanding its defense mechanisms.

The , conducted by UC San Diego Health and Censys researchers, found that phishing-related cybersecurity training programs had no effect on whether or not employees were duped by phishing emails. After analyzing the results of 10 different phishing email campaigns sent to over 19,500 employees at UC San Diego Health over eight months, the researchers found "no significant relationship between whether users had recently completed an annual, mandated cybersecurity training and the likelihood of falling for phishing emails."

We live in a digital-first world where almost every business depends on technology. While this brings countless opportunities, it also opens the door to new risks. Cyber attacks are no longer just a problem for big corporations; small businesses and individuals are frequent targets too. The weakest link is often not the software or hardware, but the people using them. That's where effective cyber security awareness training comes into play, and IT support teams are at the heart of it.

Investigators from Microsoft's Digital Crimes Unit (DCU) have disrupted the network behind the dangerous RaccoonO365 infostealer malware that targeted the usernames and credentials of Office 365 users after being granted a court order in the Southern District of New York. The operation saw a total of 338 websites linked to the popular malware seized and its technical infrastructure disrupted, severing RaccoonO365 users' access to their victims.