Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMailThreat actors exploit AWS misconfigurations to launch phishing campaigns, increasing risks for organizations.
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform MalwareNorth Korean threat actors are targeting tech job seekers to deploy malware through bogus interviews on job search platforms.
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential TheftA sophisticated phishing campaign targeting European companies aims to harvest credentials and control Microsoft Azure cloud infrastructure.
Malicious DocuSign file targets Azure environmentsHackers targeted Azure cloud environments of European companies through phishing to steal credentials and maintain unauthorized access.
Move over, Cobalt Strike, there's a new post-exploit toolNew post-exploitation tool Splinter enables attackers to execute malicious commands and remains undetected by self-deleting after use.
Phishers abuse HTTP refresh headers for deeper deceptionPhishers increasingly exploit HTTP header refresh entries for credential harvesting in large-scale campaigns. Beware of legitimate domains used in phishing.
Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMailThreat actors exploit AWS misconfigurations to launch phishing campaigns, increasing risks for organizations.
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform MalwareNorth Korean threat actors are targeting tech job seekers to deploy malware through bogus interviews on job search platforms.
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential TheftA sophisticated phishing campaign targeting European companies aims to harvest credentials and control Microsoft Azure cloud infrastructure.
Malicious DocuSign file targets Azure environmentsHackers targeted Azure cloud environments of European companies through phishing to steal credentials and maintain unauthorized access.
Move over, Cobalt Strike, there's a new post-exploit toolNew post-exploitation tool Splinter enables attackers to execute malicious commands and remains undetected by self-deleting after use.
Phishers abuse HTTP refresh headers for deeper deceptionPhishers increasingly exploit HTTP header refresh entries for credential harvesting in large-scale campaigns. Beware of legitimate domains used in phishing.