Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it.
Continue Reading

Russian Threat Actor FIN7 Targeting the Automotive Industry with Spear Phishing Attacks

The cybercriminal threat actor FIN7 is launching spear phishing attacks against the automotive industry in the United States, according to researchers at BlackBerry.
Continue Reading

LastPass Warns of Deepfake Phishing Attempt

Password Manager software developer LastPass warned that one of its employees was targeted by a social engineering attack that used an audio deepfake which impersonated the company’s CEO. ...
Continue Reading

AI Voice Cloning and Bank Voice Authentication: A Recipe for Disaster?

New advancements in generative AI voice cloning come at a time when banks are looking for additional ways to authenticate their customers – and they’re choosing your voice.
Continue Reading

Phishing Frenzy: Microsoft and Google Most Mimicked Brands in Cyber Scams

Microsoft and Google were the most frequently impersonated brands in phishing attacks during the first quarter of 2024, according to a report from Check Point.
Continue Reading

Cisco Calls Out Organizations As Being “Overconfident and Unprepared” for Cyber Attacks

In a new report, Cisco says the cyber readiness of organizations is lacking despite having experienced multiple cyber attacks within the last year.
Continue Reading

[WARNING] FBI Issues Alert on Major Phishing Campaign That Impersonates US Toll Services

The FBI has issued an alert warning of a widespread SMS phishing (smishing) campaign targeting people in several US states with phony notices of unpaid tolls, BleepingComputer reports.
Continue Reading

State-Sponsored Disinformation Campaigns Targeting Africa Driving Instability And Violence

A shocking report shows how email-based disinformation campaigns can have material real-world impacts to the citizens in the targeted countries.
Continue Reading

Water Facilities Compromised By Iranian Threat Actors

In December 2023, a joint alert was issued by the FBI, CISA, NSA, EPA, and INCD regarding Iranian cyber actors known as "CyberAv3ngers" linked to Iran's Islamic Revolutionary Guard Corps ...
Continue Reading

New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

A new PhaaS service brings the power of bypassing multi-factor authentication (MFA) to the world’s most-used email platforms.
Continue Reading

Australian Government Commits to Become a World-Leader in Cybersecurity by 2030

The Australian Government has leveraged insight from cybersecurity experts to create a new six-part plan to combat cybersecurity over the coming decade.
Continue Reading

Large-Scale StrelaStealer Campaign Impacts Over 100 Organizations Within the E.U. and U.S.

A new campaign of StrelaStealer attacks identified by security analysts at Unit42 has been spotted targeting E.U. and U.S. organizations. This somewhat new infostealer has evolved to be ...
Continue Reading

Catfishing Campaign Targets Members of the UK Government

At least twelve men working in the UK parliament have recently been targeted by WhatsApp spear phishing messages, POLITICO reports. The targeted individuals include “a senior Labour MP, ...
Continue Reading

IT Leaders Can’t Stop AI and Deepfake Scams as They Top the List of Most Frequent Attacks

New data shows that the attacks IT feels most inadequate to stop are the ones they’re experiencing the most.
Continue Reading

Malicious App Impersonates McAfee to Distribute Malware Via Text and Phone Calls

A trojanized version of the McAfee Security app is installing the Android banking Trojan “Vultur,” according to researchers at Fox-IT. The attackers are spreading links to the malicious ...
Continue Reading

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

New TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.
Continue Reading

Despite Cybersecurity Improvements in UK Organizations, Attacks Still Persist

The UK government's third phase of research shows how well UK organizations have been improving their cybersecurity efforts but indicates that the risk from certain attacks have only been ...
Continue Reading

Thread Hijacking Phishing Attack Targets Pennsylvania Journalist

A journalist in Pennsylvania was targeted by phishing attacks that involved thread hijacking, according to Brian Krebs at KrebsOnSecurity.
Continue Reading

Russian Federation-backed threat group APT29 Now Targeting German Political Parties

New analysis of APT29’s (aka Cozy Bear) activities and their association with Russia’s Foreign Intelligence Service (SVR) has revealed suspected attempts to collect political intelligence.
Continue Reading

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews