Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG).
Continue Reading

Ransomware Recovery Costs Have Doubled for State and Local Governments

Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in ...
Continue Reading

Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails

New research on email threats points to AI-based tools to assist in generating BEC content. And the overwhelming targeted role may or may not surprise you.
Continue Reading

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals.
Continue Reading

Malvertising Campaign Impersonates Dozens of Google Products

A malvertising campaign is abusing Google ads to impersonate Google’s entire product line, according to researchers at Malwarebytes. The malicious ads are designed to lure victims into a ...
Continue Reading

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

Analysis of a phishing campaign targeting thousands of government contractors, dubbed “Operation Uncle Sam,” takes advantage of some sophisticated steps to avoid detection.
Continue Reading

Threat Actors Abuse URL Rewriting to Mask Phishing Links

Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point.
Continue Reading

U.K. Management Almost Twice as Likely to Fall for Phishing Attacks Versus Entry-Level Employees

Highlights from a new survey focused on employee compliance reveals just how targeted and susceptible U.K. businesses are to phishing attempts.
Continue Reading

Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

The ransomware threat group formerly known as "Royal" has rebranded itself as BlackSuit and updated their attack methods, warns the FBI.
Continue Reading

File-Sharing Phishing Attacks Increased by 350% Over the Past Year

File-sharing phishing attacks have skyrocketed over the past year, according to a new report from Abnormal Security.
Continue Reading

Ransomware Payments Decline While Data Exfiltration Payments Are On The Rise

The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics.
Continue Reading

Latest Phishing Scam Uses Cross-Site Scripting Attack to Harvest Personal Details

Cross-Site Scripting (XSS) is alive and well, and used in attacks to obfuscate malicious links in phishing emails to redirect users to threat-actor controlled websites.
Continue Reading

Employment Scams Continue to Target Job Seekers Via Phony Employment Offers

Threat actors continue to target job seekers with phony employment offers on job search platforms like Indeed, researchers at Bitdefender warn.
Continue Reading

Chameleon Malware Poses as CRM App

Researchers at ThreatFabric warn that a phishing campaign is distributing the Chameleon Android malware by impersonating a Customer Relationship Management (CRM) app. The campaign is ...
Continue Reading

Attackers Abuse Google Drawings to Host Phishing Pages

Researchers at Menlo Security warn that a phishing campaign is exploiting Google Drawings to evade security filters.
Continue Reading

Not Just Us: North Korean Remote IT Fraudster Arrested in Tennessee

Just when we thought we had something special with our very own North Korean hacker, it turns out this type of fraud has made it to the Volunteer State.
Continue Reading

New Phishing Campaign Targets Israeli Organizations To Deliver Malware

A new phishing campaign is targeting Israeli organizations to deliver the RHADAMANTHYS information-stealing malware, Cyber Security News reports.
Continue Reading

SEC Report Provides Insight into Key Tronic Ransomware Costs Totaling Over $17 Million

The financial repercussions of the May 2024 ransomware attack on the electronics manufacturing services firm Key Tronic underscores just how costly these attacks are.
Continue Reading

62% of Phishing Emails Bypassed DMARC Checks in 1H of 2024

A report from Darktrace has found that 62% of phishing emails in the first half of 2024 were able to bypass DMARC verification checks in order to reach users’ inboxes.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews