phishing

FBI shared a list of phishing domains associated with the LabHost PhaaS platformFBI shared a list of phishing domains associated with the LabHost PhaaS platform

FBI shared a list of phishing domains associated with the LabHost PhaaS platform

The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness…

2 months ago
Hive0117 group targets Russian firms with new variant of DarkWatchman malwareHive0117 group targets Russian firms with new variant of DarkWatchman malware

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime…

2 months ago
A large-scale phishing campaign targets WordPress WooCommerce usersA large-scale phishing campaign targets WordPress WooCommerce users

A large-scale phishing campaign targets WordPress WooCommerce users

A large-scale phishing campaign targets WordPress WooCommerce users with a fake security alert urging them to download a 'critical patch'…

2 months ago
Crooks exploit the death of Pope FrancisCrooks exploit the death of Pope Francis

Crooks exploit the death of Pope Francis

Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old…

2 months ago
Morphing Meerkat phishing kits exploit DNS MX recordsMorphing Meerkat phishing kits exploit DNS MX records

Morphing Meerkat phishing kits exploit DNS MX records

Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands. Infoblox researchers discovered…

3 months ago
Attackers use CSS to create evasive phishing messagesAttackers use CSS to create evasive phishing messages

Attackers use CSS to create evasive phishing messages

Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences. …

3 months ago
Storm-2372 used the device code phishing technique since August 2024Storm-2372 used the device code phishing technique since August 2024

Storm-2372 used the device code phishing technique since August 2024

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and…

4 months ago
Crazy Evil gang runs over 10 highly specialized social media scamsCrazy Evil gang runs over 10 highly specialized social media scams

Crazy Evil gang runs over 10 highly specialized social media scams

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer…

5 months ago
Law enforcement seized the domains of HeartSender cybercrime marketplacesLaw enforcement seized the domains of HeartSender cybercrime marketplaces

Law enforcement seized the domains of HeartSender cybercrime marketplaces

U.S. and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint…

5 months ago
Phishers abuse CrowdStrike brand targeting job seekers with cryptominer<gwmw style="display:none;"></gwmw>Phishers abuse CrowdStrike brand targeting job seekers with cryptominer<gwmw style="display:none;"></gwmw>

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer<gwmw style="display:none;"></gwmw>

CrowdStrike warns of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which…

5 months ago
Show more Posts