Tag: phishing
-
Neue ResolverRAT-Malware zielt auf Gesundheitsbranche
by
in SecurityNewsDer neue Remote Access Trojaner ResolverRAT nutzt DLL-Side-Loading-Probleme aus.Forscher von Morphisec haben einen neuen Remote Access Trojaner (RAT) mit dem Namen ResolverRAT entdeckt, der über Phishing-E-Mails mit bösartigen Anhängen verbreitet wird. Die Angreifer nutzen dabei als Köder Begriffe wie Urheberrechtsverletzungen, verschiedene Rechtsverstöße und laufende Ermittlungen. Die E-Mails sind in mehreren Sprachen verfasst, darunter Englisch, Hindi,…
-
Identity Attacks Now Comprise a Third of Intrusions
by
in SecurityNewsIBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/identity-attacks-now-comprise/
-
Russia-linked APT29 targets European diplomats with new malware
by
in SecurityNewsWINELOADER variant: While the Check Point researchers didn’t manage to obtain the final payload delivered by GRAPELOADER directly, they located a new variant of the WINELOADER backdoor that was uploaded to the VirusTotal scanning service around the same time and which has code and compilation time similarities to both AppvIsvSubsystems64.dll and ppcore.dll. As such, there…
-
APT29 Targets European Diplomats with Wine-Themed Phishing
by
in SecurityNewsA new wave of targeted phishing attacks aimed at European governments and diplomats is underway, with the threat First seen on securityonline.info Jump to article: securityonline.info/apt29-targets-european-diplomats-with-wine-themed-phishing/
-
New Midnight Blizzard spear-phishing campaign targets European diplomatic orgs
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-midnight-blizzard-spear-phishing-campaign-targets-european-diplomatic-orgs
-
Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials
by
in SecurityNewsAttackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises. This strategic shift to server-side operations is designed to evade detection and complicate analysis. Evolving Phishing Techniques Recent investigations have highlighted a marked evolution in the tactics employed by phishing campaigns. Traditional methods relied on client-side redirects to…
-
Russians lure European diplomats into malware trap with wine-tasting invite
by
in SecurityNewsVintage phishing varietal has improved with age First seen on theregister.com Jump to article: www.theregister.com/2025/04/16/cozy_bear_grapeloader/
-
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
by
in SecurityNewsThreat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages.”Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal,” Abnormal Security researchers Hinman Baron and Piotr Wojtyla said in First…
-
Wein, Politik und Spionage: Russische Hacker greifen europäische Diplomaten an
by
in SecurityNewsIm Januar 2025 entdeckten die Sicherheitsexperten von Check Point Research eine besorgniserregende Welle von Phishing-Angriffen, die gezielt gegen europäische Regierungsbeamte und Diplomaten gerichtet sind. Im Zentrum der Attacken steht eine raffinierte russische Hackergruppe: APT29, auch bekannt als Midnight Blizzard oder Cozy Bear dieselben Akteure, die hinter dem berüchtigten SolarWinds-Hack standen. First seen on it-daily.net Jump…
-
Online-Betrüger setzen auf KI und synthetische Identitäten
by
in SecurityNews
Tags: ai, cyber, cyberattack, cybercrime, fraud, germany, international, login, mail, phishing, risk, usaOft reichen wenige echte Datenfragmente etwa Name und Geburtsdatum um eine synthetische Identität zu erschaffen.Die weltweite Welle der Online-Kriminalität wird nach Einschätzung von Cyberexperten in den kommenden Jahren noch an Wucht und Dynamik gewinnen. Einer wachsenden Zahl von Tätern gelingt es demnach, ihre wahre Identität hinter erfundenen Persönlichkeiten zu verbergen.”Synthetische Identitäten sind international ein wachsender…
-
APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats
by
in SecurityNewsCheck Point Research (CPR) has uncovered a new targeted phishing campaign employing GRAPELOADER, a sophisticated initial-stage downloader, launched by the notorious Russian-linked hacking group APT29, known alternatively as Midnight Blizzard or Cozy Bear. This campaign, identified since January 2025, primarily focuses on European governments and diplomatic entities. Campaign Overview APT29, recognized for its sophisticated cyber…
-
10 Best Email Security Solutions in 2025
Email security solutions are critical for protecting organizations from the growing sophistication of cyber threats targeting email communication. As email remains a primary channel for business communication, it is also the most exploited vector for attacks such as phishing, malware distribution, and business email compromise (BEC). Implementing robust email security measures ensures the confidentiality, integrity,…
-
WhatsApp Job Offer Scam Targets Job Seekers in New Phishing Attack
by
in SecurityNewsA new form of phishing attack is making waves among job seekers, as cybercriminals exploit WhatsApp and Meta’s trusted branding to lure victims into sophisticated job offer scams. Security experts warn that these attacks are not only increasing in frequency but have also become more elaborate, bypassing many traditional security layers and preying on those…
-
Malicious Macros Return in Sophisticated Phishing Campaigns
by
in SecurityNewsThe cybersecurity landscape of 2025 is witnessing a troubling resurgence of malicious macros in phishing campaigns. Despite years of advancements in security measures and Microsoft’s decision to disable macros by default in Office applications, attackers have adapted their methods to exploit human vulnerabilities and technical loopholes. These malicious macros, embedded within seemingly legitimate documents, have…
-
Neue Phishing-Kampagne zielt auf europäische Diplomaten
by
in SecurityNews
Tags: phishingDie Hauptziele der Kampagne sind diplomatische Einrichtungen in Europa, insbesondere Außenministerien und Botschaften. Auch Diplomaten außerhalb Europas beispielsweise im Nahen Osten stehen im Visier. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neue-phishing-kampagne-zielt-auf-europaeische-diplomaten/a40503/
-
The Smishing Triad Surge: Text-Based Threats Are Getting Smarter, Not Simpler
by
in SecurityNewsWhat began as a trickle of spammy messages has evolved into a sophisticated and dangerous phishing campaign. The Smishing Triad, an active cybercriminal group, is behind a surge of SMS-based phishing attacks (smishing) targeting organizations across sectors”, from healthcare to logistics to finance. Their focus? Gaining access to internal portals and enterprise email accounts by…
-
Introducing Wyo Support ADAMnetworks LTP
by
in SecurityNews
Tags: attack, best-practice, business, compliance, cyber, cybersecurity, data, email, endpoint, finance, GDPR, government, guide, healthcare, infrastructure, insurance, law, linkedin, PCI, phishing, radius, ransomware, regulation, service, skills, strategy, technology, threat, tool, training, update, zero-trustADAMnetworks is excited to announce Wyo Support to the family of Licensed Technology Partners. “After working with the various systems and technologies, there are few that compare with the protection that ADAMnetworks provides. It reduces the attack surface from the broad side of a barn down to the size of a keyhole. No other technology…
-
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing
by
in SecurityNewsRussian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/midnight-blizzard-deploys-new-grapeloader-malware-in-embassy-phishing/
-
AI-Powered Presentation Tool Leveraged in Phishing Attacks
Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named Gamma in phishing attacks. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/ai-powered-presentation-tool-leveraged-phishing-attacks
-
ResolverRAT Malware Targets Healthcare, Pharma with Phishing Tactics
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/resolverrat-malware-targets-healthcare-pharma-with-phishing-tactics
-
Tycoon 2FA phishing kit adds stealth, expands to mobile devices
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/tycoon-2fa-phishing-kit-adds-stealth-expands-to-mobile-devices
-
UK’s Cyber Crime Down in 2024: Better ‘Cyber Hygiene Among Small Businesses
by
in SecurityNewsA UK government survey of 2024 data shows phishing remains the top cyber threat, ransomware cases doubled, and fewer boards include cyber experts despite steady attack rates. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cyber-attacks-uk-businesses/
-
Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats
Russia-backed APT29’s latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages, errr, victims, and delivers a novel backdoor, GrapeLoader. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/wine-inspired-phishing-eu-diplomats
-
Russische Hacker-Gruppe APT29 führt ausgeklügelte Phishing-Kampagne gegen europäische Diplomaten durch
by
in SecurityNewsCheck Point Research (CPR), die Forschungsabteilung von Check Point Software Technologies hat eine signifikante Welle gezielter Phishing-Angriffe festgestellt, die im Januar 2025 begann. Diese Angriffe zielen speziell auf Regierungsbeamte und Diplomaten in ganz Europa ab und verwenden ausgefeite Techniken, Taktiken und Verfahren (TTPs), die denen einer früheren Phishing-Kampagne namens Wineloader sehr ähnlich sind. Diese wurde zuvor…
-
Cyberangriff kostet IKEA-Betreiber mehrere Millionen
by
in SecurityNewsDie Folgen des Ransomware-Angriffs auf den Franchise-Nehmer der IKEA-Filialen in Südosteuropa sind noch immer zu spüren.Ende des vergangenen Jahres meldete die Fourlis Group, dass die technischen Probleme der IKEA-Onlineshops auf ‘böswillige externe Handlungen” zurückzuführen seien. Aus der Mitteilung ging hervor, dass der Cyberangriff sich im November 2024 ereignete und die Geschäftstätigkeit in Griechenland, Zypern, Bulgarien…
-
Renewed APT29 Phishing Campaign Against European Diplomats
by
in SecurityNewsighlights Introduction Starting in January 2025, Check Point Research (CPR) has been tracking a wave of targeted phishing attacks aimed at European governments and diplomats. The Techniques, Tactics and Procedures (TTPs) observed in this campaign align with the WINELOADER campaigns, which were attributed toAPT29, a Russialinkedthreat group. APT29, also commonly referred to as Midnight Blizzard…
-
Precision-Validated Phishing: A New Trend in Credential Theft
by
in SecurityNewsPhishing attacks are becoming increasingly sophisticated, but one emerging tactic is setting a new bar for precision and deception. Known as Precision-Validated Phishing, this method uses real-time credential validation to enhance the success rate of phishing campaigns. A recent report… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/precision-validated-phishing-credential-theft/
-
The Future of Authentication: Moving Beyond Passwords
by
in SecurityNewsTraditional passwords have been the cornerstone of digital security for six decades, but their reign is coming to an end. As cyber threats become increasingly sophisticated and our digital footprints expand, the limitations of password-based authentication including vulnerability to phishing, credential stuffing, and poor password hygiene have become impossible to ignore. The majority of hacking-related…