Tag: social engineering attacks
-
The Register: Subpoena tracking platform blames outage on AWS social engineering attack
Source URL: https://www.theregister.com/2025/10/02/subpoena_tracking_platform_outage_blamed/ Source: The Register Title: Subpoena tracking platform blames outage on AWS social engineering attack Feedly Summary: Software maker Kodex said its domain registrar fell for a fraudulent legal order A software platform used by law enforcement agencies and major tech companies to manage subpoenas and data requests went dark this week after…
-
The Register: ‘FileFix’ attacks use fake Facebook security alerts to trick victims into running infostealers
Source URL: https://www.theregister.com/2025/09/16/filefix_attacks_facebook_security_alert/ Source: The Register Title: ‘FileFix’ attacks use fake Facebook security alerts to trick victims into running infostealers Feedly Summary: Tech evolved from PoC to global campaign in under two months An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader.……
-
Krebs on Security: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
Source URL: https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ Source: Krebs on Security Title: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft Feedly Summary: The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate…
-
Unit 42: 2025 Unit 42 Global Incident Response Report: Social Engineering Edition
Source URL: https://unit42.paloaltonetworks.com/2025-unit-42-global-incident-response-report-social-engineering-edition/ Source: Unit 42 Title: 2025 Unit 42 Global Incident Response Report: Social Engineering Edition Feedly Summary: Social engineering thrives on trust and is now boosted by AI. Unit 42 incident response data explains why it’s surging. We detail eight critical countermeasures. The post 2025 Unit 42 Global Incident Response Report: Social Engineering…
-
Slashdot: After $380 Million Hack, Clorox Sues Its ‘Service Desk’ Vendor For Simply Giving Out Passwords
Source URL: https://yro.slashdot.org/story/25/07/23/2018211/after-380-million-hack-clorox-sues-its-service-desk-vendor-for-simply-giving-out-passwords?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: After $380 Million Hack, Clorox Sues Its ‘Service Desk’ Vendor For Simply Giving Out Passwords Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a cyberattack on Clorox in 2023, where an attacker exploited weak security practices at Cognizant, the company’s outsourced IT service desk provider, to…
-
Cisco Talos Blog: Getting a career in cybersecurity isn’t easy, but this can help
Source URL: https://blog.talosintelligence.com/getting-a-career-in-cybersecurity-isnt-easy-but-this-can-help/ Source: Cisco Talos Blog Title: Getting a career in cybersecurity isn’t easy, but this can help Feedly Summary: This week, Joe reflects on his unique path into cybersecurity and shares honest advice for breaking into the field. Plus, learn how cybercriminals are abusing AI to launch more sophisticated attacks and what you…
-
Microsoft Security Blog: Navigating cyber risks with Microsoft Security Exposure Management eBook
Source URL: https://www.microsoft.com/en-us/security/blog/2025/06/23/navigating-cyber-risks-with-microsoft-security-exposure-management-ebook/ Source: Microsoft Security Blog Title: Navigating cyber risks with Microsoft Security Exposure Management eBook Feedly Summary: Microsoft Security Exposure Management’s eBook helps educate teams on how to anticipate threats across hybrid environments, transforming risk into resilience. The post Navigating cyber risks with Microsoft Security Exposure Management eBook appeared first on Microsoft Security…
-
Cloud Blog: What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia/ Source: Cloud Blog Title: What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Feedly Summary: Written by: Gabby Roncone, Wesley Shields In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russia state-sponsored cyber threat actor impersonating the U.S. Department of State. From at least…
-
Bulletins: Vulnerability Summary for the Week of June 9, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-167 Source: Bulletins Title: Vulnerability Summary for the Week of June 9, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Acer–ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named…
-
Schneier on Security: Report on the Malicious Uses of AI
Source URL: https://www.schneier.com/blog/archives/2025/06/report-on-the-malicious-uses-of-ai.html Source: Schneier on Security Title: Report on the Malicious Uses of AI Feedly Summary: OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and…