Tag: social engineering tactics
-
Cloud Blog: Cybercrime: A Multifaceted National Security Threat
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/cybercrime-multifaceted-national-security-threat/ Source: Cloud Blog Title: Cybercrime: A Multifaceted National Security Threat Feedly Summary: Executive Summary Cybercrime makes up a majority of the malicious activity online and occupies the majority of defenders’ resources. In 2024, Mandiant Consulting responded to almost four times more intrusions conducted by financially motivated actors than state-backed intrusions. Despite this…
-
Embrace The Red: Hacking Gemini’s Memory with Prompt Injection and Delayed Tool Invocation
Source URL: https://embracethered.com/blog/posts/2025/gemini-memory-persistence-prompt-injection/ Source: Embrace The Red Title: Hacking Gemini’s Memory with Prompt Injection and Delayed Tool Invocation Feedly Summary: Imagine your AI rewriting your personal history… A while ago Google added memories to Gemini. Memories allow Gemini to store user-related data across sessions, storing information in long-term memory. The feature is only available to…
-
Rekt: Pwnedbase
Source URL: https://www.rekt.news/pwnedbase Source: Rekt Title: Pwnedbase Feedly Summary: Coinbase users lost $65M in 2 months while support tickets gathered dust. Scammers ran a tighter ship than their security team. ZachXBT’s investigation reveals the real damage. $300M lost annually while Coinbase chases banking powers. AI Summary and Description: Yes Summary: The text highlights significant security…
-
Unit 42: Stealers on the Rise: A Closer Look at a Growing macOS Threat
Source URL: https://unit42.paloaltonetworks.com/?p=138244 Source: Unit 42 Title: Stealers on the Rise: A Closer Look at a Growing macOS Threat Feedly Summary: Atomic Stealer, Poseidon Stealer and Cthulhu Stealer target macOS. We discuss their various properties and examine leverage of the AppleScript framework. The post Stealers on the Rise: A Closer Look at a Growing macOS…
-
Hacker News: A phishing attack involving g.co, Google’s URL shortener
Source URL: https://gist.github.com/zachlatta/f86317493654b550c689dc6509973aa4 Source: Hacker News Title: A phishing attack involving g.co, Google’s URL shortener Feedly Summary: Comments AI Summary and Description: Yes Summary: The provided text describes a sophisticated phishing scam involving the impersonation of Google Workspace support, highlighting critical security implications for organizations reliant on cloud services. It emphasizes the need for stringent…
-
The Register: Crypto klepto North Korea stole $659M over just 5 heists last year
Source URL: https://www.theregister.com/2025/01/15/north_korea_crypto_heists/ Source: The Register Title: Crypto klepto North Korea stole $659M over just 5 heists last year Feedly Summary: US, Japan, South Korea vow to intensify counter efforts North Korean blockchain bandits stole more than half a billion dollars in cryptocurrency in 2024 alone, the US, Japan, and South Korea say.… AI Summary…
-
The Register: Microsoft fixes under-attack privilege-escalation holes in Hyper-V
Source URL: https://www.theregister.com/2025/01/15/patch_tuesday_january_2025/ Source: The Register Title: Microsoft fixes under-attack privilege-escalation holes in Hyper-V Feedly Summary: Plus: Excel hell, angst for Adobe fans, and life’s too Snort for Cisco Patch Tuesday The first Patch Tuesday of 2025 has seen Microsoft address three under-attack privilege-escalation flaws in its Hyper-V hypervisor, plus plenty more problems that deserve…
-
The Register: Japanese Police claim China ran five-year cyberattack campaign
Source URL: https://www.theregister.com/2025/01/09/japan_mirrorface_china_attack/ Source: The Register Title: Japanese Police claim China ran five-year cyberattack campaign Feedly Summary: ‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by…
-
Hacker News: How to Lose a Fortune with Just One Bad Click
Source URL: https://krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one-bad-click/ Source: Hacker News Title: How to Lose a Fortune with Just One Bad Click Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text highlights the alarming rise of sophisticated phishing scams utilizing social engineering tactics, particularly targets involving Google accounts and cryptocurrency wallets. This case study demonstrates the vulnerabilities inherent…
-
The Register: Don’t fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish
Source URL: https://www.theregister.com/2024/12/19/docusign_lure_azure_account_takeover/ Source: The Register Title: Don’t fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish Feedly Summary: Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns Unknown criminals went on a phishing expedition that targeted about 20,000 users…