Tag: social engineering techniques
-
The Register: AWS catches Russia’s Cozy Bear clawing at Microsoft credentials
Source URL: https://www.theregister.com/2025/08/29/aws_catches_russias_apt29_trying/ Source: The Register Title: AWS catches Russia’s Cozy Bear clawing at Microsoft credentials Feedly Summary: Look who’s visiting the watering hole these days Amazon today said it disrupted an intel-gathering attempt by Russia’s APT29 to trick Microsoft users into unwittingly granting the Kremlin-backed cyberspies access to their accounts and data.… AI Summary…
-
Cloud Blog: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats/ Source: Cloud Blog Title: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats Feedly Summary: Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities…
-
Microsoft Security Blog: Think before you Click(Fix): Analyzing the ClickFix social engineering technique
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/ Source: Microsoft Security Blog Title: Think before you Click(Fix): Analyzing the ClickFix social engineering technique Feedly Summary: The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. This technique exploits users’ tendency to resolve technical issues by tricking them into running malicious…
-
Cloud Blog: Cloud CISO Perspectives: New Threat Horizons details evolving risks — and defenses
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-new-threat-horizons-details-evolving-risks-and-defenses/ Source: Cloud Blog Title: Cloud CISO Perspectives: New Threat Horizons details evolving risks — and defenses Feedly Summary: Welcome to the first Cloud CISO Perspectives for August 2025. Today, our Office of the CISO’s Bob Mechler and Anton Chuvakin dive into the key trends and evolving threats that we tracked in our…
-
Anton on Security – Medium: Google Cloud Security Threat Horizons Report #12 Is Out!
Source URL: https://medium.com/anton-on-security/google-cloud-security-threat-horizons-report-12-is-out-6e84e700467f?source=rss—-8e8c3ed26c4c—4 Source: Anton on Security – Medium Title: Google Cloud Security Threat Horizons Report #12 Is Out! Feedly Summary: AI Summary and Description: Yes Summary: The text discusses insights from Google Cloud’s Threat Horizons Report #12, focusing on key security vulnerabilities in cloud environments. It highlights the persistent exploitation of issues like credential…
-
Cloud Blog: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944/ Source: Cloud Blog Title: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 Feedly Summary: Introduction In mid 2025, Google Threat Intelligence Group (GITG) identified a sophisticated and aggressive cyber campaign targeting multiple industries, including retail, airline, and insurance. This was the work of UNC3944, a financially motivated threat…
-
Krebs on Security: UK Charges Four in ‘Scattered Spider’ Ransom Group
Source URL: https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/ Source: Krebs on Security Title: UK Charges Four in ‘Scattered Spider’ Ransom Group Feedly Summary: Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer. AI Summary and…
-
Cisco Talos Blog: PDFs: Portable documents, or perfect deliveries for phish?
Source URL: https://blog.talosintelligence.com/pdfs-portable-documents-or-perfect-deliveries-for-phish/ Source: Cisco Talos Blog Title: PDFs: Portable documents, or perfect deliveries for phish? Feedly Summary: A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks. AI Summary and Description: Yes Summary: Cisco’s update to its brand impersonation detection engine enhances email…
-
Cloud Blog: What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia/ Source: Cloud Blog Title: What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Feedly Summary: Written by: Gabby Roncone, Wesley Shields In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russia state-sponsored cyber threat actor impersonating the U.S. Department of State. From at least…
-
Microsoft Security Blog: Defending against evolving identity attack techniques
Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/29/defending-against-evolving-identity-attack-techniques/ Source: Microsoft Security Blog Title: Defending against evolving identity attack techniques Feedly Summary: Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like…