Tag: social engineering techniques
-
Slashdot: Salesforce Says It Won’t Pay Extortion Demand in 1 Billion Records Breach
Source URL: https://yro.slashdot.org/story/25/10/08/208202/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Salesforce Says It Won’t Pay Extortion Demand in 1 Billion Records Breach Feedly Summary: AI Summary and Description: Yes Summary: Salesforce is facing an extortion demand from a crime syndicate that claims to have stolen approximately 1 billion records from various customers, highlighting vulnerabilities in user compliance and security…
-
The Register: Nork snoops whip up fake South Korean military ID with help from ChatGPT
Source URL: https://www.theregister.com/2025/09/15/north_korea_chatgpt_fake_id/ Source: The Register Title: Nork snoops whip up fake South Korean military ID with help from ChatGPT Feedly Summary: Kimsuky gang proves that with the right wording, you can turn generative AI into a counterfeit factory North Korean spies used ChatGPT to generate a fake military ID for use in an espionage…
-
The Register: AWS catches Russia’s Cozy Bear clawing at Microsoft credentials
Source URL: https://www.theregister.com/2025/08/29/aws_catches_russias_apt29_trying/ Source: The Register Title: AWS catches Russia’s Cozy Bear clawing at Microsoft credentials Feedly Summary: Look who’s visiting the watering hole these days Amazon today said it disrupted an intel-gathering attempt by Russia’s APT29 to trick Microsoft users into unwittingly granting the Kremlin-backed cyberspies access to their accounts and data.… AI Summary…
-
Cloud Blog: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats/ Source: Cloud Blog Title: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats Feedly Summary: Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities…
-
Microsoft Security Blog: Think before you Click(Fix): Analyzing the ClickFix social engineering technique
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/ Source: Microsoft Security Blog Title: Think before you Click(Fix): Analyzing the ClickFix social engineering technique Feedly Summary: The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. This technique exploits users’ tendency to resolve technical issues by tricking them into running malicious…
-
Cloud Blog: Cloud CISO Perspectives: New Threat Horizons details evolving risks — and defenses
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-new-threat-horizons-details-evolving-risks-and-defenses/ Source: Cloud Blog Title: Cloud CISO Perspectives: New Threat Horizons details evolving risks — and defenses Feedly Summary: Welcome to the first Cloud CISO Perspectives for August 2025. Today, our Office of the CISO’s Bob Mechler and Anton Chuvakin dive into the key trends and evolving threats that we tracked in our…
-
Anton on Security – Medium: Google Cloud Security Threat Horizons Report #12 Is Out!
Source URL: https://medium.com/anton-on-security/google-cloud-security-threat-horizons-report-12-is-out-6e84e700467f?source=rss—-8e8c3ed26c4c—4 Source: Anton on Security – Medium Title: Google Cloud Security Threat Horizons Report #12 Is Out! Feedly Summary: AI Summary and Description: Yes Summary: The text discusses insights from Google Cloud’s Threat Horizons Report #12, focusing on key security vulnerabilities in cloud environments. It highlights the persistent exploitation of issues like credential…
-
Cloud Blog: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944/ Source: Cloud Blog Title: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 Feedly Summary: Introduction In mid 2025, Google Threat Intelligence Group (GITG) identified a sophisticated and aggressive cyber campaign targeting multiple industries, including retail, airline, and insurance. This was the work of UNC3944, a financially motivated threat…
-
Krebs on Security: UK Charges Four in ‘Scattered Spider’ Ransom Group
Source URL: https://krebsonsecurity.com/2025/07/uk-charges-four-in-scattered-spider-ransom-group/ Source: Krebs on Security Title: UK Charges Four in ‘Scattered Spider’ Ransom Group Feedly Summary: Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer. AI Summary and…
-
Cisco Talos Blog: PDFs: Portable documents, or perfect deliveries for phish?
Source URL: https://blog.talosintelligence.com/pdfs-portable-documents-or-perfect-deliveries-for-phish/ Source: Cisco Talos Blog Title: PDFs: Portable documents, or perfect deliveries for phish? Feedly Summary: A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks. AI Summary and Description: Yes Summary: Cisco’s update to its brand impersonation detection engine enhances email…