Tag: social engineering techniques
-
Cloud Blog: What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/creative-phishing-academics-critics-of-russia/ Source: Cloud Blog Title: What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia Feedly Summary: Written by: Gabby Roncone, Wesley Shields In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russia state-sponsored cyber threat actor impersonating the U.S. Department of State. From at least…
-
Microsoft Security Blog: Defending against evolving identity attack techniques
Source URL: https://www.microsoft.com/en-us/security/blog/2025/05/29/defending-against-evolving-identity-attack-techniques/ Source: Microsoft Security Blog Title: Defending against evolving identity attack techniques Feedly Summary: Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like…
-
Cloud Blog: Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/unc3944-proactive-hardening-recommendations/ Source: Cloud Blog Title: Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines Feedly Summary: Background UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to…
-
Cisco Talos Blog: One mighty fine-looking report
Source URL: https://blog.talosintelligence.com/one-mighty-fine-looking-report/ Source: Cisco Talos Blog Title: One mighty fine-looking report Feedly Summary: Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files. AI Summary and Description: Yes Summary: The Threat…
-
Unit 42: Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon
Source URL: https://unit42.paloaltonetworks.com/qr-code-phishing/ Source: Unit 42 Title: Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon Feedly Summary: Phishing with QR codes: New tactics described here include concealing links with redirects and using Cloudflare Turnstile to evade security crawlers. The post Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon appeared first on Unit 42.…
-
Microsoft Security Blog: Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/13/phishing-campaign-impersonates-booking-com-delivers-a-suite-of-credential-stealing-malware/ Source: Microsoft Security Blog Title: Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware Feedly Summary: Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The…
-
Unit 42: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems
Source URL: https://unit42.paloaltonetworks.com/?p=138517 Source: Unit 42 Title: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems Feedly Summary: A topological analysis and case studies add nuance to a study of malicious traffic distribution systems. We compare their use by attackers to benign systems. The post Beneath the Surface: Detecting and Blocking Hidden Malicious…
-
Rekt: Pwnedbase
Source URL: https://www.rekt.news/pwnedbase Source: Rekt Title: Pwnedbase Feedly Summary: Coinbase users lost $65M in 2 months while support tickets gathered dust. Scammers ran a tighter ship than their security team. ZachXBT’s investigation reveals the real damage. $300M lost annually while Coinbase chases banking powers. AI Summary and Description: Yes Summary: The text highlights significant security…
-
Bulletins: Vulnerability Summary for the Week of December 2, 2024
Source URL: https://www.cisa.gov/news-events/bulletins/sb24-344 Source: Bulletins Title: Vulnerability Summary for the Week of December 2, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description8 Published CVSS Score Source Info SailPoint Technologies–IdentityIQ IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2…
-
CSA: Cloud Security in Five Key Steps
Source URL: https://www.tenable.com/blog/how-to-protect-your-cloud-environments-and-prevent-data-breaches Source: CSA Title: Cloud Security in Five Key Steps Feedly Summary: AI Summary and Description: Yes **Summary:** The text addresses the rapidly evolving landscape of cloud computing security, highlighting the increased risks associated with cloud adoption and providing actionable strategies for organizations to bolster their defenses. It emphasizes the necessity of a…