Forget spoofed domains and compromised accounts. The new frontier of phishing is here, weaponizing trusted SaaS platforms like Microsoft Dynamics for massive, undetectable attacks.
Turns out, that mountain of ignored security alerts isn't just digital noise. A deep dive into 25 million alerts shows a consistent, and frankly, terrifying pattern: about one confirmed breach per week is hiding in plain sight, buried under 'informational' flags.
Over 35,000 users and 13,000 organizations were ensnared in a sophisticated phishing campaign orchestrated by cunning attackers. This wasn't your grandpa's Nigerian prince scam; this was a masterclass in social engineering, disguised as routine internal communications.
Phishers are having a field day with Amazon's Simple Email Service. Exposed AWS keys mean they can blast out convincing scams, and your inbox is the target.
Forget the usual malware scares. A new phishing campaign is weaponizing legitimate Remote Monitoring and Management (RMM) tools, leaving over 80 organizations exposed.
Forget the usual geopolitical chest-thumping. China's Silver Fox APT just lobbed a new volley of malware, cloaked in something as mundane as tax season.
A new wave of sophisticated phishing attacks, disguised as official tax correspondence, is being launched by China-based threat actor Silver Fox. The group is leveraging a novel Python-based backdoor, ABCDoor, to target organizations across India and Russia.
Think Telegram's neat little Mini Apps are all fun and games? Think again. Scammers are turning them into Trojan horses.
Microsoft finally addressed a glitch in Remote Desktop warnings that made them unreadable. But let's be clear: this is a cosmetic fix, not a shield.
Remember those fake booking emails promising a dream vacation? Turns out they're still around, and now they're packing a nastier punch. The shadowy TA558 group is back, and they've upgraded their malware delivery system.
Robinhood users weren't hacked, but they were tricked. A bizarre quirk in how the trading platform handled new accounts allowed attackers to send legitimate-looking phishing emails directly into users' inboxes.
So, Robinhood thought its new account emails were for welcoming users. Turns out, they were actually a perfectly crafted delivery system for scammers. Classic.