Tagged: Social Engineering
Attackers have begun creating fake ChatGPT workspaces dressed up as real companies. Then they invite employees through genuine OpenAI emails. The scheme is dangerous precisely because it does not look like ordinary phishing. The...
Generative AI as a Criminal Commodity Cybercriminals increasingly integrate artificial intelligence into traditional attack strategies. However, they frequently exploit this novel technology as a lucrative commodity. Recently, researchers investigated various illicit forums and dark...
Malicious actors are no longer exclusively targeting rare virtual items within the Roblox ecosystem. They have escalated their operations to expropriate entire developmental projects. Creators have invested years nurturing these digital environments, which often...
A new ClickFix malware campaign is turning Amazon’s trusted name against its own customers. Researchers at the Cofense Phishing Defense Center uncovered the scheme. Notably, the attack convinces victims to infect their own machines....
MITRE has unveiled ATT&CK v19, a monumental evolution of the framework utilized by security cohorts to delineate adversary tactics and techniques. This iteration fundamentally recalibrates the established architecture: developers have bifurcated the overly broad...
A seemingly innocuous file transmitted via a support chat escalated into a significant crisis for DigiCert. An adversary masquerading as a client presented a malicious archive as a “customer screenshot,” successfully infiltrating systems utilized...
Corporate correspondence has once again emerged as a convenient portal for adversaries. In this nascent campaign, the assailants eschew direct “forced entry,” choosing instead to orchestrate a familiar professional complication for employees and promptly...
The Harvester threat collective has re-emerged, wielding a sophisticated instrument designed to elude conventional defensive parameters. Security researchers have identified a nascent iteration of the GoGra backdoor for Linux, which surreptitiously camouflages its presence...
Inexperienced North Korean cyber operatives have successfully exfiltrated millions of dollars in cryptocurrency over a span of several months. This feat was achieved not through the deployment of novel malware or the exploitation of...
A routine missive from a familiar service has long since ceased to be a hallmark of security. Specialists from Cisco Talos have identified a nascent surge in cyber offensives wherein adversaries exploit the legitimate...
What begins as a mundane exchange—an invitation to a podcast or a routine professional briefing—may serve as the preamble to a sophisticated incursion, potentially granting adversaries access to millions of downstream projects. In recent...
The recent incursion into the cryptocurrency sanctuary Drift, which culminated in the exfiltration of $285 million, has been unmasked not as a serendipitous breach, but as the denouement of a meticulously orchestrated operation spanning...