Phishing – Page 2

Incident_Reports

Twilio Authy API Breach: A Vulnerability That Exposed Millions to Potential Phishing Attacks

In July 2024, Twilio, a major communications provider, disclosed a significant breach involving its Authy multi-factor authentication (MFA) service. This incident, attributed to the ShinyHunters hacking group, exploited an unsecured…

Threat_Actor_Profiles Trends_Analysis

Dev Popper Campaign (May 2024): Hackers Exploit Fake Job Interviews to Distribute Python-based RAT Targeting Developers

21 June 2024 Threat Analyst

In May 2024, cybersecurity researchers uncovered a sophisticated attack campaign known as “Dev Popper,” where hackers posed as recruiters conducting fake job interviews to distribute a Python-based Remote Access Trojan…

Industry_News Techniques_Tactics_Procedures Threat_Actor_Profiles

Autodesk Drive Phishing Campaign

25 April 2024 Threat Analyst

A new phishing campaign leveraging Autodesk Drive has come to light, targeting corporate users through seemingly legitimate PDF files. Cybersecurity experts at Netcraft have uncovered that attackers are exploiting compromised…

Threat_Actor_Profiles

Threat Actor Profile: Hunters International Ransomware Group

22 November 2023 Threat Analyst

Introduction Hunters International is a newly identified ransomware group that has recently come to prominence. This group is particularly notable for its use of code with similarities to the now-defunct…

Threat_Actor_Profiles

Threat Actor Profile: Scattered Spider

21 November 2023 Threat Analyst

Scattered Spider, also known by other names like Octo Tempest, 0ktapus, and UNC3944, has emerged as a significant threat in the cybersecurity landscape. This ransomware gang is known for its…

Techniques_Tactics_Procedures

NetSupport as a RAT – The Resurgence of a Covert Threat

21 November 2023 Threat Analyst

The NetSupport RAT has emerged as a significant cyber threat, exploiting legitimate remote administration tools for malicious purposes. This report provides an in-depth analysis of recent incidents, targets, and the…

Threat_Actor_Profiles

Threat Actor Profile: Lockbit

20 November 2023 Threat Analyst

The LockBit ransomware group has emerged as a formidable cyber threat, targeting large corporations and disrupting global operations. This blog post delves into the recent activities of LockBit, highlighting their…

Incident_Reports

PhishForce – Salesforce Zero-Day Exploitation

5 August 2023 Threat Analyst

Introduction A recent zero-day vulnerability in Salesforce’s software was exploited by threat actors to phish Facebook credentials. This incident was first reported by Guardio Labs, who detected a sophisticated email…

Threat_Actor_Profiles Trends_Analysis

The Rising Threat of Abyss Locker Ransomware to VMware’s ESXi Servers

31 July 2023 Threat Analyst

A long overdue update to the Abyss Locker is shared here. A new emerging threat, Abyss Locker ransomware has been making headlines for its targeted attacks on VMware’s ESXi virtualised…

Threat_Actor_Profiles

Unmasking Storm-0978: A Cyber Espionage Campaign

27 July 2023 Threat Analyst

In the ever-evolving landscape of cyber threats, a new actor has emerged on the scene: Storm-0978. This group, with its financial and espionage motives, has been conducting a series of…

Twilio Authy API Breach: A Vulnerability That Exposed Millions to Potential Phishing Attacks

Dev Popper Campaign (May 2024): Hackers Exploit Fake Job Interviews to Distribute Python-based RAT Targeting Developers

Autodesk Drive Phishing Campaign

Threat Actor Profile: Hunters International Ransomware Group

Threat Actor Profile: Scattered Spider

NetSupport as a RAT – The Resurgence of a Covert Threat

Threat Actor Profile: Lockbit

PhishForce – Salesforce Zero-Day Exploitation

The Rising Threat of Abyss Locker Ransomware to VMware’s ESXi Servers

Unmasking Storm-0978: A Cyber Espionage Campaign

You missed

OpenClaw lures fuel ClickFix infostealer infections as agentic AI ecosystems become a new credential target

Storm-2561 pushes fake VPN installers via SEO poisoning to steal enterprise credentials

Hudson Rock ties Polyfill.io supply-chain compromise to DPRK operator via Lumma Stealer telemetry

Stryker ‘Handala’ incident: global Microsoft environment disruption and reported remote device wipes