Almost a quarter of all ransomware attacks between January and June involved social engineering and business email compromise, compared with only 20% during the same period last year, with increased artificial intelligence usage fueling the growth, according to Channel Futures.
More malicious websites, malware portals, and phishing pages have been created using the artificial intelligence-powered website creation and hosting platform Lovable despite the website builder's newly adopted protections, according to BleepingComputer.
Novel QR code phishing techniques have been employed by a pair of phishing-as-a-service kits to better bypass detection systems, reports Infosecurity Magazine.
BleepingComputer reports that threat actors have been covertly exfiltrating Microsoft 365 logins through a new phishing attack technique that exploits both Active Directory Federation Services and legitimate office.com links.
Cybersecurity researchers have observed a growing trend of threat actors exploiting Telegram's Bot API to covertly exfiltrate sensitive data from high-value organizations and government entities, reports Cyber Security News.
Cybercriminals are shifting from traditional phishing to sophisticated "ramp-and-dump" schemes targeting brokerage accounts, exploiting gaps in multi-factor authentication, researchers say, according to Krebs on Security.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
