BleepingComputer reports that threat actors could facilitate covert malicious script execution by using a new variant of the FileFix attack technique, which entails the abuse of browsers' management of saved HTML pages.
Advanced persistent threat operation Blind Eagle, also known as APT-C-36, APT-Q-98, and AguilaCiega, has been leveraging Proton66, a Russian bulletproof hosting service, as part of its infrastructure in recent phishing attacks against banks and other financial entities across Colombia, including BBVA, Davivienda, Banco Caja Social, and Bancolombia, reports The Hacker News.
More than 350 organizations and nearly 1,800 email addresses were discovered by Proofpoint researchers to have been targeted by a new phishing fraud scheme involving the spoofing of the Department of Government Efficiency initially flagged by the Scoop News Group, according to FedScoop.
GBHackers News reports that widely used short-form video editing app CapCut has been exploited in a two-stage phishing campaign aimed at exfiltrating Apple ID credentials and credit card details.
Schools and small businesses have had their email accounts breached to spread phishing emails delivering the Remcos RAT malware in attack campaigns since last year, Hackread reports.
Healthcare providers and patients have been warned by the FBI regarding ongoing cyber intrusions involving the impersonation of health insurers and claims investigators that seek to pilfer medical records and bank account details, The Register reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
