Phishing

Related Videos

Bitwarden exploited in new Facebook malvertising campaign

SC StaffNovember 19, 2024

Clicking on the ads including alerts on compromised passwords redirects targets to a Chrome Web Store-spoofing page, which prompts the download of the fake update in the guise of a browser extension, according to a Bitdefender report.

Closeup of the DocuSign inbox page seen on a MacBook computer.

Phishing

One in five DocuSign spoofs targeting businesses found to be impersonations of regulatory agencies

Steve ZurierNovember 18, 2024

Spoofs from government agencies target businesses that regularly run DocuSign transactions with U.S. state, municipal and licensing authorities.

Phishing

Exploitation of SVG attachments in phishing on the rise

SC StaffNovember 18, 2024

While SVG primarily enables the crafting of images using text, lines, and shapes in code rather than pixels, such files could also be utilized to show HTML and facilitate JavaScript execution in credential-stealing phishing forms.

Technology background with national flag of Iran. 3D rendering

Malware

Iranian threat group targets aerospace workers with fake job lures

Steve ZurierNovember 13, 2024

Researchers say the Iranian threat actors impersonated the North Koreans to hide their activities.

Phishing

GitHub developer compromise sought by novel GoIssue phishing tool

SC StaffNovember 13, 2024

Aside from facilitating email address extraction from public GitHub profiles, GoIssue — which also features proxy support, customizable email templates, and token management capabilities — also enables the automation of targeted phishing campaigns that could result in developer credential theft, private repository access, or malware delivery, a SlashNext report showed.

Malware

Highly targeted GootLoader malware campaign discovered

SC StaffNovember 12, 2024

Threat actors leveraged search results for the query 'Are Bengal Cats legal in Australia?' which when clicked enabled the download of a malicious ZIP archive installing the GootKit information-stealing payload and remote access trojan, according to a Sophos report.

Vulnerability Management

Struwwelpeter, Krampus, Flutter, Apple, DLink, C++, Josh Marpet and more… – SWN #430

November 12, 2024

Struwwelpeter, Krampus, Flutter, Apple, DLink, C++, Josh Marpet and more on the Security Weekly News.

Identity

The rise of phishing-resistant MFA and what it means for a passwordless future

Paul WagenseilNovember 12, 2024

Slowly but surely, phishing-resistant forms of multi-factor authentication are catching on. Here's how to join the movement, and how it can lead to a fully passwordless environment.

Phishing

Related Videos

Threat predictions for 2024: Chained AI and CaaS operations give attackers more ‘easy’ buttons than ever

Bitwarden exploited in new Facebook malvertising campaign

One in five DocuSign spoofs targeting businesses found to be impersonations of regulatory agencies

Exploitation of SVG attachments in phishing on the rise

Iranian threat group targets aerospace workers with fake job lures

GitHub developer compromise sought by novel GoIssue phishing tool

Highly targeted GootLoader malware campaign discovered

Struwwelpeter, Krampus, Flutter, Apple, DLink, C++, Josh Marpet and more… – SWN #430

The rise of phishing-resistant MFA and what it means for a passwordless future

Fast Five

Selected by the SC Media Editorial team every Tuesday.