Tag: phishing
-
Deepfake Frights: Unmasking the Shadows of Digital Deception
October. The month the night grows longer, and spooky whispers fill the air. Your neighbor is masquerading as a world-renowned singer and her husband is living out his football superstar fantasies. October is a spectacle, and maybe it’s time to slip into your costume. Unfortunately, you are not the only one in disguise. In fact,… Read more
-
Pegasus Spyware Sextortion Scams – What You Need to Know
In recent years, cybercriminals have become increasingly adept at deploying a variety of phishing and extortion tactics to manipulate and intimidate unsuspecting victims. One of the more alarming threats involves the Pegasus spyware sextortion scam, a new twist on classic phishing schemes designed to frighten recipients into paying a ransom. Below, we’ll dive into the… Read more
-
The Psychology of Phishing
But I’m smart! How did I get hacked? Whether cognizant of our actions, or not, we all use forms of social engineering in our everyday lives. Perhaps you praise a child to reinforce good behavior. Did you unconsciously curate your social media to present only what you want others to see and therefore think about… Read more
-
Emerging Threat Review: Storm-0324 & Sangria Tempest
The newest set of tactics, techniques, and procedures (TTPs) from Storm-0324, otherwise known as DEV-0324, reveals their use of Microsoft Teams to deliver malware through phishing messages and attachments. With corporate networks within their reach, this new evolution raises concerns for companies utilizing Microsoft Teams for day-to-day communications. Analysis: A publicly available Python-based tool known as… Read more
-
Eldorado: The Golden City of Ransomware-as-a-Service (RaaS)
In today’s rapidly evolving technological landscape, new cybercriminal threats are emerging alongside innovations. A ransomware group named Eldorado recently surfaced and, within a few months, successfully breached 16 companies worldwide, including in the United States. This malware poses a threat to both Windows and Linux systems, demonstrating that anyone can be a victim. Eldorado is… Read more
-
Royal Tiger – The First Officially Designated Robocall Threat Actor
On Monday, May 13th, the Federal Communications Commission (FCC) officially named its first robocall threat actor group,’ Royal Tiger’. This move goes along with the FCC’s new robocall bad actor classification system, Consumer Communications Information Services Threat (C-CIST). This system aims to assist law enforcement and industry partners with tracking threat actors behind robocall campaigns. Royal Tiger is comprised of members operating… Read more
-
How Important Is a Secure Password?
Financial fraud and identity theft often occur due to unauthorized access to accounts given to hackers by weak passwords. ‘Password1234’ might have worked 10 years ago, but today, that will never pass if you want to protect your banking information, personal data, and identity. Brute-force attacks, one of the most popular forms of cyberattacks, are… Read more
-
ALPHV Ransomware: A Closer Look into the Russian Ransomware Group
In recent years, the Russian-based ALPHV ransomware group, also known as BlackCat, Noberus, Gold Blazer, and Alpha Spider, has emerged as a formidable cyber threat, targeting organizations worldwide and operating with a ransomware-as-a-service (RaaS) business model. With their advanced tactics and persistent attacks, ALPHV has become a significant player in the ransomware landscape targeting over… Read more
-
UNC3944 Exploits Azure Serial Console for Complete VM Takeover
A threat group known as UNC3944 (also known as Roasted 0ktapus and Scattered Spider) has been observed hijacking Microsoft Azure admin accounts through phishing and SIM-swapping attacks. The financially motivated group bypasses traditional detection methods within Azure and gains full administrative access to compromised virtual machines (VMs) within victim organizations using Microsoft’s cloud computing service.… Read more