#jobs #vulnerability #incident #patch-management #security-tools #ai #exploit #malware #detection-engineering #phishing #cloud #aws #authentication #ransomware #breach
Articles tagged with: #phishing Clear filter
New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways

New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways

Cyber Security News cybersecuritynews.com

A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven page replacement to steal credentials. Unlike conventional phishing operations relying on static redirects, this campaign

#incident #phishing
New Text Message Based Phishing Attack from China Targeting Users Around the Globe

New Text Message Based Phishing Attack from China Targeting Users Around the Globe

Cyber Security News cybersecuritynews.com

A sophisticated text message phishing campaign originating from China has emerged as one of the most extensive cybersecurity threats targeting users worldwide. The operation, attributed to a threat collective known as the Smishing Triad, represents a massive escalation in SMS-based fraud, impersonating services across banking, healthcare, law enforcement, e-commerce, and government sectors. What began as

#incident #phishing
Jingle Thief Attackers Exploiting Festive Season with Weaponized Gift Card Attacks

Jingle Thief Attackers Exploiting Festive Season with Weaponized Gift Card Attacks

Cyber Security News cybersecuritynews.com

As the festive season approaches, organizations are witnessing a disturbing increase in targeted attacks on digital gift card systems. The Jingle Thief campaign, orchestrated by financially motivated threat actors based in Morocco, has emerged as a notorious campaign exploiting seasonal vulnerabilities to steal and monetize gift cards at scale. By leveraging tailored phishing and smishing

#vulnerability #phishing
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation

Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation

The Hacker News thehackernews.com

The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42. "Although these domains are registered through a Hong Kong-based registrar and use Chinese nameservers, the attack infrastructure is

#incident #phishing
InfoSec News Nuggets 10/24/2025

InfoSec News Nuggets 10/24/2025

AboutDFIR – The Definitive Compendium Project aboutdfir.com

Jingle Thief: Inside a Cloud-Based Gift Card Fraud Campaign We investigated a campaign waged by financially motivated threat actors operating out of Morocco. We refer to this campaign as Jingle Thief, due to the attackers' modus operandi of conducting gift card fraud during festive seasons. Jingle Thief attackers use phishing and smishing to steal credentials,

#cloud #phishing
MuddyWater Using New Malware Toolkit to Deliver Phoenix Backdoor Malware to International Organizations

MuddyWater Using New Malware Toolkit to Deliver Phoenix Backdoor Malware to International Organizations

Cyber Security News cybersecuritynews.com

The Advanced Persistent Threat group MuddyWater, widely recognized as an Iran-linked espionage actor, has orchestrated a sophisticated phishing campaign targeting more than 100 government entities and international organizations across the Middle East, North Africa, and beyond. The operation, which became active in mid-August 2025, represents a significant escalation in the group's tradecraft, introducing version 4

#malware #phishing
APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign

The Hacker News thehackernews.com

A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013. It also builds upon a prior

#malware #phishing
Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats

Arsen Launches Smishing Simulation to Help Companies Defend Against Mobile Phishing Threats

Cyber Security News cybersecuritynews.com

Paris, France, October 24th, 2025, CyberNewsWire Arsen, the cybersecurity company dedicated to helping organizations defend against social engineering, today introduced its new Smishing Simulation module: a feature designed to let companies run realistic, large-scale SMS phishing simulations across their teams. Designed to address the growing wave of mobile-based attacks, the new module gives CISOs, MSSPs,

#phishing
Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters

Threat Actors Advancing Email Phishing Attacks to Bypass Security Filters

Cyber Security News cybersecuritynews.com

Email phishing attacks have reached a critical inflection point in 2025, as threat actors deploy increasingly sophisticated evasion techniques to circumvent traditional security infrastructure and user defenses. The threat landscape continues to evolve with the revival and refinement of established tactics that were once considered outdated, combined with novel delivery mechanisms that exploit gaps in

#exploit #incident #phishing
Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data

Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data

Cyber Security News cybersecuritynews.com

Microsoft 365 Exchange Online's Direct Send feature, originally designed to enable legacy devices and applications to send emails without authentication, has become an exploitable pathway for cybercriminals conducting sophisticated phishing and business email compromise attacks. The feature allows multifunction printers, scanners, and older line-of-business applications to transmit messages by bypassing rigorous authentication and security checks,

#authentication #phishing
Getting phished from just a click

Getting phished from just a click

cybersecurity www.reddit.com

We run phishing tests and there seems to be two thoughts on fails. A click fail and a user/pass data entry fail after a click. Upper management seems to only think the data entry fails matter. I think clicks also are a big deal. They only require users who enter data to take extra training. The clickers are ignored. Aren't there attacks that involve just a link click? If so I'd love some good examples. submitted by /u/icedutah [link] [comments]

#phishing
Phishing Cloud Account for Information, (Thu, Oct 23rd)

Phishing Cloud Account for Information, (Thu, Oct 23rd)

SANS Internet Storm Center, InfoCON: green isc.sans.edu

Over the past two months, my outlook account has been receiving phishing email regarding cloud storage payments, mostly in French and some English with the usual warning such as the account is about to be locked, space is full, loss of data, refused payment, expired payment method, etc.

#cloud #phishing
I've never seen a phishing email use an actually legitimate email domain? How does this work?

I've never seen a phishing email use an actually legitimate email domain? How does this work?

cybersecurity www.reddit.com

Hi there. I wanted to ask about this curious phising email I noticed today. Admittedly, this confusion may be because I don't know how forwarding actually works, a fact the criminal is readily taking advantage of. Anyway, I did a google search on this but the explanations are lackluster. As you can see here , the sender line looks completely legitimate while the "recipient" is funky looking. What is the bad actor purportedly doing here? Surely they aren't receiving a legitimate email from...

#phishing
Why do phishing tools send the sus email to the users trash?

Why do phishing tools send the sus email to the users trash?

cybersecurity www.reddit.com

Dear Security Pros, Just curious on this. There are many phishing/spam tools and plugs ins out there. But one common thing I see is, the tool I guess sends a note to the security department And then moves the email to the deleted items folder, it doesn't like fully fully delete it Isn't that in itself risky to? Should tools both remove the email form the users mailbox folder and also from the trash/deleted items to? Or is that up to the organization? Just curious, thanks :) submitted by...

#security-tools #phishing
The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before You Engage

The Rise of Phantom Cyber Firms: How to Spot Them and What to Verify Before You Engage

LevelBlue Blogs levelblue.com

It's bad enough that organizations must worry about threat actors launching phishing attacks, injecting ransomware, or exploiting vulnerabilities; now, there is a new attack variant on the loose. Legal scammers. These are companies, which seem to be emerging particularly in Australia, are set up and registered as legal cybersecurity firms, but in the end just take a company's money without delivering any services. Over the last few years, I have repeatedly encountered the same playbook being...

#vulnerability #incident #phishing #ransomware