Cybercriminals Archives • Page 32 of 34 • Daily CyberSecurity

Bitdefender Exposes Sophisticated Subscription-Based Mystery Box Scams mystery box scam, subscription scam

Bitdefender Exposes Sophisticated Subscription-Based Mystery Box Scams

Do Son May 2, 2025

Bitdefender researchers have uncovered a sprawling web of subscription-based scams that blend professional-looking websites, social media manipulation,...

Commvault Updates Security Advisory After Nation-State Threat Actor Activity in Azure Commvault, nation-state threat

Commvault Updates Security Advisory After Nation-State Threat Actor Activity in Azure

Do Son April 30, 2025

Commvault has issued a crucial update to its March 7, 2025, security advisory following the detection of...

Proofpoint Exposes TA2900: French-Speaking BEC Actor Exploits Rental Payment System FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

Proofpoint Exposes TA2900: French-Speaking BEC Actor Exploits Rental Payment System

Do Son April 30, 2025

Proofpoint Threat Research has identified a new financially motivated business email compromise (BEC) actor, designated TA2900, who...

Infoblox Exposes $5.7B Investment Scam Surge Fueled by RDGAs and DNS Abuse Investment Scams RDGA

Infoblox Exposes $5.7B Investment Scam Surge Fueled by RDGAs and DNS Abuse

Do Son April 30, 2025

In a revealing new report, Infoblox Threat Intelligence warns that investment scams are evolving rapidly—contributing to record-breaking...

Cybersecurity Vendors Under Siege: A Deep Dive into Real-World Attacks Iranian Hacktivists Operation Epic Fury Cyber New Generation Warfare Russian Hybrid Escalation Plex data breach Water Systems Cybersecurity - Threat Actor Naming Standard

Iranian Hacktivists Operation Epic Fury Cyber New Generation Warfare Russian Hybrid Escalation Plex data breach Water Systems Cybersecurity - Threat Actor Naming Standard

Cybersecurity Vendors Under Siege: A Deep Dive into Real-World Attacks

Do Son April 30, 2025

SentinelOne has detailed the curtain on what it’s like to be targeted on the frontlines of today’s...

Nigerian National Sentenced in $6M Transnational Inheritance Scam Targeting Elderly Inheritance Scam, Elder Fraud

Nigerian National Sentenced in $6M Transnational Inheritance Scam Targeting Elderly

Do Son April 29, 2025

The U.S. Department of Justice announced that Okezie Bonaventure Ogbata, 36, a Nigerian national, has been sentenced...

Nevada Woman Pleads Guilty in $15 Million Fraud Scheme Targeting Elderly Victims Elder Fraud, Prize Scam

Nevada Woman Pleads Guilty in $15 Million Fraud Scheme Targeting Elderly Victims

Do Son April 29, 2025

The U.S. Department of Justice (DOJ) recently announced that an 80-year-old Nevada woman, Barbara Trickle, has pleaded...

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks SocGholish, RansomHub

SocGholish and RansomHub: Sophisticated Attack Campaign Targeting Corporate Networks

Do Son April 28, 2025

The eSentire’s Threat Response Unit (TRU) discovered a sophisticated cyberattack campaign linking SocGholish (also known as FakeUpdates)...

DeviceCodePhishing: How a New Attack Bypasses FIDO and MFA Protections DeviceCodePhishing, OAuth phishing

DeviceCodePhishing: How a New Attack Bypasses FIDO and MFA Protections

Do Son April 28, 2025

Security researcher Dennis Kniep has introduced a novel phishing technique known as DeviceCodePhishing, which takes traditional device...

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio

Do Son April 28, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT...

SessionShark: New Phishing Kit Bypasses Office 365 MFA MFA Bypass, SessionShark

SessionShark: New Phishing Kit Bypasses Office 365 MFA

Do Son April 28, 2025

Security researchers at SlashNext have uncovered a disturbing new tool emerging in cybercrime networks: SessionShark O365 2FA/MFA....

Darcula-Suite: AI Revolutionizes Phishing-as-a-Service Operations Darcula-Suite, Phishing-as-a-Service

Darcula-Suite: AI Revolutionizes Phishing-as-a-Service Operations

Do Son April 27, 2025

Netcraft researchers have uncovered a major development in the world of phishing-as-a-service (PhaaS): an update to the...

North Korean Operatives Use GenAI to Infiltrate Global Tech Jobs, Okta Warns North Korea malware North Korea, OFAC sanctions DPRK AI hiring, Wagemole campaigns

North Korean Operatives Use GenAI to Infiltrate Global Tech Jobs, Okta Warns

Do Son April 25, 2025

A recent report by Okta Threat Intelligence has shed light on the alarming ways that North Korean...

Russian IP Networks Fuel North Korea’s Global Cybercrime and Espionage Campaigns North Korea, Russian infrastructure

Russian IP Networks Fuel North Korea’s Global Cybercrime and Espionage Campaigns

Do Son April 25, 2025

A revealing new report from Trend Micro uncovers how Russian IP infrastructure is playing a pivotal role...

Power Parasites: Scam Campaign Targets Global Energy Brands Power Parasites, phishing

Power Parasites: Scam Campaign Targets Global Energy Brands

Do Son April 25, 2025

A sprawling phishing and scam operation, dubbed “Power Parasites” by the threat analysts at Silent Push, is...

WooCommerce Phishing Attack: Fake Vulnerability Exploits Store Owners Patchstack

WooCommerce Phishing Attack: Fake Vulnerability Exploits Store Owners

Do Son April 25, 2025

A new phishing campaign is targeting WooCommerce users with fake security vulnerability alerts, attempting to trick them...

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics Kimsuky Group PebbleDash Malware

Kimsuky’s PebbleDash Campaign: PowerShell Attacks & RDP Bypass Tactics

Do Son April 25, 2025

A recent report by the AhnLab Security intelligence Center (ASEC) has uncovered the latest tactics employed by...

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware ToyMaker Initial Access Broker Ransomware

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware

Do Son April 25, 2025

Cisco Talos’ 2023 incident response report unveils the operations of “ToyMaker,” a financially motivated Initial Access Broker...

Ghost Tap: NFC Fraud Surge Linked to Chinese Cybercriminal Groups NFC Fraud Ghost Tap

Ghost Tap: NFC Fraud Surge Linked to Chinese Cybercriminal Groups

Do Son April 24, 2025

Resecurity has uncovered a massive, evolving wave of fraud involving Near Field Communication (NFC) technology, exposing a...

Russian Hackers Abuse Microsoft 365 OAuth in Sophisticated Phishing Attacks OAuth Phishing Microsoft 365 OAuth

Russian Hackers Abuse Microsoft 365 OAuth in Sophisticated Phishing Attacks

Do Son April 24, 2025

Volexity has identified a series of advanced social engineering operations by suspected Russian threat actors targeting Microsoft...

Critical Alert 1 Active Exploit Detected Today