social engineering Archives • Daily CyberSecurity

CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users captcha

CAPTCHA Trap: Fake Verification Unleashes Lumma Stealer on Unsuspecting Users

Ddos May 13, 2025

Sophos X-Ops has uncovered a cunning cybercrime campaign using fake CAPTCHA pages to trick users into running...

Iranian Cyber Espionage Uses Fake Modeling Agency for Targeted Attacks

Ddos May 8, 2025

Recently, researchers at Palo Alto Networks’ Unit 42 have uncovered a covert Iranian cyber-espionage campaign that employed...

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics APT36 phishing, ClickFix campaign

APT36 Suspected in India Gov Spoofing Phishing with ClickFix Tactics

Ddos May 8, 2025

Hunt.io, a threat hunting platform, has revealed a sophisticated phishing campaign using ClickFix-style tactics and spoofed Indian...

Scattered Spider (UNC3944) Resurfaces with Ties to DragonForce and RansomHub in Retail Attacks

Ddos May 7, 2025

A new report from Mandiant, a Google Cloud company, sheds light on the renewed activity of UNC3944,...

California Man to Plead Guilty in Hack of Disney Employee, Theft of 1.1TB of Confidential Slack Data

Ddos May 5, 2025

In a case that merges social engineering, malware, and corporate espionage, the U.S. Department of Justice (DOJ)...

Luna Moth’s Callback Phishing Attacks Target US Legal and Financial Firms

Ddos May 3, 2025

A new threat intelligence report from EclecticIQ unveils the evolving tradecraft of Luna Moth, a financially motivated...

North Korean APT ‘Contagious Interview’ Launches Fake Crypto Companies to Spread Malware Trio

Ddos April 28, 2025

Threat analysts at Silent Push have uncovered a new campaign orchestrated by the North Korean state-sponsored APT...

Russian Hackers Abuse Microsoft 365 OAuth in Sophisticated Phishing Attacks OAuth Phishing Microsoft 365 OAuth

Russian Hackers Abuse Microsoft 365 OAuth in Sophisticated Phishing Attacks

Ddos April 24, 2025

Volexity has identified a series of advanced social engineering operations by suspected Russian threat actors targeting Microsoft...

State-Sponsored Actors Adopt ClickFix Technique in Cyber Espionage ClickFix State-sponsored actors

State-Sponsored Actors Adopt ClickFix Technique in Cyber Espionage

Ddos April 21, 2025

In a recent cybersecurity report by Proofpoint researchers, a notable trend has emerged: state-sponsored actors are increasingly...

Beware Fake PDF Converters: A Social Engineering Threat LDAPNightmare - CVE-2025-1316

Beware Fake PDF Converters: A Social Engineering Threat

Ddos April 16, 2025

In today’s digital age, online file converters have become indispensable tools for streamlining daily workflows. However, a...

Gootloader Malware Expands Its Reach with Advanced Social Engineering and SEO Poisoning

Ddos January 20, 2025

Sophos X-Ops has released an in-depth analysis of the notorious Gootloader malware family, highlighting its use of...

ClickFix: The Rising Threat of Clipboard-Based Social Engineering ChatGPT impersonation used in ClickFix payload delivery

ClickFix: The Rising Threat of Clipboard-Based Social Engineering

Ddos November 19, 2024

In a detailed report, Proofpoint researchers have unveiled the alarming rise of a unique social engineering method...

Compromised Credentials: New Cyberattack Exploits Industry Email Accounts

Ddos September 24, 2024

Proofpoint researchers have uncovered a campaign targeting transport and logistics companies across North America. These attackers are...

North Korea Targets DeFi and Crypto Companies with Advanced Social Engineering Attacks CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

CVE-2024-38193 - Lazarus Group Threat Actors ScreenConnect

North Korea Targets DeFi and Crypto Companies with Advanced Social Engineering Attacks

Ddos September 4, 2024

The FBI has warned sternly about North Korean state-sponsored hackers employing highly sophisticated social engineering tactics to...

Kimsuky APT: New TTPs Revealed in Rapid7 Cybersecurity Report

Ddos July 22, 2024

Rapid7, a leading cybersecurity firm, has released a comprehensive report detailing the evolving tactics, techniques, and procedures...