CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack | Lookout Threat Intelligence
Summary: Lookout recently discovered an advanced phishing kit exhibiting novel tactics to target cryptocurrency platforms as well as the Federal Communications Commission (FCC) via mobile devices. Following the tactics of groups like Scattered Spider, this kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and […]
Mar 02, 2024NewsroomCybercrime / Social Engineering The U.S. Department of Justice (DoJ) on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including the U.S. Departments of the […]
The stolen data may include a wide range of personal information such as Social Security numbers, financial account details, medical information, and usernames and passwords.
The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have released details on the tactics and techniques threat actors are using to deploy the Phobos ransomware strain on target networks. The advisory is part of an ongoing stop-ransomware effort by the two entities working in collaboration with the Multi-State Information Sharing and Analysis […]
Hear the JKriv remix ahead of album’s release Brazilian musician Dioga Strausz has been speaking to Juno Daily about his forthcoming new album Samba From Outer Space and shared a JKriv remix of one of its key tracks. “I’m always experimenting with old school Brazilian music genres and trying to understand how they fit in […]
This post is also available in: 日本語 (Japanese) Executive Summary We recently found a new Linux variant of Bifrost (aka Bifrose), showcasing an innovative technique to evade detection. It uses a deceptive domain, download.vmfare[.]com, which mimics the legitimate VMware domain. This latest version of Bifrost aims to bypass security measures and compromise targeted systems. First […]
Researchers found a zero-click Facebook account takeover Pierluigi Paganini February 29, 2024 A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as […]
A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users’ access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing […]
Houser LLP, a U.S. law firm that specializes in serving high-profile financial institutions, said a system breach discovered in May 2023 exposed the personal data — possibly including sensitive information such as credit card numbers — of more than 325,000 people. In a regulatory filing posted Wednesday by Maine’s attorney general, the company said certain […]