Proofpoint
-
FileFix: New Facebook security alert spoof hijacks victims into downloading StealC infostealer, researchers warn
Security researchers have uncovered a campaign dubbed FileFix that masquerades as a Facebook security alert to trick users into executing a malicious payload, culminating in the StealC infostealer. The operation, a variant of the ClickFix social-engineering technique, shows global reach, steganography-based delivery, and a Go-based loader that drops StealC v2, with researchers noting evolving infrastructure…
-
Experts Warn of New Phishing Threats Exploiting Link Wrapping Services
Cybersecurity experts have identified a new phishing campaign that exploits link wrapping services from leading vendors to conceal malicious links, significantly raising the risk of successful attacks. The tactics involve sophisticated methods of masking URLs, allowing threat actors to redirect victims to fraudulent pages designed to capture sensitive information.
-
Chinese Cyber Espionage Campaign Targets Taiwanese Semiconductor Industry
Recent spear-phishing campaigns linked to Chinese state-sponsored groups are targeting Taiwan’s semiconductor industry, emphasizing the vital role of cybersecurity in this critical sector amidst escalating geopolitical tensions.
-
New Cybersecurity Threat Targets Over 80,000 Microsoft Entra ID Accounts
A new cybersecurity threat has surfaced, with over 80,000 Microsoft Entra ID accounts compromised by an account takeover campaign known as UNK_SneakyStrike, utilizing the TeamFiltration tool for malicious activities.
