social engineering
-
Russian Hackers Employ Advanced Social Engineering to Bypass Gmail’s Multi-Factor Authentication
A new campaign by Russian hackers has successfully bypassed Gmail’s multi-factor authentication, targeting academics and critics of Russia through sophisticated social engineering attacks, as reported by Google Threat Intelligence Group.
-
Cyber Attack on UK Retailers Marks & Spencer and Co-op Attributed to Scattered Spider Group
The recent cyber attacks targeting UK retailers Marks & Spencer and Co-op have been linked to the Scattered Spider cybercrime group, with financial impacts estimated at up to £440 million. The UK’s Cyber Monitoring Centre described the incidents as a single combined cyber event, prompting heightened concerns in the insurance sector as the group shifts…
-
FIN6 Cybercrime Group Targets HR Professionals with Advanced Phishing Operations
The FIN6 cybercrime group has launched a sophisticated phishing campaign targeting HR professionals by exploiting the job application process to deliver malware, according to new research from DomainTools. The group’s use of trusted cloud services complicates detection efforts, highlighting the need for improved security protocols in human resources.
-
New Campaign Uses Fake DocuSign and Gitcode Sites to Spread Malware
A new cyber campaign is using fake websites masquerading as DocuSign and Gitcode to spread the NetSupport RAT malware through deceptive PowerShell scripts. This strategy incorporates social engineering techniques and clipboard poisoning to execute malicious actions on unsuspecting users’ systems.
-
Spear-Phishing Campaign Targets CFOs with Advanced Techniques
A sophisticated spear-phishing campaign has been identified, targeting CFOs across various sectors with the aim of deploying a legitimate remote access tool, Netbird, to gain unauthorized access to sensitive financial systems.
-
Rise of Social Engineering Threats: Understanding the Latest Tactics
Social engineering tactics are becoming increasingly prevalent, posing significant risks to individuals and organizations alike. With attackers exploiting psychological manipulation and familiar interfaces, the need for cybersecurity awareness has never been more critical.
