A new phishing scam is leveraging trusted aspects of ecommerce to make their scams look legitimate ..read more

As expected, threat actors are taking advantage of the global IT outage caused by a faulty CrowdStrike update last Friday, SC Media reports ..read more

Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands ..read more

Several threat actors are abusing legitimate cloud services to launch phishing attacks against users in Latin America, according to Google’s latest Threat Horizons Report ..read more

Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports ..read more

I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event.  Within hours of mass IT outages on Friday, a surge of new domains began appearing online, all sharing one common factor: the name CrowdStrike. As the company grapples with a global tech outage that has delayed flights and disrupted emergency services, opportunistic cybercriminals are quick to exploit the chaos. Numerous websites have surfaced, promising help to those affected by the outage. Names like crowdstriketoken ..read more

Phishing is used to completely compromise the victim’s environment after other repeated methods failed ..read more

Our friends at the CyberWire reported: "ZeroFox and Fortinet have both published reports on threats facing the 2024 Olympics in Paris. ZeroFox says the primary cybersecurity threat will be cyberattacks from Russia, which are "likely to take the form of DDoS attacks, data compromises, and scams carried out by Russian threat actor groups ..read more

The US Internal Revenue Service (IRS) has issued an advisory warning of phishing campaigns targeting car dealerships. The IRS says car dealers should be on the lookout for targeted phishing attacks following a ransomware attack that hit a major auto sales software provider last month ..read more

Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they can use employee accounts without raising suspicion ..read more