The latest fraud data Sift published in "Q2 2023 Digital Trust & Safety Index" revealed that 78% of users are concerned that fraudsters could exploit AI tools to victimize them.
Phishing, despite its age and infamy, remains one of the top threats to corporate and personal networks alike. And it's not hard to see why -- it continues to be effective. In fact, more than a third of all data breaches today involve phishing.
It's not unusual for data stealers to target several browsers simultaneously. Zooming in on multiple platforms at once, including email clients, gaming portals, chat apps, crypto wallets, and even VPN-protected services, however, is quite novel.
Each time organizations shore up their network defenses, cybercriminals devise new and innovative ways to up the cyber attack ante. That's actually the rationale behind malware crypting - the process of making malicious programs, apps, and files appear harmless to anti-malware and intrusion detection solutions.
The first time the BlackCat ransomware gang breached Reddit's network last February, they phished an employee to hack into the target network. This time, according to a ReversingLabs detailed report, they successfully dropped BlackCat onto the company's systems and threatened to release its data if it fails to pay the ransom.
The beginning of the month of June, according to CleanINTERNET, marked the emergence of several zero-day attacks targeting vulnerable MOVEit servers to exfiltrate confidential data. MOVEit Transfer is a managed file transfer software that supports file and data exchange.
On 12 June, the DFIR Report published an in-depth analysis of a Truebot intrusion that began with several page redirects via a Traffic Distribution System (TDS) and ended with dropping a Master Boot Record (MBR) killer wiper onto a victim's computer. The result?
Google's announcement of the launch of the .zip ngTLD was met by a lot of debate. Many believe threat actors could abuse the ngTLD for phishing and other malicious campaigns, primarily since it could be easily confused with the .zip file extension.
ReliaQuest named LockBit one of the most effective and undoubtedly most prolific currently active ransomware groups today. In fact, the malware topped their latest ransomware quarterly list for the first three months of 2023, a continuation of their 2022 observation.
Threat actors are quite adept at changing tactics once the cybersecurity community or law enforcement catches up to them. That is evident in the recent resurgence of malvertising though no longer through users' browsers as in the past.