Phishing Archives - Securezoo

Royal Ransomware uses a unique “partial encryption approach” to evade detection

Cybersecurity Attacks, Malware, Phishing, Ransomware / Frank Crast / March 3, 2023 / CISA, Cobalt Strike, encryption, FBI, Ransomware, RMM, Royal, SysInternals, Zeon

CISA and FBI have published a joint cybersecurity alert on Royal ransomware used in recent cyberattacks as recently as January 2023. The ransomware uses a unique “partial encryption approach” to evade detection.

Royal Ransomware uses a unique “partial encryption approach” to evade detection Read More »

Meddler-in-the-Middle phishing attacks break MFA

Cybersecurity Attacks, Phishing, Social Engineering / Frank Crast / December 22, 2022 / 2FA, MFA, MITM

Security researchers have discovered “meddler-in-the-middle” (MitM) phishing attacks that can break multi-factor authentication (MFA) controls.

Meddler-in-the-Middle phishing attacks break MFA Read More »

Researchers warn shoppers to beware of Black Friday hacker scams

Messaging Security, Phishing, Social Engineering / Frank Crast / November 20, 2022 / Black Friday, Check Point, Cyberscam, phishing

Researchers from Check Point Research are warning shoppers to beware of Black Friday hacker “holiday special” scams.

Researchers warn shoppers to beware of Black Friday hacker scams Read More »

Attackers exploit open redirect vulnerability on Amex and Snapchat sites

Cybersecurity Attacks, Phishing, Vulnerabilities & Exploits / Frank Crast / August 16, 2022 / Amex, Cybersecurity Threat Center, Docusign, FedEx, Google Workspace, INKY, Microsoft, Microsoft 365, phishing, redirect, Snapchat

Attackers have been exploiting a well-known open redirect vulnerability on American Express and Snapchat sites to phish for victim’s personal data.

Attackers exploit open redirect vulnerability on Amex and Snapchat sites Read More »

Interpol operation “First Light 2022” leads to thousands of arrests of social engineering scammers worldwide

Cybercrime, Fraud, Phishing, Social Engineering / Frank Crast / June 17, 2022 / Cybercrime, Cybersecurity Threat Center, First Light 2022, Interpol, phishing, Ponzi, scammer, social engineering

Interpol has arrested thousands and seized millions of US dollars from social engineering scammers worldwide involved in telecommunication fraud, business mail compromise (BEC) and associated money laundering.

Interpol operation “First Light 2022” leads to thousands of arrests of social engineering scammers worldwide Read More »

FBI: Beware of cybercriminal SIM swap schemes

Cybersecurity Attacks, Phishing / Frank Crast / February 11, 2022 / FBI, IC3, mobile, SIM, SIM swap, SMS

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert for Subscriber Identity Module (SIM) swap schemes used by cybercriminals to steal millions from US victims.

FBI: Beware of cybercriminal SIM swap schemes Read More »

Cisco Talos team discovers malicious campaign delivering Nanocore, Netwire and Async RATs

Malware, Phishing / Frank Crast / January 17, 2022 / Async, Cisco, Nanocore, Netwire, RAT, Talos

The Cisco Talos cybersecurity team discovered a malicious campaign delivering variants of Nanocore, Netwire and Async RATs targeting user’s information.

Cisco Talos team discovers malicious campaign delivering Nanocore, Netwire and Async RATs Read More »

FBI warns of increasing ransomware attacks against the Food and Agriculture sector

Malware, Phishing, Security Monitoring / Frank Crast / September 4, 2021 / FBI, JBS, meat producer, OnePercent, Ransomware, REvil, Sodinokibi

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert warning of increasing ransomware attacks against the Food and Agriculture sector.

FBI warns of increasing ransomware attacks against the Food and Agriculture sector Read More »

Justice Department seizes domains used in Nobelium spear-phishing attacks

Cybersecurity Attacks, Messaging Security, Phishing / Frank Crast / June 2, 2021 / C2, DOJ, Microsoft, MSTIC, Nobelium, phishing, Spearphishing, U.S Department of Justice, USAID

The U.S. Justice Department has announced the seizure of domains used in Nobelium spear-phishing attacks previously identified by Microsoft last week.

Justice Department seizes domains used in Nobelium spear-phishing attacks Read More »

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’

Cybersecurity Attacks, Malware, Messaging Security, Phishing / Frank Crast / May 28, 2021 / Constant Contact, email, GoldMax, Microsoft, MSTIC, phishing, SolarWinds, Sunburst, Teardrop

The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’ Read More »