Hackers Using Domain Shadowing to Host Malicious Websites
Cybercriminals are increasingly using domain shadowing, a form of domain name system (DNS) hijacking, according to a new report from Palo Alto Networks Unit 42. Domain shadowing is…
Category: Threat Intelligence Alerts
Latest threats and guidance from the cyber and fraud world
Increase in Credential Stuffing Attacks
Multi-Factor authentication provider Okta has identified a considerable increase in credential stuffing attacks on their users in their 2022 State of Secure Identity Report. In the first 90…
Phishing Campaigns Using Death of Queen Elizabeth II to Steal Microsoft Credentials
Description: Cyber security firm Proofpoint has identified a phishing campaign that uses the death of Queen Elizabeth II as a lure. Their threat insight team revealed that threat actors had created…
Ransomware Threat Actor Hacks into Corporate Network Through Mitel Phone System
Researchers at Artic Wolf Labs have published a report detailing that a threat actor has hacked a corporate phone system, Mitel’s MiVoice Business, to gain access to an…
New Phishing-As-A-Service Platform ‘EvilProxy’ Lets Hackers Bypass Multi-Factor Authentication
Researchers at a cyber security firm Resecurity have released a report outlining a new Phishing-as-a-service (PhaaS) platform advertised on the dark web. Named EvilProxy, the service allows…
Malware Disguised as Google Translate App Delays Crypto Mining Software Download to Avoid Detection
Researchers at Check Point Research have uncovered malware disguised as multiple legitimate apps, including Google Translate and YouTube Music for Desktop. If downloaded, the malware waits for…
Business Executives Targeted in Spear Phishing Attack that Bypasses Microsoft 365 2FA.
Researchers at Mitiga, a cyber security incident response company, have uncovered threat actors targeting senior leaders, such as CEOs and CFOs, with specially crafted spear…
Threat Actors Using Legitimate Software-As-A-Service Platforms to Create Malicious Phishing Websites
Description: The number of phishing attacks using legitimate software-as-a-service (SaaS) platforms has risen by 1100% since June 2021, according to a report published by Palo Alto Networks…
Exploit Released Targeting Flaw in Thousands of Realtek Networking Devices
Affected Systems: Networking devices containing Realtek’s RTL819x system on a chip. Description: Researchers from Faraday Security, a cyber security company based in Argentina, have released exploit…