LinkedIn Phishing Ramps Up With More-Targeted Attacks
Seeking to take advantage of out-of-work users, malware groups continue to use LinkedIn and business services to offer fictional jobs and deliver infections instead.Phishing attacks are targeting out-of-work users...
Fake Zoom App Dropped by New APT ‘LuminousMoth’
First comes spear-phishing, next download of malicious DLLs that spread to removable USBs, dropping Cobalt Strike Beacon, and then, sometimes, a fake Zoom app.
Researchers have spotted a...
Thousands of Humana customers have their medical data leaked online by threat actors
An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum.The author of the...
OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting
Authored by Martin Heiland
Open-Xchange OX App Suite, OX Guard, and OX Documents suffer from server-side request forgery and cross site scripting vulnerabilities. Some of these issues only affect version...
Lewd Phishing Lures Aimed at Business Explode
Socially engineered BEC attacks using X-rated material spike 974 percent.
Attackers have amped up their use of X-rated phishing lures in business email compromise (BEC) attacks. A new report found...
Phishing Campaign Leverages WOFF Obfuscation and Telegram Channels for Communication
FireEye Email Security recently encountered various phishing campaigns, mostly in the Americas and Europe, using source code obfuscation with compromised or bad domains. These domains were masquerading as authentic...
