Data Breach Today

DECEMBER 21, 2023

Also: Hackers Scrooge The North Face Holiday Shipments This week, MongoDB blamed a phishing email for causing unauthorized access to its corporate environment, hackers interrupted VF Corp.

Phishing 310

Phishing Access IT 310

Krebs on Security

MAY 26, 2023

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta , which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.

Phishing 245

Phishing Mining IT 245

Data Breach Today

JANUARY 11, 2024

Also: Bitcoin ETP, Gamma and dYdX Attacks, 2023 Hack Stats This week, hackers ran crypto phishing scams on X accounts, the SEC approved bitcoin ETP, hackers stole $3.4

Phishing 284

Phishing IT 284

Data Breach Today

SEPTEMBER 11, 2023

Vectors Includes Teams Phishing and Malvertising Advertising on Russian-language criminal forums is paying off for the author of the DarkGate malware as reflected by a spike in infections, including an unusual phishing campaign on Microsoft Teams to deliver the loader through HR-themed social engineering chat messages.

Phishing 256

Phishing 256

Data Breach Today

JULY 14, 2022

Attackers Targeted More Than 10,000 Organizations Since Last September Attackers used a phishing campaign to direct unwitting Microsoft business email customers into supplying logon credentials to a proxy server. From there, they emailed corporate vendors to obtain financial data.

Phishing 361

Phishing Access 361

Data Breach Today

AUGUST 8, 2022

Reset Your Password' SMS Messages Tricked Customer Engagement Platform Employees Twilio, which runs a customer engagement platform used by thousands of businesses, says that its employees were tricked via SMS phishing messages into giving attackers their login credentials, resulting in the theft of information on customers, as well as their customers (..)

Phishing 260

Phishing Data breaches Passwords IT 260

Data Breach Today

SEPTEMBER 5, 2023

Energy Facility Impeded Attack by Blocking the Launch of the Windows Script Host Ukrainian cyber defenders say Russian military hackers targeted a critical energy infrastructure facility with phishing emails containing a malicious script leading to cyberespionage.

Phishing 292

Phishing Military 292

Data Breach Today

DECEMBER 7, 2023

Incident That Affected 35,000 Urgent Care Clinic Patients Results in $480K Fine Weeks after the Department of Health and Human Services announced its first HIPAA enforcement action in a ransomware breach, federal regulators have reached another milestone: a $480,000 settlement in a HIPAA case centered for the first time ever on a phishing attack.

Phishing 293

Phishing Ransomware IT 293

Data Breach Today

JUNE 1, 2021

Unauthorized Access and Malware Also Among Top Causes, UK Privacy Watchdog Reports Phishing, ransomware and unauthorized access continue to be the leading cyber causes of violations of data protection rules and personal data breaches, Britain's privacy watchdog reports.

Data breaches 208

Data breaches Phishing Ransomware Personal data 208

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US This is noteworthy because.US is overseen by the U.S.

Phishing 219

Phishing Government Compliance Communications 219

Data Breach Today

SEPTEMBER 6, 2023

Phishing Platform Automates Big Business Email Compromise Attacks, Researchers Find A sophisticated phishing toolkit called W3LL Panel has been used to exploit at least 8,000 endpoints since the middle of last year to perpetrate costly business email compromise schemes, Group-IB reports.

Phishing 275

Phishing 275

Data Breach Today

AUGUST 27, 2021

Meanwhile, Breaches Involving Military Secrets and CCTV Footage Beset UK Government Phishing, ransomware and unauthorized access remain the leading causes of personal data breaches as well as violations of data protection rules, Britain's privacy watchdog reports.

Data breaches 190

Data breaches Phishing Ransomware Military 190

Data Breach Today

AUGUST 9, 2023

Authorities In Multiple Countries Arrest Operators of 16Shop An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. The site, 16shop, sold phishing kits that targeted more than 70,000 people in 43 countries.

Phishing 244

Phishing Security 244

Data Breach Today

AUGUST 10, 2023

Authorities in Multiple Countries Arrest Operators of 16shop An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. The site, 16shop, sold phishing kits that targeted more than 70,000 people in 43 countries.

Phishing 240

Phishing Security 240

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 185

Phishing Passwords Insurance Sales 185

Data Breach Today

JANUARY 18, 2024

Also: FBI Warning About Androxgh0st; eBay Pays a $3 Million Fine for Cyberstalking This week, Microsoft expanded plans to store EU citizens' data locally, shipping-themed phishing spam is a threat, the British Library overcame a ransomware setback, the FBI warned of Androxgh0st malware, Remcos RAT targeted South Korea, and eBay was fined $3 million (..)

Libraries 303

Libraries Phishing Ransomware 303

KnowBe4

APRIL 23, 2024

New data shows phishing attacks are deviating from the traditional focus on technology and retail sectors and are opting for alternate brands with widespread appeal.

Phishing 102

Phishing Retail Security awareness Security 102

Data Breach Today

AUGUST 12, 2022

Scam Uses 'Secure Message' Theme and Trojan to Harvest Credentials A "secure message-themed" phishing campaign targeting healthcare providers aims to lure recipients to an Evernote notepad website in an attempt by hackers to harvest security credentials, federal authorities warn, saying the scheme puts entities at risk for potential data security compromises. (..)

Phishing 283

Phishing Risk Security 283

Data Breach Today

APRIL 19, 2023

Russia's Invasion Tactics Include Creating Fake Hacktivist Groups, Researchers Find The Russian government continues to use an array of phishing attacks and information operations - including hack-and-leak efforts and running hacktivist groups such as CyberArmyofRussia - to support its illegal invasion of Ukraine, Google researchers report.

Phishing 268

Phishing Government IT 268

Data Breach Today

MARCH 24, 2021

Incident Raises Cybersecurity Questions, Experts Say A phishing attack that targeted a unit of the California State Controller’s Office, exposing Social Security numbers and other sensitive information, should raise questions about the type of security deployed by the agency and prompt a fresh examination of its cybersecurity plans, some security experts (..)

Phishing 267

Phishing Cybersecurity Security IT 267

Data Breach Today

JULY 14, 2023

State-Linked Spear-Phishing Campaign Targeting Government, Military Personnel Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans.

Phishing 225

Phishing Military Government Access 225

Krebs on Security

AUGUST 9, 2021

com ,” wrote “ Mitch ,” confusing me with the proprietor of perhaps the underground’s largest bazaar for stolen credit and identity data. The hacked BriansClub database had an estimated collective street value of $566 million , and that data was subsequently shared with thousands of financial institutions.

Phishing 349

Phishing Blockchain IT Marketing 349

Data Breach Today

AUGUST 18, 2023

Targets Include Small and Medium Businesses and Government Agencies Threat actors are on a phishing spree targeting users of Zimbra Collaboration email suite, in particular small and medium businesses and government agencies.

Phishing 234

Phishing Government Security IT 234

Data Breach Today

JUNE 22, 2022

Belgian and Dutch Police Arrest 9 Suspects Over Theft of 'Millions of Euros' Belgian and Dutch police with the support of Europol dismantled an organized crime gang involved in carrying out phishing, money laundering and other scams. Nine suspects are in detention after stealing several million euros, authorities say.

Phishing 301

Phishing 301

Data Breach Today

MARCH 4, 2023

Attackers Exploit Economic Downturn by Deploying Malware in Resumes, ID Attachments Threat actors are exploiting the ongoing economic downturn using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters.

Phishing 261

Phishing 261

Data Breach Today

OCTOBER 26, 2020

Scammers Now Attempting to Steal Banking and Driver's License Information Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.

Phishing 307

Phishing 307

Data Breach Today

AUGUST 28, 2023

FTX, BlockFI and Genesis Claimants at Risk of Phishing Kroll is warning claimants in three major cryptocurrency bankruptcy cases that hackers obtained their personal data after the attacker convinced a mobile carrier to redirect an employee's phone number to their own device. Hackers appear to have already begun a phishing campaign.

Phishing 279

Phishing Personal data Risk 279

Data Breach Today

MARCH 7, 2021

Zscaler Says it Prevented Over 2,500 Phishing Attacks A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zcaler says. The company adds it prevented more than 2,500 phishing emails tied to the campaign.

Phishing 332

Phishing Security IT 332

Data Breach Today

OCTOBER 8, 2022

Phishing Incident Caused Service Disruptions and Delays Australian fruit and vegetable supplier Costa Group says it was subjected to a malicious and sophisticated phishing attack in August that resulted in unauthorized access to its servers.

Phishing 261

Phishing Access Security IT 261

Data Breach Today

AUGUST 10, 2020

Malwarebytes Says Campaign Designed to Steal Banking Credentials Malwarebytes reports that a newly discovered phishing campaign is spoofing a U.S. Small Business Administration loan offer in an attempt to steal banking credentials and other personal data.

Phishing 329

Phishing Personal data 329

Krebs on Security

MARCH 23, 2021

A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. In a “ Notice of Data Breach ” message posted on Saturday, Mar. Source: sco.ca.gov. .

Phishing 270

Phishing Data breaches Access Passwords 270

Krebs on Security

FEBRUARY 1, 2021

Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. ” SMS Bandits offered an SMS phishing (a.k.a. Image: osint.fans. “But on the telecom front they were using fairly sophisticated tactics.”

Phishing 312

Phishing Passwords Marketing IT 312

Data Breach Today

NOVEMBER 23, 2022

But strong authentication can thwart even the most clever phishing campaigns, says Brett Winterford, regional chief security officer for APJ at Okta. Successful account takeovers are one of the most common ways that organizations end up with attackers in their systems.

Authentication 259

Authentication Phishing Security 259

Data Breach Today

AUGUST 27, 2022

Unusual Activity' By Third-Party Service Provider to Blame Food delivery firm DoorDash says its customers and employees have been impacted by the phishing attack on its third-party service provider.

Phishing 257

Phishing IT 257

Data Breach Today

JUNE 20, 2023

Russia is intensifying phishing campaigns againt Ukraine. Russian GRU Hackers Reach for Government Email Inboxes Cybersecurity defenders in Ukraine revealed multiple Russian spearphishing campaigns including an effort by Kremlin military intelligence to penetrate open source email servers used by government agencies.

Phishing 237

Phishing Military Government Cybersecurity 237

Data Breach Today

AUGUST 19, 2022

AWS Domains Used to Send Phishing Emails and Steal Credentials Threat actors are using Amazon Web Services solutions to create phishing pages that bypass security scanners and scam victims into handing over credentials.

Phishing 245

Phishing Security 245

Data Breach Today

JULY 29, 2022

Customers of 'Robin Banks' Platform Have Netted $500,000 Fifty bucks gets cybercriminals access to a phishing-as-a-service platform for campaigns impersonating major brands in the United States and other English-speaking countries.

Phishing 336

Phishing Access 336