Phishing

A recently discovered email scheme reportedly deployed by a hacking group called ChaosCC claims to have hijacked recipients’ computers and recorded videos of them while watching adult content.

Contrary to their moniker, the Silence cybercriminal group has reported to be actively targeting banks and financial institutions in more than 30 countries, managing to steal US$4.2 million from June 2016 to August 2019.

Researchers observed APT group Cloud Atlas with a new malware campaign, combining modular and polymorphic routines for evasion and persistence.

Credential phishing continues to be a bane for organizations. In the first half of 2019, the Trend Micro™️ Cloud App Security™️ solution caught 2.4 million attacks of this type — a 59% increase from 1.5 million in the second half of 2018.

In a new phishing campaign, audio recordings purportedly shared via OneNote were used as a lure to lead email recipients to a fake Microsoft login page that steals user account credentials.

A report from Anti-Phishing Working Group reveals that 58% of all phishing websites now use the HTTPS protocol.

Phishing schemes and rogue mobile applications continued to be heavily used by cybercriminals to defraud users and organizations in the first quarter of 2019, according to new report.

Iframe found in checkout page of Magento-powered shopping websites steals customers’ debit and credit card information via phishing.

Cybercriminal group ScarCruft has recently developed Bluetooth device-harvesting malware that collects Bluetooth device information such as names, device addresses, device types, as well as connection and authentication information.