A sophisticated multi-stage fraud campaign has been identified, where scammers impersonate government officials to deceive primarily female consumers into revealing their credit card details through remote access software.
Sophisticated phishing campaigns are exploiting legitimate features of Microsoft 365 to compromise PayPal accounts, allowing attackers to gain unauthorized access to users’ financial information.
The Gayfemboy botnet, identified by Qi’anxin XLab in February 2024, is a sophisticated DDoS attack network exploiting over 20 vulnerabilities, including zero-day flaws, and has been actively targeting various sectors worldwide with significant traffic.
In October 2024, Casio experienced a significant ransomware attack by the Underground group, compromising personal data of employees, business partners, and a small number of customers, while highlighting vulnerabilities in its cybersecurity measures.
A sophisticated phishing scam has been identified that targets PayPal users by exploiting a loophole in the platform’s system and utilizing Microsoft 365 tools to deceive victims into revealing their financial information.
In 2024, enterprises experienced a 190% increase in phishing success rates, primarily targeting cloud applications and leveraging generative AI, with nearly 8.4 clicks per 1,000 workers.
A significant cybersecurity breach at the US Treasury Department, attributed to a Chinese state-sponsored APT group, involved the exploitation of vulnerabilities in a cloud service, leading to unauthorized access to sensitive information.
The UK government, led by Prime Minister Keir Starmer, is set to criminalize the creation and sharing of sexually explicit deepfake images as part of a broader strategy to combat online abuse, particularly affecting women and girls.
Moxa has identified critical vulnerabilities in its industrial networking devices, including hard-coded credentials and OS command injection issues, requiring immediate action from users to mitigate potential security risks.
PhishWP is a dangerous WordPress plugin that enables cybercriminals to design counterfeit payment interfaces, primarily targeting sensitive financial information from unsuspecting users.
