Researchers at SentinelLabs have uncovered a new, modular malware toolkit called “AlienFox.” Cybercriminals use AlienFox to breach email and web hosting services. It compromises misconfigured hosts on cloud platforms and takes sensitive data. You can often find this new toolkit in Telegram groups. Researchers call AlienFox a “Swiss Army knife” toolkit because of its versatility….
The Internet of Things (IoT) is a growing network of devices connected to the internet and each other. These include smart tools, security devices, wearables, and appliances. These devices make people’s lives easier and more convenient. But they can also come with security risks that put businesses in danger. Cyberattacks on IoT devices are increasing,…
Scammers will use anything to target businesses, including tax forms. A new phishing campaign is spreading a malicious program disguised as documents from the IRS. With the tax season in full swing soon, business owners must take extra precautions to protect sensitive company data. Emotet Phishing Campaign Targets Taxpayers Emotet is one of the most…
Recently, there was a rise in cybercrimes related to the closing of Silicon Valley Bank (SVB). Threat actors go after businesses and sometimes use them in their illegal activities. SVB was the 16th largest bank in the U.S. The bank worked with tech giants like Buzzfeed, Roblox, and Roku. However, global inflation and a deposit…
Callback phishing scams are one of the worst cyberattacks you can encounter. It is devastating to experience on a personal level. But it is even more disastrous if it happens to your organization. To help you, here is a guide covering how callback phishing works and the steps you should take to address it. How…
Reddit, a popular social news site, disclosed that it was hacked on Sunday night (pacific time). The company announced on February 9th in a posting that they first became aware of the incident that happened on February 5th. It refers to it as “sophisticated phishing” targeting Reddit employees. According to the CEO, the unidentified persons…
Hackers are baiting their victims with stolen financial data in a clever phishing scheme. Over 400,000 data points, including identity numbers, names, phone numbers, and payment records, are used to persuade consumers to click on a malicious link. This link downloads a potent virus called BitRAT that can steal passwords, spy on users, and install…
LastPass, a popular password manager, announced that an unauthorized party accessed the company’s archived backups of its production data on a third-party cloud-based storage service. According to the company’s investigation, a threat actor accessed the cloud storage environment in August 2022 with information obtained from an earlier incident. Although the threat actor did not access…