How to Protect Your Organization From Callback Phishing

Callback phishing scams are one of the worst cyberattacks you can encounter. It is devastating to experience on a personal level. But it is even more disastrous if it happens to your organization. To help you, here is a guide covering how callback phishing works and the steps you should …

Reddit Cybersecurity Incident

Reddit, a popular social news site, disclosed that it was hacked on Sunday night (pacific time). The company announced on February 9th in a posting that they first became aware of the incident that happened on February 5th. It refers to it as “sophisticated phishing” targeting Reddit employees. According to …

Stolen Financial Data Used as Bait in New Phishing Scheme

Hackers are baiting their victims with stolen financial data in a clever phishing scheme. Over 400,000 data points, including identity numbers, names, phone numbers, and payment records, are used to persuade consumers to click on a malicious link. This link downloads a potent virus called BitRAT that can steal passwords, …

New Phishing Scheme Using Fake Copyright Infringement Notices

A new phishing campaign targeting Facebook users has been identified by cybersecurity firm Trustwave. In this campaign, hackers use fake copyright infringement notices to trick users into giving away their account details. The phishing messages claim that Facebook will delete the user’s account within 48 hours unless they fill out …

LastPass Security Breach: Encrypted Passwords at Risk

LastPass, a popular password manager, announced that an unauthorized party accessed the company’s archived backups of its production data on a third-party cloud-based storage service. According to the company’s investigation, a threat actor accessed the cloud storage environment in August 2022 with information obtained from an earlier incident. Although the …

Scammers Impersonating Refund Payment Portals

The FBI warns about scammers pretending to be refund payment gateways from financial institutions to steal sensitive information from unsuspecting victims. The federal law enforcement agency stated that scammers deceive victims into granting them access to their computers via email or phone calls by posing as representatives of technical or …

Twitter’s Data Leak Exposes Over 5.4 Million Users

Earlier this year, Twitter confirmed that an API vulnerability had caused a massive data leak containing non-public information for over 5.4 million Twitter users. Twitter denied claims that hackers had leaked the private information priorly. However, Pompompurin, the owner of the hacking forum Breached, stated they were responsible for exploiting …

Phishing-as-a-Service on the Rise with Caffeine

Threat actors may now launch their own sophisticated assaults thanks to the emergence of Phishing as a Service (PhaaS) platforms like “Caffeine.” Through an open registration procedure, anyone who wishes to launch their phishing campaign can sign up on these platforms. Security experts at Mandiant discovered the first sighting of …