Serious punishment for Eskom "traitor" explained - Hypertext
A woman who defrauded Eskom in 2020 has been handed a serious, if not confusing sentence by a criminal court in Middelburg.| Hypertext
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) (Dutch DPA) recently published a report on personal data breaches, which provides valuable insights into the Dutch DPA’s views on incident response. It also contains some helpful statistics. Increase in follow-up action by the Dutch DPA It is clear from the report that the Dutch DPA is still... Continue Reading| Data Protection Report
A woman who defrauded Eskom in 2020 has been handed a serious, if not confusing sentence by a criminal court in Middelburg.| Hypertext
Healthcare Faces Growing Cyber Threats| CySecurity News - Latest Information Security and Hacking Incidents
ScamAgent study reveals how AI agents simulate scam calls, bypass safety guardrails, adapt across conversations, exploit text-to-speech.| Help Net Security
85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023.| Help Net Security
In its latest security alert, the team behind Drupal reported finding a set of severe vulnerabilities in a third-party library.... The post <strong>High-Risk Vulnerability in Third-Party Service Allows Take Control of Drupal Websites</strong> appeared first on IICS.| IICS
ReliaQuest has published a report on the cybercriminal recruitment ecosystem, finding that fluent English speakers with social engineering skills are highly sought-after.| KnowBe4 Security Awareness Training Blog
| KnowBe4 Security Awareness Training Blog
Below is an example of a sophisticated survey scam phishing email that KnowBe4’s Threat Lab team has been monitoring as discussed in “The Hidden Cost of "Free" Gifts: How Survey Scams Are Evolving to Steal Financial Data”.| KnowBe4 Security Awareness Training Blog
Jeden Tag attackieren Hacker deutsche Firmen und Behörden. Die Regierung kündigt ein härteres Vorgehen dagegen an.| CIO DE
An investigation uncovers India’s black market for bank accounts, exposing systemic lapses exploited by cybercriminals for scams.| CySecurity News - Latest Information Security and Hacking Incidents
Cybercrime supergroup feared to be using sophisticated social engineering techniques in joint attacks against big-name victims.| Machine
Investigators find that crooks offer consumer-style hack'n'mix bundles that package access with privilege or other treats.| Machine
Scopri 5 modi in cui AI e ML stanno trasformando il backup aziendale, migliorando sicurezza, efficienza e ripristino.| AI4Business
Ransomware has always been the cybercriminal’s blunt instrument, but in 2025 it has morphed into something even more alarming: a polished subscription business. On hidden Tor and I2P marketplaces, "vendors" offer fully managed extortion campaigns complete with user manuals, dashboards, and 24-hour "support." For a few hundred dollars or a percentage of whatever the victim pays, anyone who can copy-and-paste a PowerShell string can now unleash enterprise-grade malware. That ease of entry has...| AllBusiness.com
Muddled Libra gets media attention due to its consistent playbook and unique use of vishing. The group's English fluency is another major factor. The post Muddled Libra: Why Are We So Obsessed With You? appeared first on Unit 42.| Unit 42
A comprehensive list of threat actor groups tracked by Unit 42, along with information such as summaries and industries typically impacted. The post Threat Actor Groups Tracked by Palo Alto Networks Unit 42 (Updated Aug. 1, 2025) appeared first on Unit 42.| Unit 42
Peel back the layers on Unit 42's Attribution Framework. We offer a rare inside view into the system used to ultimately assign attribution to threat groups. The post Introducing Unit 42’s Attribution Framework appeared first on Unit 42.| Unit 42
A report indicates that more than 8% of borrowers will be using these financing structures by 2025.| CySecurity News - Latest Information Security and Hacking Incidents
CyberheistNews Vol 15 #32 How Hackers Exploit Microsoft Teams in Social Engineering Attacks| blog.knowbe4.com
Cybersecurity incidents nearly tripled in the first half of 2025, jumping from 6% in the second half of 2024 to 17% in 2025, according to a new report....| blog.knowbe4.com
ClickFix attacks have been around for decades; only the name is new.| blog.knowbe4.com
Researchers have witnessed an increase in ransomware attacks occurring when criminals know IT staff won’t be around, mostly night time.| Help Net Security
Major regional and global events – such as military exercises, political or economic summits, and elections – drove cyber threat activities.| Help Net Security
In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense.| Help Net Security
There has been a 44% increase in organized ID fraud in North America. This upsurge is believed to be driven by the ongoing economic recovery.| Help Net Security
AI advancements give malicious groups access to tools that will allow them to create more elaborate social engineering attacks in the future.| Help Net Security
Infostealer malware remains widely available to buy through underground forums, while Russian Market remains the top seller.| Help Net Security
Across all BEC attacks seen over the past year, 57% relied on language as the main attack vector to get BEC attacks in front of employees.| Help Net Security
With growing AI app usage, employees are more likely to expose sensitive data like credentials or personal information.| Help Net Security
In this article, you will find excerpts from various reports that offer statistics and insights about the current phishing landscape.| Help Net Security
Businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased.| Help Net Security
There has been an increase in the volume of DDoS attacks over the last two years, and in H1 of 2023, we see a capacity of about 800 Gbps.| Help Net Security
Digitalization has evolved into a systemic risk for organizations, so cyber insurance needs to better prepare them to manage it.| Help Net Security
The ransomware activity in Q1 of 2024 continues the substantial growth pattern that we saw develop over the course of 2023.| Help Net Security
Russian Dmitry Khoroshev is "LockBitSupp", the creator, developer and administator of the infamous LockBit ransomware group.| Help Net Security
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide threat.| Help Net Security
Companies using Google Workspace experienced a 25% risk reduction for FTF or BEC claims and a 10% risk reduction for ransomware claims.| Help Net Security
Lawbreaking language models lower the barrier of entry for unskilled crooks and make it frighteningly easy to launch crime campaigns.| Machine
Safepay gang says 3.5TB of oh, dearstolen data will be released if Ingram doesn't capitulate.| CSO Online
Avast has released a free decryptor for the AI-powered FunkSec ransomware, allowing victims to recover files after the notorious group was declared defunct.| WinBuzzer
A total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype's Open Source Malware Index.| Help Net Security
49% of security professionals say their company leaders possess a high level of understanding for exposure management.| Help Net Security
Ransomware attacks are disrupting and undermining business operations and draining revenue streams, according to Illumio.| Help Net Security
US charges Rostislav Panev, 51, a dual Russian and Israeli national, for being a developer for the LockBit ransomware group.| Help Net Security
From defending against phishing to safeguarding personal apps and managing GenAI, data security is no longer just a perimeter defense.| Help Net Security
The incoming government hands over the Federal Ministry of the Interior to the Conservatives. The coalition agreement proclaims a ‘turning point’ in internal security. Stricter surveillance measures and laws are planned. With the new coalition agreement published on Wednesday, the German Social Democrats will lose the Federal Ministry of the Interior – it will once […] Der Beitrag Grand control coalition: German conservatives and social democrats call for ‘zero tolerance’ on inter...| Matthias Monroy
Russians and North Koreans contributed to the scheme to provide illegal remote IT workers to US companies to fund the North Korean regime.| CSO Online
An improved version of the Darcula PhaaS platform will allow malicious users to create customized phishing kits to target any brand.| Help Net Security
The UK Parliament’s Intelligence & Security Committee found “Russia has sought to employ organised crime groups to supplement its cyber skills” This is pivotal, as it makes attribution much, much harder. Using crime groups, or just co-opting their tools and software, makes it easier for states such as Russia to hide their cyber activities. It’s…| Geoff White
It could well be coronavirus is hurting cybercrime as much as it's helping it.| Geoff White
The Cambridge Cybercrime Centre‘s eight one day conference on cybercrime was held on Monday, 23rd June 2025, which marked 10 years of the Centre.| Light Blue Touchpaper
This overview of 2024 phishing trends examines the impact of AI and deepfake advancements on social engineering methods.| Help Net Security
TL;DR In 2025, UK cyber attacks have intensified dramatically and we have seen a wave of high-profile cyber attacks in the UK. From M&S and Co-op to platforms like Mailchimp and HubSpot, major businesses have been hit by phishing, supply chain compromise, and social engineering. This article outlines the top incidents so far, how attackers ... The post Major Cyber Attacks on UK Businesses in 2025 (So Far) appeared first on Dial A Geek.| Dial A Geek
Three insurance companies have publicly disclosed cyberattacks in the past week. Scattered Spider, an amorphous band of cybercriminals, has been actively targeting the sector.| CyberScoop
A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI and Mistral, according to Cato Networks.| CyberScoop
Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant.| CyberScoop
Cryptocurrency theme is a Klondike for various scammers. Here is how to stay away from the possibility of being robbed.| Gridinsoft Blogs
The fall of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape in 2025.| Help Net Security
MFA bypass through session hijacking is now seen as the top emerging threat for organizations hit by ransomware in the past year.| Help Net Security
The number of Cl0p victims resulting from its attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420.| Help Net Security
Scammers are buying up dodgy websites on underground marketplaces to manipulate search rankings and lure victims onto malicious pages.| Machine
Device identification protects your enterprise platform’s revenue and ensures a great user experience for legitimate customers. Learn how!| Arkose Labs
11 Ways Cybercriminals are Making Phishing More Potent Than Ever Article Link: https://www.csoonline.com/article/3850783/11-ways-cybercriminals-are-making-phishing-more-potent-than-ever.html Infosec Pro Troy Hunt HasBeenPwned in Mailchimp Phish Article Link: https://www.theregister.com/2025/03/25/troy_hunt_mailchimp_phish/ How CASB Security Protects Your School District Article Link: https://securityboulevard.com/2025/03/how-casb-security-protects-your-school-district/ TechRepublic Exclusive:...| Project Hyphae
This report explores current trends in the AitM phishing landscape and the prevalence of leading kits. La publication suivante Global analysis of Adversary-in-the-Middle phishing threats est un article de Sekoia.io Blog.| Sekoia.io Blog
Do you know 40% of All Incoming emails Pose a Potential Cybersecurity Threat? Well, that percentage is a bit of a surprise for me. Let's look new| How to Manage Devices Community Blog Modern Device Management Guides
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
If you are are a victim of unauthorised mailbox access and/or attempted fraud via mailbox compromise (BEC) then you know … Continue reading Business Email Compromise: Impact Assessment| PwnDefend
Discover how AI voice hijacking scams target businesses and learn key strategies to protect against this rising security threat.| Help Net Security
Polymorphic phishing attacks rely on dynamic changes to the appearance and structure of malicious emails or links.| Help Net Security
AI impersonation is now the hardest vector for cybersecurity professionals to protect companies against, according to Teleport.| Help Net Security
On May 28, 2025, India’s Central Bureau of Investigation (CBI), the country’s federal police service, executed raids at 19 locations across India to dismantle cyber-enabled financial fraud networks, including tech support fraud schemes. This operation, which disrupted a malicious enterprise impersonating Microsoft and targeting older adults in Japan, resulted in the arrest of six key... The post Cross-border collaboration: International law enforcement and Microsoft dismantle transnationa...| Microsoft On the Issues
Authorities said they froze and seized the allegedly illegally obtained funds when North Korean nationals attempted to launder money linked to the long-running conspiracy.| CyberScoop
The cybercrime marketplace was used by more than 117,000 customers and trafficked more than 15 million credit card numbers since March 2022, the Justice Department said.| CyberScoop
Google Threat Intelligence Group said about 20 organizations have been hit by a cybercrime group it tracks as UNC6040.| CyberScoop
Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.| CyberScoop
AI improves phishing defense by spotting unusual behaviors and subtle threats early, helping security teams respond faster.| Help Net Security
Chinese hackers used the CoGUI phishing kit to send over 580 million scam emails to Japanese users in early 2025, impersonating brands like Amazon and PayPal.| eSecurity Planet
Ok with my AI companion GROK I’ve gone exploring on the differences between Japan’s new cyber laws and the UK! … Continue reading Japan goes on the Cyber Offensive| PwnDefend
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly.| Help Net Security
Consumers are concerned about the risks associated with GenAI and deepfakes, including the potential for online fraud or identity theft.| Help Net Security
As the political landscape heats up during a polarizing election year, so do concerns about deepfake technology.| Help Net Security
While employees have long been trained to avoid clicking on suspicious links, QR codes are an emerging and lesser-known malicious tactic.| Help Net Security
Consumers ranked identity theft (84%) and stolen credit cardinformation (80%) as their top online security concerns.| Help Net Security
2023 saw a surge in the duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal.| Help Net Security
A cyberpunk-styled visualization of the Scattered Spider attack flow, defensive countermeasures, and an interactive checklist with activity log, designed for WordPress compatibility.| PwnDefend
Currently there appears to be a relatively significant cyber security incident at Marks and Spencer. So I thought I would give a demo of using AI (LLM, GROK) to create a timeline:| PwnDefend
When a suspected email mailbox compromise is reported, initiating an investigation promptly is critical. However, to ensure the investigation is effective, certain minimum intelligence requirements must be met. This blog outlines the bare minimum data needed to start investigating a suspected email mailbox compromise, whether the intelligence comes from an internal team or a third-party source.| PwnDefend
Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign. Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign.| Unit 42
Cybercrime is on the rise in Georgia and around the country.| The Georgia Sun
This video talks about social engineering (also known as human hacking), how can it be performed, and how can you fight against it.| Help Net Security
During our daily tracking and analysis routine at Sekoia TDR team (Threat Detection & Research), we have been monitoring an attacker infrastructure internally called “Cloudflare tunnel infrastructure to deliver multiple RATs”. This infrastructure is used by several actors to host malicious files and deliver remote access trojans (RAT). Several security vendors (Forcepoint, Fortinet, Orange, Proofpoint) […] La publication suivante Detecting Multi-Stage Infection Chains Madness est un...| Sekoia.io Blog
ClearFake is a malicious JavaScript framework deployed on compromised websites to deliver malware through the drive-by download technique. When it first emerged in July 2023, the injected code was designed to display a fake web browser download page, tricking users into downloading counterfeit browser updates. By May 20241, ClearFake adopted the new social engineering tactic ClickFix, displaying fake error messages in the web browser and deceiving users into copying and executing a given mali...| Sekoia.io Blog
Сybercrime has been growing, and hackers are invading your systems and networks to steal data, install malware, and more. So why do these individuals commit attacks in cyberspace? The way to gain a better understanding of the mindset of different types of hackers is to be able to better protect your| Retail Technology Innovation Hub
Matthijs van Amelsfort is directeur van het NCSC. Ruimte geven aan vakmensen kenmerkt zijn leiderschapsstijl. “Houd het oog op de bal en vooral op het team.”| Digitale Overheid
Delve into Finance-related cyber threats in 2024. Our report highlights major actors and tactics impacting the financial sector.| Sekoia.io Blog
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
A commendable attack data dump, lightly analyzed.| That grumpy BSD guy
