28 matches found
New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams
Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication and steal files from cloud environments...
Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’
A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters " has dominated headlines this year by regularly stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technical...
ShinyHunters Wage Broad Corporate Extortion Spree
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed...
No we didn’t warn all Gmail users about imminent digital doom, says Google
Cybersecurity publications are rife with headlines about breaches and threats, but sometimes things aren't always what they seem. In fact sometimes they're plain wrong remember toothbrushgate? This week, Google highlighted another story that it said was fake - and this one was about its own...
Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale
Paris, France, 13th June 2025, CyberNewsWire...
Deepfake Defense in the Age of AI
The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage large language models LLMs to impersonate trusted individuals and automate these social engineering tactics at scale. Let's review the status of these rising attacks, what's fueling...
The Growing Threat of Vishing: How Cybercriminals Are Using Multimedia to Target You
The Growing Threat of Vishing: How Cybercriminals Are Using Multimedia to Target You By Mark Joseph Marti and Sandra Pagkaliwagan · May 8, 2025 Introduction Imagine being hacked through a phone call, and you can't even complain because you were the one who provided your sensitive information or...
A Day in the Life of a Prolific Voice Phishing Crew
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate...
INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million
A global law enforcement operation has led to the arrest of more than 5,500 suspects involved in financial crimes and the seizure of more than $400 million in virtual assets and government-backed currencies. The coordinated exercise saw the participation of authorities from 40 countries,...
Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments
Threat actors are increasingly banking on a new technique that leverages near-field communication NFC to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such a...
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users
A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that's designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on SSO pages, the...
3,500 Arrested in Global Operation HAECHI-IV Targeting Financial Criminals
A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries. The exercise, which took place from July through December 2023, took aim at various types of financial crimes such as...
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of the 32-year-old...
Google Account Sync Vulnerability Exploited to Steal $15M
By Habiba Rashid According to reports, a Google Account Sync vulnerability was exploited to carry out a voice phishing scam that led to the theft of $15 million from Fortress Trust. This is a post from HackRead.com Read the original post: Google Account Sync Vulnerability Exploited to Steal $15M...
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...
Interpol Seized $130 Million from Cybercriminals in Global "HAECHI-III" Crackdown Operation
Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in th...
Cisco Talos shares insights related to recent cyber attack on Cisco
Update History Date | Description of Updates ---|--- Aug. 10th 2022| Adding clarifying details on activity involving active directory. Aug. 10th 2022| Update made to the Cisco Response and Recommendations section related to MFA. Executive summary On May 24, 2022, Cisco became aware of a potential...
SMS About Bank Fraud as a Pretext for Voice Phishing
Most of us have probably heard the term "smishing" -- which is a portmanteau for traditional phishing scams sent through SMS text messages. Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. But increasingly, phishers are turnin...
Two Charged in SIM Swapping, Vishing Scams
Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account...
A week in security (August 17 – 23)
Last week on Malwarebytes Labs, we looked at the impact of COVID-19 on healthcare cybersecurity, dug into some pandemic stats in terms of how workforces coped with going remote, and served up a crash course on malware detection. Our most recent Lock and Code podcast explored the safety of parenta...