Thought Leadership
115,000 e-mails
Security researchers from Check Point have discovered an active phishing campaign that uses Google Classroom as a gateway. Within a week, the attackers sent over 115,000 fraudulent emails.
Study
Researchers have tested the effectiveness of various phishing training courses in a study involving 19,000 test subjects. The result: training courses help less than expected.
New attack technique discovered
Passkeys and FIDO authentication are designed to provide robust protection against phishing attacks. However, researchers have now discovered a critical loophole that can undermine even strong passkey authentication. Attackers can exploit a targeted downgrade technique to force users into using insecure login methods. This risk grows as FIDO adoption
Misuse of the link wrapping function
Cyber criminals are currently using a sophisticated trick to carry out targeted phishing attacks. The method abuses Proofpoint’s link wrapping system and leads unsuspecting users to manipulated Microsoft 365 pages.
Incident response plan necessary
ClickFix is already being used by a number of nation-state actors such as APT 28 and Kimsuky. The distribution of stealer malware such as Lumma Stealer via the social engineering campaign is particularly popular.
Cybersecurity Alert
Cybercriminals are becoming more sophisticated, and one of the most dangerous tactics they use against businesses is spear phishing. Unlike traditional phishing, which involves sending mass emails to random recipients, spear phishing is highly targeted.
Employee accounts hijacked
General Dynamics, one of the largest defense and aerospace companies in the USA, has fallen victim to a targeted phishing campaign. Attackers managed to gain access to the social security accounts of several dozen employees.
Watch out, Gmail users!
A new, highly sophisticated form of phishing is alarming security experts. Cyber criminals are using artificial intelligence and sophisticated spoofing techniques in a new scam to deceive over 2.5 billion Gmail users.
Global Mobile Threat Report 2024
Zimperium has published the “Global Mobile Threat Report 2024”.
The security report identifies a significant increase in “mishing” threats (mobile targeted phishing), which use various tactics to exploit user errors and vulnerabilities in mobile devices.
Shortly before it-sa
According to information from an anonymous source that has been available to it-daily.net since midday, NürnbergMesse has been the victim of a phishing attack.
Data is said to have been accessed in the process.
The exhibition company has now also confirmed the attack.
Events
Veranstaltungen
Most read articles.
19. August 2025
18. August 2025
18. August 2025