EHA
Study: Phishing Takes Up a Third of IT Time, Resources, and Budget

Study: Phishing Takes Up a Third of IT Time, Resources, and Budget

Phishing--the fraudulent emails and other communications that entice users to click on malware-ridden links or attachments, pay fake invoices, or update customer accounts with fake information—has been around for decades, plaguing organizations even as...
Fake Windows Defender Alerts Weaponized to Perform Fraudulent Transactions

Fake Windows Defender Alerts Weaponized to Perform Fraudulent Transactions

A new ongoing malicious tech support scam has been identified recently that involves the development of several phishing websites that are being operated by the Threat Actor.  All of these phishing sites display a fake...
EvilProxy – Phishing-As-A-Service Advertise Via Darkweb to Bypass 2FA

EvilProxy – Phishing-As-A-Service Advertise Via Darkweb to Bypass 2FA

Recently, a PaaS (Phishing-as-a-Service) platform called EvilProxy that offers reverse-proxy services has emerged on the market and was identified by the Resecurity security firm. By exploiting this new emerging service the threat actors can bypass...
smishing Attacks

Beware of Smishing Attacks Aimed to Steal Personal Information

There has been an increase in the number of robotext scams in recent months, which has prompted the Federal Communications Commission (FCC) to issue a warning. Scammers are increasingly using robotext scams to trick their...
Uniswap Sophisticated Attack

Uniswap Sophisticated Attack – Over $8 million worth of Ethereum Stolen

As a result of a sophisticated phishing attack, UniSwap, one of the most popular decentralized cryptocurrency exchanges, lost a large amount of Ethereum worth close to $8 million. Although no vulnerability was exploited in order...
AiTM Phishing Attacks Over 10,000 Organizations to Hijack a User’s Sign-in Session

AiTM Phishing Attacks Over 10,000 Organizations to Hijack a User’s Sign-in Session

Earlier this week, Microsoft announced that over 10,000 organizations had been targeted in an extensive phishing campaign that began in September 2021. In this campaign, the hackers hijacked the MFA-enabled accounts by compromising the...
Beware!! New Voicemail Phishing Attack That Aims to Steal Office365 Login Credentials

Beware!! New Voicemail Phishing Attack That Aims to Steal Office365 Login Credentials

Recently, the threat actors have launched a new voicemail phishing campaign in an attempt to steal Outlook credentials and login credentials to Microsoft Office 365.  The following are the sectors and organizations in the U.S....
Hackers Compromised MailChimp

Hackers Compromised MailChimp Service to Steal User Data and Conduct Phishing Attacks

A data breach has been recently reported by Mailchimp, and in this event, hackers have gained access to customer accounts by compromising an internal tool of the company itself. After the company spotted a hacker...
Phishing Campaign Targets European Government Personnel Aiding Ukrainian Refugees

Phishing Campaign Targets European Government Personnel Aiding Ukrainian Refugees

The cybersecurity analysts at Proofpoint security firm have recently discovered a new phishing campaign to target the European government personnel by aiding Ukrainian refugees. In this phishing campaign, the state-sponsored actors send out the phishing...
eBike Phishing Sites

Beware of eBike Phishing Sites that Abuse Google Ads Targeting the Indian users

The Singaporean security firm CloudSEK has recently identified a large-scale campaign, involving over 200 phishing and scam sites. The operators of these sites have tricked users to steal their personal information and put in...