EHA
Hackers OTP Bots Bypass 2FA

Hackers Using OTP Bots To Bypass Two-Factor Authentication

Two-factor authentication (2FA) is a security method that requires two verification steps for user access and is commonly implemented with one-time passwords (OTPs) delivered via various channels.  To bypass 2FA, attackers leverage social engineering to...
Hackers Exploit Cloud Services Steal Data

Hackers Exploiting Amazon, Google & IBM Cloud Services To Steal Customer Data

Criminals are exploiting cloud storage services to host phishing websites for SMS scams by abusing the static website hosting feature of cloud storage to store HTML files with malicious URLs, which are included in...
Hackers Impersonating As Fake Toll Payment Processor Across The U.S.

Hackers Impersonating As Fake Toll Payment Processor Across The U.S.

A convincing phishing scam recently targeted a cybersecurity researcher's (Jonathan Munshaw) wife with a fake text claiming she owed unpaid New Jersey E-ZPass highway tolls. The message prompted visiting a fraudulent site mimicking the...
Hackers use the Greatness PaaS tool to Steal Microsoft 365 login credentials

Hackers Using Greatness PaaS tool to Steal Microsoft 365 Login Credentials

A new Phishing-as-a-Service (PaaS) tool called Greatness is being used by cybercriminals to steal Microsoft 365 login credentials. First detected in 2022, Greatness allows attackers to bypass security measures and has been continuously updated...
Detecting A Phishing Attack With Help Of Artificial Intelligence

Detecting A Phishing Attack With Help Of Artificial Intelligence

Social engineering email attacks remain a threat despite commercial solutions and user training focused on identifying phishing indicators like urgency, unusual greetings, or inconsistent email addresses.  However, training shifts the phishing detection burden onto users...
Vultur Malware Mimic As Mobile Antivirus Steals Login Credentials

Vultur Malware Mimic As Mobile Antivirus Steals Login Credentials

Malware typically mimics mobile antivirus applications to trick users into installing the mimicked AV app, which claims to provide trust and secure devices for users. Malware could easily go unnoticed and get a first grip...
New Cyber Attack Targeting Facebook Business Accounts

New Cyber Attack Targeting Facebook Business Accounts

The email campaign impersonates the Facebook Ads Team to trick users into clicking a malicious link, as the email leverages social engineering tactics like sender name spoofing and urgency to appear legitimate.  Grammatical errors and...
Darkgate Malware Weaponizing XLSX, HTML And PDF To Attack Windows Machines

Darkgate Malware Weaponizing XLSX, HTML, & PDF To Attack Windows Machines

Hackers often target XLSX, HTML, and PDF files as they are widely used, and their trustable file formats also attract them. This makes it easier to deliver them successfully to recipients who may not be...
Hackers Exploiting Quick Assist Tool To Deliver Ransomware

Hackers Exploiting Microsoft’s Quick Assist Tool To Deliver Ransomware

Hackers often target remote assist tools because they create a direct channel to access desired systems with minimum effort.  These tools have been built for remote control and access purposes, which makes them very appealing...
FBI Warns of Phishing Attack Targeting Retail Corporate Offices

FBI Warns of Phishing Attack Targeting Retail Corporate Offices

The Federal Bureau of Investigation (FBI) has warned about a sophisticated phishing and smishing (SMS phishing) campaign orchestrated by a cybercriminal group known as STORM-0539, or Atlas Lion. This group has been actively targeting the...

Managed WAF

Website

Latest News