VulnHub

Real-time Cybersecurity News

Articles tagged "Phishing"

Found 21 articles

Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery

Infosecurity Magazine

Actively Exploited

BitSight research highlights a significant cybersecurity threat where threat actors exploit calendar subscriptions to deliver phishing links and malware via hijacked domains. This method poses a serious risk as it can lead to social engineering attacks, potentially compromising sensitive information and systems.

Impact: Calendar applications, email clients, and users of hijacked domains.

Remediation: Users should be cautious about accepting calendar subscriptions from unknown sources and regularly review their calendar settings for any unauthorized subscriptions. Implementing email filtering and security awareness training can also mitigate risks.

Phishing Exploit Malware

2 days ago

Scattered Lapsus$ Hunters Take Aim At Zendesk Users

Infosecurity Magazine

Actively Exploited

The article discusses a new phishing campaign targeting Zendesk users, attributed to the Scattered Lapsus$ Hunters collective. This campaign involves the use of newly registered phishing domains, indicating a serious threat to users of the Zendesk platform.

Impact: Zendesk users

Remediation: Users should be vigilant about phishing attempts and ensure they verify the authenticity of communications claiming to be from Zendesk. Implementing multi-factor authentication and educating users on recognizing phishing attempts are recommended.

3 days ago

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

The Hacker News

Actively Exploited

The FBI has reported a significant increase in account takeover (ATO) fraud, with cybercriminals impersonating financial institutions to steal money and sensitive information. This issue poses a serious threat to individuals and organizations across various sectors, leading to losses exceeding $262 million.

Impact: Financial institutions, individuals, businesses, organizations

Remediation: Individuals and organizations should implement strong authentication measures, monitor accounts for unusual activity, and educate employees about phishing tactics.

4 days ago

Advanced Security Isn't Stopping Ancient Phishing Tactics

darkreading

Recent research indicates that advanced phishing attacks are effectively circumventing traditional security measures employed by enterprises. This highlights a significant concern for organizations, as these tactics remain effective despite the implementation of sophisticated security systems.

Impact: N/A

Remediation: N/A

Phishing Malware

4 days ago

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

The Hacker News

Actively Exploited

A new cybersecurity campaign is utilizing fake Windows update pop-ups on adult websites to trick users into executing malicious commands. This method combines ClickFix lures with phishing tactics, posing a significant risk to users who visit these sites.

Impact: N/A

Remediation: Users should avoid clicking on suspicious pop-ups and ensure their antivirus software is up to date. Regularly updating the operating system and using ad blockers may also help mitigate the risk.

Windows Phishing Update Critical Malware

5 days ago

Alumni, Student, and Staff Information Stolen From Harvard University

SecurityWeek

A phone phishing attack has compromised a system at Harvard University, leading to the theft of sensitive information related to alumni, donors, students, and staff. This incident highlights the severity of social engineering attacks and their potential to affect a wide range of individuals associated with the institution.

Impact: Harvard University alumni, donors, students, staff, and other individuals' information

Remediation: Implement stronger phishing awareness training for staff and students; enhance security measures for sensitive information systems.

Phishing Data Breach

5 days ago

WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation

SecurityWeek

Palo Alto Networks has identified new malicious language models, WormGPT 4 and KawaiiGPT, that are being utilized by cybercriminals to enhance their phishing, malware development, and reconnaissance efforts. The rise of these dark LLMs represents a significant threat to cybersecurity, automating and streamlining various cybercrime activities.

Impact: N/A

Remediation: N/A

Phishing Malware

5 days ago

Festo Compact Vision System, Control Block, Controller, and Operator Unit products

All CISA Advisories

The Festo Compact Vision System and related products have critical vulnerabilities that could allow unauthorized access and modification of configuration files, with a CVSS score of up to 9.8. Users are urged to implement security measures to mitigate the risk of exploitation, as these vulnerabilities could severely impact device security and integrity.

Impact: Affected products include: Festo Software Compact Vision System (All Versions), Control blocks (CPX-CEC-C1 Codesys V2, CPX-CEC-C1-V3 Codesys V3, CPX-CEC Codesys V2, CPX-CEC-M1 Codesys V2, CPX-CEC-M1-V3 Codesys V3, CPX-CEC-S1-V3 Codesys V3, CPX-CMXX), Controllers (CECC-D, CECC-D-BA, CECC-D-CS, CECC-LK, CECC-S, CECC-X-M1, CECC-X-M1-MV, CECC-X-M1-S1, CECX-X-C1, CECX-X-M1, CPX-E-CEC-C1, CPX-E-CEC-C1-EP, CPX-E-CEC-C1-PN, CPX-E-CEC-M1, CPX-E-CEC-M1-EP, CPX-E-CEC-M1-PN, FED-CEC), and Operator units (CDPX-X-A-S-10, CDPX-X-A-W-13, CDPX-X-A-W-4, CDPX-X-A-W-7, CDPX-X-E1-W-10, CDPX-X-E1-W-15, CDPX-X-E1-W-7). Vendor: Festo.

Remediation: For CVE-2022-22515: Use online user management to prevent unauthorized access. For CVE-2022-31806: Enable password protection at login if no password is set. Note that the password configuration file must be manually selected for backup as it is not included in the default FFT backup & Restore mechanism. CISA recommends minimizing network exposure for control systems, using firewalls, and employing secure remote access methods like VPNs.

Phishing CVE Vulnerability Update Critical

5 days ago

Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

All CISA Advisories

The Ashlar-Vellum products Cobalt, Xenon, Argon, Lithium, and Cobalt Share have critical vulnerabilities, specifically an Out-of-Bounds Write and a Heap-based Buffer Overflow, which could allow attackers to disclose information or execute arbitrary code. The vulnerabilities have a CVSS v4 score of 8.4, indicating a high severity level, and users are urged to update their software to mitigate risks.

Impact: Affected products include Ashlar-Vellum Cobalt (versions 12.6.1204.207 and prior), Xenon (versions 12.6.1204.207 and prior), Argon (versions 12.6.1204.207 and prior), Lithium (versions 12.6.1204.207 and prior), and Cobalt Share (versions 12.6.1204.207 and prior). The vendor is Ashlar-Vellum.

Remediation: Users are recommended to update to the following versions: Cobalt (versions 12.6.1204.208 or higher), Xenon (versions 12.6.1204.208 or higher), Argon (versions 12.6.1204.208 or higher), Lithium (versions 12.6.1204.208 or higher), and Cobalt Share (versions 12.6.1204.208 or higher). Additionally, users should minimize network exposure for all control system devices, locate control system networks behind firewalls, and use secure remote access methods such as VPNs.

Phishing CVE Vulnerability Update Critical

5 days ago

SiRcom SMART Alert (SiSA)

All CISA Advisories

The SiRcom SMART Alert (SiSA) system has a critical vulnerability due to missing authentication for critical functions, allowing unauthorized remote access to backend APIs. This could enable attackers to manipulate emergency sirens, posing a significant risk to public safety and critical infrastructure.

Impact: SiRcom SMART Alert (SiSA): Version 3.0.48

Remediation: Minimize network exposure for control system devices, ensure they are not accessible from the Internet, locate control system networks behind firewalls, use secure remote access methods like VPNs, and perform proper impact analysis and risk assessment before deploying defensive measures.

Phishing CVE Vulnerability Update Critical

5 days ago

Rockwell Automation Arena Simulation

All CISA Advisories

Rockwell Automation's Arena Simulation software has a stack-based buffer overflow vulnerability that could allow local attackers to execute arbitrary code. The vulnerability, identified as CVE-2025-11918, has a CVSS v4 score of 7.1, indicating a significant risk for affected installations, particularly in critical manufacturing sectors.

Impact: Affected products include Rockwell Automation's Arena Simulation version 16.20.10 and prior.

Remediation: Users are advised to upgrade Arena Simulation to version 16.20.11 or later. For those unable to upgrade, Rockwell Automation recommends following security best practices. CISA also suggests minimizing network exposure for control systems, using firewalls, and implementing secure remote access methods like VPNs.

Phishing CVE Exploit Vulnerability Update Critical

5 days ago

To buy or not to buy: How cybercriminals capitalize on Black Friday

Securelist

Cybercriminals intensify their activities during Black Friday, utilizing tactics such as phishing, scams, and malware to exploit online shoppers and gamers. The severity of these threats underscores the importance of vigilance among consumers, as fake sales and malicious activities proliferate during this shopping season.

Impact: Online shoppers, gamers, and potentially any consumer engaging in Black Friday sales.

Remediation: Consumers should remain vigilant against phishing attempts, verify the authenticity of sales, and use security software to protect against malware.

Phishing Exploit Malware

6 days ago

Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications

All CISA Advisories

Actively Exploited

CISA has identified that various cyber threat actors are using commercial spyware to target users of mobile messaging applications, employing tactics such as phishing, zero-click exploits, and impersonation. The focus is primarily on high-value individuals including government and military officials, indicating a serious threat to sensitive communications.

Impact: Mobile messaging applications including Signal and WhatsApp.

Remediation: Users are encouraged to review the updated Mobile Communications Best Practice Guidance and Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society for steps to protect mobile communications and messaging apps.

macOS iOS Android Phishing Google Exploit+2 more

6 days ago

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks

The Hacker News

Actively Exploited

The article discusses a new command-and-control platform, Matrix Push C2, which utilizes browser notifications to execute phishing attacks by distributing malicious links. This fileless framework targets victims across different operating systems using push notifications, fake alerts, and link redirects.

Impact: N/A

Remediation: N/A

1 week ago

'Matrix Push' C2 Tool Hijacks Browser Notifications

darkreading

The article highlights a cybersecurity threat where a tool named 'Matrix Push' hijacks browser notifications, exploiting users' lack of awareness regarding these alerts. This tactic is particularly severe as it aids phishing attempts, potentially compromising user security and privacy.

Impact: N/A

Remediation: Users should be cautious about granting permissions for browser notifications and regularly review their notification settings to prevent unauthorized access.

1 week ago

Page 1 of 2Next