This phishing kit bypasses 2FA via session hijacking and real-time credential theft. Kurt “CyberGuy" Knutsson offers four ...

A large number of phishing campaigns emerged in the aftermath of the Bybit heist, designed to siphon cryptocurrency from its ...

Home » Security Bloggers Network » Q1 Goals to Gaps in Security: The Rise of HR-Themed Phishing ...

Experts say hackers who used to focus on Windows operating systems are increasingly targeting Apple IDs as part of a new phishing campaign.

After Windows defenses improved, the attackers switched to targeting Mac and Safari users with these very effective scams.

A phishing-as-a-service (PhaaS) platform named 'Lucid' has been targeting 169 entities in 88 countries using well-crafted ...

There are code adjustments to target macOS and Safari users by “leveraging HTTP OS and user agent parameters.” They maintain ...

Once the victim enters their credentials, these are exfiltrated to the threat actors via AJAX requests to external servers and PHP scripts hosted on the phishing pages. Real-time forwarding using ...

Use precise geolocation data and actively scan device characteristics for identification. This is done to store and access ...

DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the ...

Based on the MX record, the phishing kit dynamically serves a fake login page that mimics the victim's real email service provider's login page. This novel DNS technique allows the actor to ...

A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.