A Ledger customer in Italy got a real handwritten letter with a QR code leading to a phishing site, exposing how the 2020 data breaches of Ledger still fuel scams years later and showing scammers’ low-cost, high‑ROI shift to postal phishing.
A sophisticated phishing campaign abused Apple’s account‑change notification template, injecting malicious content into a legitimately signed email, which bypassed SPF, DKIM and DMARC checks and achieved near‑100% delivery, while also evolving into a “telephone‑oriented” social‑engineering variant.
A three‑year investigation by Access Now, SMEX and Lookout reveals that the Indian APT group BITTER conducted rapid Apple‑ID phishing, 2FA‑relay attacks and Android spyware deployments to fully compromise the accounts of journalists across the Middle East and North Africa, often within 30 seconds of credential entry.
This article details a red‑team engagement against a 30‑employee company that lacked a public website, describing how the team used phishing emails, custom Cobalt Strike payloads, shellcode encryption, internal network scanning, and a router tunnel to obtain footholds and extract data.
The article examines how easily accessible, unfiltered large language models enable even novice attackers to create sophisticated, personalized phishing campaigns and rapid reconnaissance, while defenders scramble to adopt small, locally‑run AI models for detection, UEBA, and reverse‑engineering of AI‑generated malware.
The FBI and CISA have issued an urgent alert that Russian-linked threat actors are conducting large‑scale phishing campaigns against WhatsApp and Signal users, using social‑engineering tricks such as fake support messages, code‑request scams, and malicious links to hijack accounts and monitor communications.
The article analyzes how generative AI is transforming cybercrime by enabling 13 distinct attack methods—from highly personalized phishing emails and AI‑assisted malware creation to automated vulnerability hunting, deep‑fake social engineering, malicious LLMs, and attacks on AI infrastructure—highlighting recent research data and real‑world examples that illustrate the heightened speed, stealth, and accessibility of modern threats.
The article warns of sophisticated invoice‑phishing emails that can implant malware and outlines three practical defenses, then shifts to a detailed analysis of Israel’s cyber strike on Iran’s missile command, explaining the attack’s technical layers, hybrid war model, strategic implications, and future risks.
The article outlines thirteen distinct techniques by which cybercriminals exploit generative AI—from hyper‑personalized phishing and AI‑driven malware creation to AI‑coordinated espionage, deep‑fake social engineering, and attacks on AI infrastructure—backed by expert quotes, research findings, and concrete case studies.
The article analyzes how everyday posts on platforms like WeChat, GitHub, and TikTok can be harvested as open‑source intelligence, enabling phishing, BEC, and deep‑fake attacks, and offers concrete mitigation steps for security professionals.
This article dissects modern phishing and ransomware threats, detailing preparation, bait construction, email header spoofing, and open‑source tools like Gophish, then outlines comprehensive defensive measures—from endpoint security and threat intelligence to risk‑based response economics—offering a systematic, technology‑to‑tactics‑to‑strategy framework for information security teams.
This article explains what network attacks are, outlines the most common attack types such as malware, DoS/DDoS, phishing, SQL injection and DNS tunneling, and provides practical prevention measures including regular updates, firewall configuration, VPN use, and security awareness training.
The article reviews OpenAI CEO Sam Altman's statement that the company now knows how to build AGI, Samsung's AI‑focused product rollout at CES 2025, a Stanford tool for generating research‑based articles, and a Harvard study showing AI‑driven phishing attacks surpass a 50% success rate.
A recent advisory from China’s National Computer Virus Emergency Response Center reveals a new “Silver Fox” Trojan variant distributed via phishing pages and social‑media links, explains its infection process on Windows PCs, and outlines practical prevention steps for enterprises and individual users.
The National Computer Virus Emergency Response Center reports a new “Silver Fox” Trojan variant distributed via phishing links in WeChat groups, disguised as tax‑related installers, which can hijack systems for remote control and fraud, and provides concrete steps for users and enterprises to defend against it.
This article examines the rapid rise of Web3 phishing, detailing various attack vectors such as transaction‑based phishing, eth_sign blind signing, modal phishing, approval abuse, address‑poisoning, and zero‑transfer tricks, while presenting detection methods and Ant Group’s multi‑dimensional anti‑money‑laundering platform as a countermeasure.
This article explains how phishing exploits human psychology, outlines common phishing variants such as email, spear, whaling, business email compromise, smishing, vishing, social‑media, pharming and evil‑twin attacks, and provides practical measures to recognize and defend against them.
Recent research shows that nearly 60% of organizations suffered data loss due to employee email mistakes, highlighting the severe risks of phishing attacks and underscoring the need for realistic phishing simulation exercises to improve security awareness and protect against financial and reputational damage.
The article provides a comprehensive overview of phishing as a social‑engineering attack, detailing its various techniques—including email deception, spear‑phishing, whaling, malware‑based lures, domain spoofing, vishing, SMS and QR‑code scams—and offers practical defense measures such as anti‑phishing tools, multi‑factor authentication, content filtering, and security standards.
During a penetration testing exercise, the team discovered a cleverly disguised GitHub repository that leaked credentials, leading to a vulnerable admin interface, a malicious Python‑based VPN client which, after reverse‑engineering with PyInstaller extraction, revealed embedded shellcode hidden in images, allowing the attackers to trace the command‑and‑control server and pinpoint the origin of the intrusion.
A new Inno Stealer malware campaign masquerades as a legitimate Windows 11 upgrade installer, using a spoofed Microsoft site to distribute an infected ISO that creates hidden scripts, disables security, and steals browser data and cryptocurrency wallets, posing a serious information‑security threat.
The article documents a step‑by‑step security investigation of a QQ phishing site, detailing its fake login page, POST endpoint, Python‑based credential flooding, network reconnaissance, port scanning, vulnerability scanning, and discovery of the backend control panel, while discussing the challenges of XSS and brute‑force attacks.
An in‑depth walkthrough demonstrates how to identify, analyze, and attack a QQ phishing website—revealing its URL, POST parameters, using Python to flood it with fake credentials, performing WHOIS, ping, nmap, and w3af scans, uncovering backend details, and discussing mitigation strategies.
This article demonstrates how red‑team methods can be applied to phishing traceability, detailing phishing classifications, email‑header extraction, malicious site analysis, web‑shell decryption, privilege‑escalation techniques, log mining, and attacker attribution to reconstruct the full attack chain.
During the Mid‑Autumn Festival I received a seemingly harmless mooncake email, suspected it was a phishing test, and then used a virtual machine, network‑capture tools, Shodan, and open‑source intelligence to trace the malicious link back to its source and exposed the underlying infrastructure.
The article outlines ten major 2020 cybersecurity forecasts—including surging ransomware, sophisticated phishing, faster threat detection, expanding attack surfaces, emerging IoT security laws, stricter GDPR enforcement, OT security challenges, and the rise of managed security services—to help organizations prepare for the evolving threat landscape.
The FBI warns that HTTPS sites are not automatically secure, as attackers exploit users' trust in the lock icon to launch sophisticated phishing campaigns via email, so users must verify links and never assume safety solely from the HTTPS indicator.
This article explains how using target="_blank" on links can expose pages to phishing attacks via the opener object, compares same‑origin and cross‑origin behaviors, and provides practical mitigation techniques such as Referrer‑Policy, rel="noreferrer" and rel="noopener" with fallback JavaScript.
A recent ZeroFOX experiment showed an AI system sending malicious tweets far faster than humans, prompting Elon Musk to highlight the growing threat of AI‑driven hacking, while security experts at Black Hat predict widespread AI weaponization in the near future.
The article explains a new Chrome‑targeted phishing method that uses fullscreen mode and a carefully placed JPEG image to mimic the browser’s address bar and pop‑up dialogs, detailing the technique, visual cues, and security implications for users and researchers.
A user received a suspicious SMS with a malicious app link, prompting an analyst to download, decompile, and dissect the Android malware, revealing hidden Device Admin permissions, obfuscated code, DES-encrypted credentials, and the attacker’s email address, ultimately exposing how the trojan steals personal data.
