Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Cisco Talos warn that a new phishing campaign is targeting users in Germany and Poland in an attempt to deliver several strains of malware, including a new backdoor dubbed “TorNet.” The phishing emails purport to be fake money transfer confirmations from financial institutions or phony order receipts from manufacturing and logistics companies.

Our recent Africa Cybersecurity Awareness survey has revealed a startling surge in cybersecurity concerns among African users, with 58% of respondents expressing high levels of worry about cybercrime - a figure that has nearly doubled from 29% in 2023. The fear is not unfounded. As highlighted by Interpol's African Cyberthreat Report 2024, the continent has witnessed a significant uptick in cybercrime, along with its financial and social repercussions.

Researchers at Zimperium warn that a large phishing campaign is impersonating the US Postal Service (USPS) to target mobile devices with malicious PDF files. The goal of the campaign is to direct users to a spoofed USPS website designed to harvest personal information. “The investigation into this campaign uncovered over 20 malicious PDF files and 630 phishing pages, indicating a large-scale operation,” the researchers write.

AI is advancing at lightning speed, but it’s also raising some big questions, especially when it comes to security. The latest AI making headlines is DeepSeek, a Chinese startup that’s shaking up the game with its cost-efficient, high-performing models. But it’s also raising red flags for cybersecurity pros. DeepSeek overnight became a top contender, mostly driven by curiosity.

A KnowBe4 Threat Lab Publication Authors: Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary The KnowBe4 Threat Lab analyzed a sophisticated phishing campaign targeting multiple organizations to harvest Microsoft credentials. Threat actors utilized a compromised domain, its subdomains, bulk email services, and open redirect vulnerability to evade detection and increase click success rates.

Microsoft, Apple, and Google were the most commonly impersonated brands in phishing attacks last quarter, according to researchers at Check Point. “Microsoft retained its dominance as the most imitated brand in phishing schemes, accounting for a staggering 32% of all attempts,” Check Point says. “Apple followed with 12%, while Google ranked third. Notably, LinkedIn reentered the list at fourth place, emphasizing the persistent targeting of technology and Social Network brands.

73% of educational institutions in the UK have sustained at least one cyberattack or breach in the past five years, according to researchers at ESET. Additionally, a fifth of these organizations said they’ve experienced three or more cyberattacks. 43% of the organizations surveyed cited phishing attacks as their top concern.

Drivers across the U.S. are being bombarded with fraudulent text messages claiming to come from toll operators like E-ZPass. These messages threaten fines for unpaid toll fees and aim to steal personal and financial information. Security experts warn that these scams are becoming more sophisticated, driven by new phishing tools developed and sold in China.

Phishing attacks are the most common security issue for smartphone users, according to a new study by Omdia. The survey found that nearly a quarter (24%) of respondents have fallen victim to a mobile phishing attack. The second most common mobile threat was malware, which is usually delivered via social engineering. The researchers note that phishing attacks reached all the smartphones assessed in the study, regardless of vendor.

A new survey by cybersecurity vendor Netwrix found that 84% of healthcare organizations spotted a cyberattack in the past twelve months, with phishing attacks accounting for 63% of these incidents. “Phishing was the most common type of incident experienced on premises, similar to other industries,” Netwrix says. “Account compromise topped the list for cloud attacks: 74% of healthcare organizations that spotted a cyberattack reported user or admin account compromise.”