Security pros say the threat actors shifted to Excel-based XLL add-ins once Microsoft hardened macros last year after the software giant made the move to further stymie the bad guys.
While Telegram bots being used to exfiltrate information is not new, it has not been commonly used by threat actors in the past for credential phishing, and researchers noted that the significant increase is primarily associated with the current popular tactic of using HTML attachments as delivery mechanisms and the ease of Telegram's setup.
We will discuss the migration of the security community from Twitter to Mastodon, logistical challenges, and related matters of managing the community.
The group - tracked as “BlueNoroff” by Kaspersky and “HiddenCobra” by others - registered at least 70 web domains over the last year mimicking the websites of real venture capital firms in Japan and other financial institutions to use in a newly uncovered spearphishing and malware-delivery campaign.
Armorblox uses natural language understanding to thwart attack on large educational institution that used social engineering to bypass Office 365 security.
Meta, the parent company of Facebook and Instagram, disclosed in a new report that it has disrupted over 200 influence operations on its platforms since 2017 and raised its bug bounty payouts to as much as $300,000.