EnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, based in California, also has links to China, Cybernews researchers wrote.

The post Huge Leak of Customer Data Includes Military Personnel Info appeared first on Security Boulevard.

The post Blov HTML Crypter: Phishing Evasion Through Encryption and Obfuscation first appeared on SlashNext.

The post Blov HTML Crypter: Phishing Evasion Through Encryption and Obfuscation appeared first on Security Boulevard.

Further compounding this trend is the fact that phishing attacks are becoming more targeted and complex. According to data from APWG’s Phishing Activity Trends Report, the number of unique phishing sites detected surged by over 60% in the past two years. The game of cat and mouse that is cybersecurity is proving to be a losing game for enterprises as existing tools are unable to keep up with the evolving nature of phishing attacks.

With the lack of proper web security detection tools, organizations are often unaware of the quantum and mechanism of phishing attacks targeting their employees. In fact, it is in the attacker’s best interest to have their attack path remain undiscovered as long as possible, allowing them to exploit users for a longer time, holding more data and access hostage when a breach is finally detected. Worse, it is nearly impossible for organizations to trace back exactly how the attack happened retroactively with incumbent proxy tools, essentially allowing attackers to recycle the same attack using different identities/domains.

This article delineates the mechanics behind the 5 most common modern phishing attacks seen by both our researchers and in the wild with real organizations we work with.

1. Trusted domain attacks

Most enterprises block known malicious or suspicious domains using Secure Web Gateways (SWGs). Thus, attackers have identified several domains that would be whitelisted in almost all organizations and redirect users to phishing sites from there. These include file sharing sites (e.g. Sharepoint, Google Drive, One Drive, Box) and GitHub.

2. Captcha walls

In addition to whitelisting/blacklisting, some SWGs can automatically block domains with certain characteristics such as young domain age. However, even with the most advanced SWGs, this URL filtering does not work when there is a captcha, allowing attackers to hide phishing sites behind captchas.

3. URL masking & shortening

Many attackers leverage URL shortening services like Bitly and Twitter’s t.co, making it difficult for employees to tell if the link is malicious from the URL itself. For similar reasons to the Sharepoint based attacks, existing security tools cannot block these URLs as it will lead to many false positives from legitimate links.

4. GenAI spearphishing

One telltale sign that many employees relied on to identify phishing messages/ emails is the persistence of typos and odd grammatical errors. However, with GenAI tools at their disposal, attackers can now write high quality, highly targeted messages at a scale that is never seen before. A recent study from HBR showed that the cost of phishing attacks has now been slashed by 95%, and are seeing comparable success rates (60%) to phishing emails written by trained experts.

5. Browser in the Browser (BiTB) Attacks

This sophisticated phishing technique involves attackers creating a fake browser window within the actual browser to simulate legitimate third-party authentication pop-ups, such as those used for “Sign in with Google” or “Sign in with Facebook.” This deceptive overlay looks authentic and can trick users into entering their login credentials, giving attackers access to sensitive information. The fake window is indistinguishable from a real one at first glance, making it particularly effective and dangerous as users are led to believe they are interacting with a trusted source.

As phishing attacks continue to evolve in quantum and complexity, it is imperative for organizations to shift from having a reactive to a proactive defence strategy. In order to do so, security tools must also evolve to provide deep insight into exactly how users are being attacked, creating mechanism based policies instead of domain based policies that engage in a perpetual chase of finding and blocking phishing sites as they are discovered post-breach.

Phishing 2.0: Unmasking Modern Cyber Threats and Building Proactive Defences was originally published in SquareX Labs on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Phishing 2.0: Unmasking Modern Cyber Threats and Building Proactive Defences appeared first on Security Boulevard.

The hard truth is that security breaches often happen because of human mistakes from simple, everyday actions. It's not just employees unknowingly using unsecured Wi-Fi – it's phishing, weak passwords and a lack of awareness that open the door to attackers.

The post The Crucial Influence of Human Factors in Security Breaches appeared first on Security Boulevard.

Scammers are using everything from fraudulent deals and fake ads to spoofed websites and brand impersonation to target online shoppers who are gearing up for Black Friday as the holiday buying season gets underway, according to cybersecurity firms.

The post Black Friday Scammers are Hard at Work: Security Experts appeared first on Security Boulevard.

The post GoIssue – The Tool Behind Recent GitHub Phishing Attacks first appeared on SlashNext.

The post GoIssue – The Tool Behind Recent GitHub Phishing Attacks appeared first on Security Boulevard.

Interpol, other law enforcement agencies, and cybersecurity firms teamed up for Operation Synergia II, shutting down 22,000 malicious servers that supported ransomware, phishing, and other attacks and arresting 41 people connected to the cybercrime campaigns.

The post Interpol Operation Shuts Down 22,000 Malicious Servers appeared first on Security Boulevard.

Cybercriminals are exploiting DocuSign’s APIs to send highly authentic-looking fake invoices, while DocuSign’s forums have reported a rise in such fraudulent campaigns in recent months. Unlike typical phishing scams that rely on spoofed emails and malicious links, these attacks use legitimate DocuSign accounts and templates to mimic reputable companies, according to a Wallarm report. By..

The post Hackers Exploit DocuSign APIs for Phishing Campaign appeared first on Security Boulevard.

Halloween-themed spam has risen sharply this season, with Bitdefender reporting that 40% of these emails contain malicious content designed to scam users or harvest personal data. In the first half of October alone, spam volumes increased by 18% compared to September, signaling the start of a cybercrime spike that is expected to continue through the..

The post Spooky Spam, Scary Scams: Halloween Threats Rise appeared first on Security Boulevard.

Despite 80% of IT leaders expressing confidence that their organization won’t fall for phishing attacks, nearly two-thirds admitted they’ve clicked on phishing links themselves. This overconfidence is coupled with concerning behaviors, as 36% of IT leaders have disabled security measures on their systems, undermining organizational defenses. These were among the chief results of an Arctic..

The post Phishing Attacks Snare Security, IT Leaders appeared first on Security Boulevard.