Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials.
"Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content," Palo Alto
Kimsuky-linked hackers use similar tactics to attack Russia and South Korea, researchers say
The threat actor known as Konni, which has been previously linked to the North Korean state-sponsored group Kimsuky, is intensifying its attacks on South Korea and Russia, according to a recent report
CISA says SonicWall bug being exploited as experts warn of ransomware gang use
Federal cybersecurity experts are warning that a vulnerability affecting products from SonicWall is being exploited, and ordered all federal civilian agencies to implement a patch for the bug by the end of the month.
Chinese ‘Spamouflage’ operatives are mimicking disillusioned Americans online
A Chinese influence operation has ramped up its efforts to impact online discourse around the U.S. elections, creating fake personas across social media platforms to spread divisive messages about the state of the country.
The nature of bug bounty programs is changing, and their ‘auntie’ is worried
Moussouris is the founder and CEO of Luta Security, a cybersecurity company specializing in vulnerability management.
Nigerian national who laundered funds from romance and BEC scams gets 10-year sentence
A Nigerian national was sentenced on Monday to 10 years in United States prison for laundering millions obtained from internet scams.