What are the chances? π
While analyzing a Discord stealer today, I found a screenshot of the threat actor's desktop... scanning https://t.co/qIh5AhwKqE.
As a Drexel alum, I definitely wasn't expecting to see my old university during malware hunting.
Is This URL Malicious?
https:// login.microsoftonline[.]com/common/oauth2/v2.0/authorize?state=%7bRECIPIENT_BASE64_EMAIL%7d&scope=openid&prompt=none&client_id=952a8d0d-0053-4672-953e-d20a6abc4a3a
How much is a victim worth? $1.
Cybercriminal advertising 100 ScreenConnect victims for $100.
We're seeing IRS and Social Security-themed phishing campaigns deliver remote access tools daily. Thousands have already fallen victim.
#CyberSecurity#ThreatIntelligence#CyberCrime
Microsoft is moving toward a passwordless future.
We've spent years focusing on stolen passwords, and cookies.
Game over for phishers?
Not quite. Attackers are already shifting toward authentication artifacts created after login, including Cloud Kerberos authentication data.
Beware Of Promotion-ChatGPT[.]com
The site impersonating ChatGPT to deploy a malware through ClickFix.
URL:
promotion-chatgpt[.]com
promotion-claudes[.].com
claudescript[.]top
hxxps://www.youtube[.]com/watch?v=ubHZ-R4qVbk
Over 400 users across Indian universities were impacted by a phishing campaign focused on session hijacking, not just credentials.
Impacted:
@Vijaybhoomi_Uni β 34
@JAGSOMblr β 31
@IFIM β 17
@PresidencyUni β 26
Modern phishing enables persistent access without passwords
π¨ New Phishing Chain: SSA -> ps1 -> GitHub β RAT
Weβre tracking multiple active campaign abusing a βSocial Securityβ theme to deliver malware developed in Golang.
Analysis (https://t.co/hWQiOm05VK):
hxxps://app.any[.]run/tasks/5e9cc1e8-6094-436b-871e-80154bf28f1b
Weβre seeing campaigns use GraphQL to capture credentials and validate them in real timeβno traditional form posts, no obvious endpoints. Fronted by Cloudflare to blend in.
Not Evilginxβsame result.
https://t.co/iMP5a5lRIN
#phishing#cybersecurity#threatintel
β οΈ Phishing Alert: Fake @NavyFederal pages are targeting seniors, show a fake check to build trust and steal sensitive data.
Verify before you act.
#Phishing#CyberSecurity#ScamAlert
π¨ Beware of a New Instagram Impersonation Scam
Scammers copy photos from public profiles, create look-alike accounts (often adding β_β), and message friends or family asking for moneyβusing the correct local currency to appear real.