The criminals make contact with their targets via email, and for this, they register new accounts with different consumer email providers, and they use email addresses or alias designed to look like a legitimate person.
The Russian Gamaredon actor has been found using the GammaLoad.PS1 delivery chain against Ukrainian entities to steal files and credentials. The attacker group was recently linked to a similar series of social engineering attacks.
BharatPay, an Indian finance service, leaked PII and sensitive financial data of users. Researchers found that transaction data and API keys of online bill payment facilitators such as Patchway Recharge and Mr. Robotics were also exposed.
Microsoft has reportedly dismantled phishing operations by a highly persistent threat actor. Researchers have spotted SEABORGIUM intrusions that abuse OneDrive to host PDF files that contain a link to the malicious URL.
A macOS bug in its software update system could allow attackers to access all files on Mac devices. A generic process injection vulnerability can be used to escape the sandbox, elevate privileges to root and to bypass SIP’s filesystem restrictions.