FILTERED

20+ entries
  • BleepingComputer

    ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit

    A new phishing-as-a-service (PhaaS) platform dubbed "ARToken" appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed to compromise Microsoft 365. [...]

    Phishing
  • BleepingComputer

    Webinar: Why traditional email security is no longer enough

    Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them harder for traditional email defenses to detect. This webinar explores how behavioral AI can help organizations automate detection and response. [...]

    Phishing
    Vulnerability
  • BleepingComputer

    FBI: Russian hackers now target Signal backup recovery keys

    The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims' historical messages. [...]

    Phishing
    USA
  • BleepingComputer

    Order-tracking app Shop abused to push callback phishing attacks

    Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software. [...]

    Phishing
  • BleepingComputer

    Securing the service desk: Why social engineering attacks keep succeeding

    Service desks have become a favored target for attackers seeking password resets, MFA changes, and access to corporate accounts. Specops Software breaks down how service desk social engineering attacks work and how organizations can defend against them. [...]

    Phishing
  • BleepingComputer

    Webinar: Why email security teams are drowning in alerts

    Phishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can help automate detection and response workflows, reducing alert fatigue and improving operational efficiency. [...]

    Phishing
  • BleepingComputer

    Webinar: How attackers bypass MFA and how defenders can respond

    Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate response workflows. [...]

    Phishing
  • BleepingComputer

    Why Account Takeovers Are Rising and How to Stop Them

    Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help reduce account takeover risk. [...]

    Phishing
  • BleepingComputer

    Webinar: How behavioral AI stops phishing and account takeovers

    Modern phishing, BEC, and account takeover attacks increasingly bypass traditional email defenses and create operational strain for security teams. This webinar explores how behavioral AI can help automate detection, investigation, and remediation to reduce alert fatigue and accelerate response times. [...]

    Phishing
  • BleepingComputer

    FBI disrupts massive AI-powered phishing service using a million URLs

    In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. [...]

    Phishing
    USA
  • BleepingComputer

    The 5 Best Practices for Secure Identity Verification

    Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down five best practices for stronger identity verification and access security. [...]

    Phishing
  • BleepingComputer

    What 2026 DBIR Confirms: Attacks Are Living in the Browser

    Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and modern attacks. [...]

    Phishing
  • BleepingComputer

    FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

    The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]

    Phishing
    USA