A sophisticated phishing campaign targeting Microsoft Teams was identified using the Tycoon 2FA Phish-kit phishing-as-a-service (PhaaS) platform to steal session cookies and bypass two-factor authentication (2FA) protection. The victim is sent a link to a malicious phishing page.
The NJCCIC received reports involving elder fraud scams that reflect recent tactics observed by the FBI. The scammers typically employ a multi-layered approach, impersonating associates of a technology company, a financial institution, and US government officials.
Threat actors continue to target pension plans and use social engineering tactics to initiate contact and appear legitimate. They may contact their targets by email, phone, text message, social media, or online advertisements and falsely claim to offer a “free” review of their plan.
TA2725 is a financially motivated cyber threat actor that typically targets Latin America (LATAM) and some European countries. The group has its tactics and is now delivering Mispadu and Astaroth malware in phishing campaigns targeting the Garden State Network (GSN).
The NJCCIC recently received reports of cryptocurrency scams exploiting current events. Opportunistic cybercriminals are using the recent assassination attempt that targeted former President Donald Trump to lure unsuspecting victims into a new pig-butchering cryptocurrency scam.
In the early morning of Friday, July 19, a Windows update pushed by CrowdStrike to its customers contained a defect that caused widespread global IT outages. Cyber threat actors attempt to capitalize on this event in social engineering campaigns.
A new Linux variant of Play ransomware has been targeting VMWare ESXi environments. Businesses often use ESXi environments to run multiple virtual machines (VMs), typically hosting backup solutions, critical applications, and data storage.
CRYSTALRAY, a newly discovered threat actor, utilizes multiple open-source software (OSS) to grow its credential stealing and cryptomining operations. Researchers first identified this threat actor in February by tracking their use of the OSS SSH-Snake... Click to learn more.
Using social media or other messaging platforms, fraudsters posing as lawyers representing fictitious law firms may contact scam victims and offer their services, claiming to have the authorization to investigate fund recovery cases. Click to read more.
Threat actors are using phishing schemes to steal login credentials for initial access and the diversion of automated clearinghouse (ACH) payments to US controlled bank accounts. Healthcare organizations are attractive targets for threat actors due to multiple factors.
