Silent Ransom Impersonates IT Support to Target Law Firms
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitiv...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1204 — User Execution (Execution)
Clear filter68 articles found
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Silent Ransom Group isn’t prolific, but it's demonstrated a knack for attacking the legal services sector with an extraordinary dual use of social engineerin...
Hackers are knocking on office doors pretending to be IT staff
The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ off...
FBI warns extortion hackers are visiting US law firms to steal data
In a public advisory issued Tuesday the FBI said a hacking group has targeted law firms using social engineering schemes to gain remote access to corporate s...
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing mal...
Formula 1 fans targeted by evolving scams, Bitdefender warns
Bitdefender's Fan Threat Index highlights four major threats targeting Formula 1 enthusiasts: counterfeit merchandise, fraudulent ticket sales, malicious str...
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
Russian Hackers Exploit RDP, VPNs, Supply Chains for Initial Access
Russian state-sponsored and aligned threat groups are increasingly combining Remote Desktop Protocol (RDP), Virtual Private Networks (VPNs), supply chain com...
Hackers Hide Malware in Nested macOS-Style Folders to Evade Scans
Hackers are increasingly adopting stealthy delivery techniques, and a newly uncovered spear-phishing campaign shows how nested macOS-like folder structures c...
The new economics of fraud: Cheaper, faster, more convincing
Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, accord...
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement
The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizatio...
Fake Microsoft Teams Downloads Spread ValleyRAT Malware
Hackers are actively distributing a sophisticated ValleyRAT malware variant through fake Microsoft Teams download pages, leveraging social engineering and mu...
Indian Student Data Weaponized in Phishing and Financial Fraud Campaigns
A growing trend in India where student data is increasingly being exploited for cybercrime activities, including phishing, impersonation, social engineering,...
Storm-2949 actor targets Microsoft 365 and Azure environments
Storm-2949 initiates attacks by targeting users with privileged roles, such as IT personnel or senior leadership, using social engineering tactics to obtain ...
Poland directs officials to cease Signal use amid cyberattack concerns
The cyberattacks did not compromise Signal's encryption but instead relied on social engineering and account takeover tactics.
SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain
A newly disclosed macOS infostealer campaign is exploiting user trust in some of the biggest names in tech to slip past defenses. Researchers at SentinelOne ...
Ukraine says Russia is deploying AI-powered malware on the battlefield
A new report from Ukraine’s National Security and Defense Council says Russia’s use of AI across cyber operations expanded dramatically over the past year, r...
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain
A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser d...
Breaking the Black Box: A Case Study in Red-Teaming a Government Education AI
In a new red-teaming exercise, social engineering moved to advanced tunneling attacks, revealing a critical lesson in today's AI security.
Beyond deepfakes: Building identity resilience against AI impersonation
Generative AI is changing the economics of identity fraud. Voice cloning, real-time face animation, synthetic documents, and AI-assisted social engineering a...