Cybercriminals are hijacking enterprise helpdesk workflows by impersonating IT staff on Microsoft Teams and exploiting Quick Assist. This investigative feature exposes their tactics, how they evade detection, and what organizations must do to protect themselves.
A new North Korean cyber campaign targets macOS users with a fake Zoom SDK update, using social engineering to bypass Apple security and steal credentials, crypto assets, and sensitive data. Microsoft and Apple have issued updates, but user vigilance is now the last line of defense.
#North Korean hackers | #social engineering | #macOS security
A new ransomware group, Payouts King, is leveraging social engineering and advanced encryption—tricks learned from the infamous BlackBasta crew—to escalate digital extortion. Discover how this threat operates and how to defend against it.
North Korea's Sapphire Sleet group is targeting macOS users with fake recruiter profiles and a social engineering technique known as ClickFix, tricking victims into running malicious scripts that steal sensitive data and crypto wallets. Microsoft and Apple are racing to counter this evolving threat.
QR code scams represent the latest evolution in digital fraud, shifting attacks from email to mobile and leveraging psychological tricks to steal data. Learn how these schemes work and why they’re so effective.
Attackers are bypassing multi-factor authentication by manipulating IT help desks, turning routine calls into full-scale SaaS data breaches. Learn how Okta vishing works and what organizations can do to defend their cloud assets.
North Korea’s APT37 hackers turned Facebook into a weapon, using friend requests and doctored software to deliver the powerful RokRAT malware through a cunning social engineering campaign.
APT37 is using Facebook and Telegram to lure defense sector targets into downloading trojanized software, enabling covert data theft via cloud services. Their evolving tactics blend social engineering with technical stealth, making detection harder than ever.
APT37’s new cyber-espionage campaign uses Facebook, Telegram, and a trojanized PDF installer to steal sensitive data from defense targets. The operation combines social engineering with advanced, fileless malware and cloud-based command-and-control, highlighting the evolving sophistication of North Korean cyber threats.
UNC6783 hackers are infiltrating major companies by targeting business partners and support teams, using fake Okta pages and psychological tricks to bypass security. Experts warn this strategy marks a dangerous evolution in cybercrime.