Beware Of Malicious PDF Files That Mimic As Microsoft 2FA Security Update

Phishing attacks are evolving to use QR codes to trick users into entering their credentials on malicious websites, which can be designed to look like legitimate login pages and may even prefill the username field to increase believability. 

The FIA has been hacked after workers fell for a phishing attack | TechRadar

In a short press release, the FIA confirmed recent phishing attacks resulted in “unauthorized access to personal data contained in two email accounts belonging to the FIA.”

Hackers Using Weaponized Docs In QR Code Phishing Attacks

Threat actors embed malicious QR codes in emails, documents, and public places, using them to mask destinations. 

The biggest data breaches in 2024: 1B stolen records and rising | TechCrunch

These breaches not only affect the individuals whose data was irretrievably exposed, but also embolden the criminals who profit from their malicious cyberattacks.

From Phish to Phish Phishing: How Email Scams Got Smart – Check Point Blog

In short, malicious emails will become easier to create and more difficult to stop.

Why are cyberattacks increasingly targeting health care?

Why hospitals? It’s likely because of the massive databases of sensitive personal information they operate, and the importance of daily operations running smoothly.

Ransomware attacks targeting hospitals, putting lives at risk

Cyberattacks have played havoc with the bottom lines of companies all over the world. They’re also starting to kill people.

Disruptions at Many Car Dealerships Continue as CDK Hack Worsens – SecurityWeek

Dealerships use CDK products to sell cars and car parts, as well as for a wide range of other operations, and the cyberattack has caused significant disruptions for many companies. While some have resorted to pen and paper, others said they were forced to halt most of their operations. 

New York Post: Cyber experts warn of new Chrome, Microsoft money stealing malware

Often, a pretend update prompt will pop up on Google Chrome through a “compromised website” with a clipboard message to “copy the code” provided. It then instructs personal computer owners to open PowerShell — a Microsoft program for scripts — and self-paste in the malware.

Hackers are hijacking Windows Search to hit victims with malware | TechRadar

The attack starts with a phishing email pretending to be an invoice, or something similar. It carries a .ZIP archive of an HTML file, and thus successfully bypasses antivirus and email security programs that overlook compressed contents.