It takes less than a minute for someone to fall for a phishing scam. According to the 2024 Data Breach Investigations Report, the median time for a recipient to click on a malicious link after opening the email is 21 seconds, followed by 28 seconds to enter the requested data.
Threat update
The threat actor TA558 is conducting a phishing campaign targeting various sectors in Latin America, intending to deploy the remote access tool known as Venom RAT. LBT Technology Group encourages organizations to follow the recommendations detailed in this Cybersecurity Threat Advisory to mitigate the potential risk of this campaign.
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.
A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security.
Hackers exploited a zero-day vulnerability in Salesforce's email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts.