Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scammers Can Use AI Tools to Pinpoint Your Location Based on a Photo

Scammers can use AI tools to find your location in photos you post to social media, according to researchers at McAfee. This information can then be used in targeted social engineering attacks. The researchers found that free AI models can correctly identify a photo’s location with around 90% accuracy.

How Threat Intelligence Automation Helps Security Teams Prioritize External Threats

Phishing sites now live for under 24 hours. By the time a manual review cycle completes, the credential harvesting is done. That window is why threat intelligence automation has moved from a nice-to-have to an operational necessity for security and fraud teams managing external threats. Threat intelligence automation solves the prioritization problem by enriching raw signals before they reach analysts.

The MemcycoFM Show: Ep26 - From Brand Impersonation to Account Takeover: The ATO Attack Chain

In the recently published blog from Memcyco titled "From Brand Impersonation to Account Takeover: The ATO Attack Chain" we discussed how brand impersonation attacks operate as a fast-moving sequence from lookalike domains and cloned pages to credential harvesting and account takeover, why traditional brand monitoring and domain takedown tools consistently miss the exposure window, and how real-time signal correlation can connect impersonation indicators directly to fraud and authentication workflows before the attack concludes.

Identity Verification Software: Why It Matters for Secure Digital Onboarding

As more financial services, lenders, fintech firms, and digital businesses move customer journeys online, identity verification has become a critical part of building trust. Customers expect fast onboarding, but organisations also need to prevent fraud, meet compliance obligations, and protect sensitive data. This is where identity verification software plays an important role. It helps businesses confirm that customers are who they claim to be while keeping the process efficient, secure, and user-friendly.

Behind the Fake Tax Notice - Part II: ValleyRAT Unmasked

In Part I of this series — “Behind the Fake Tax Notice” — the Foresiet Threat Intelligence Team mapped a multi-country, tax- and invoice-themed phishing network built around hxxps://adresesvip/. That infrastructure, hosted on Alibaba Cloud in Hong Kong, was used to target taxpayers across India, Germany, Malaysia and Japan. The first report documented the lure, the sender and the hosting, but left one question open: what does the campaign actually deliver?

How Brand Impersonation Leads to Account Takeover (ATO)

Brand impersonation and account takeover (ATO) are often treated as separate security problems. One is viewed as a phishing or brand abuse issue. The other is viewed as an authentication or fraud issue. Attackers often see them differently. Many ATO attacks begin long before a login attempt appears on a dashboard. They begin when a customer encounters a fake website, fraudulent search result, impersonating social media profile, cloned mobile app, or spoofed communication that appears legitimate.

Fake Tax Notice Phishing: How the Cross-Border Scam Network Operates

Foresiet identified adreses[.]vip as part of a localized phishing infrastructure cluster using tax, invoice, payroll, and document-download themes. The strongest evidence supports malicious phishing infrastructure and campaign-level clustering; named-actor elevation remains evidence-weighted and under active validation.

Candidate verification: Stop fraud before it enters your workforce

Sophisticated fraudsters are now targeting the recruiting process. Whether it's a "fake" candidate built on synthetic data, an interviewee hiding behind a deepfake, or a candidate getting a friend to take their technical test, hiring teams are facing a fraud crisis.