Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat Intelligence Group. After gaining access, the attackers exfiltrate the victim’s data and hold it for ransom.

Researchers at Trellix warn of a spear-phishing campaign that’s targeting CFOs around the world with phony employment offers. The emails are designed to deliver a legitimate remote access tool that will give the attacker a foothold on the victim’s machine.

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish). They quickly identified it as a social engineering attack and shared it on our internal communication channel for sharing such things. I have had more and more of these types of similar smishes occurring over the last few months. It is an attempt to trick someone into worrying that their Gemini, Gmail, Microsoft, Instagram…or whatever account…is in the middle of being compromised and you need to react NOW! NOW!

When it comes to cybersecurity, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error remains a leading cause of data breaches and security incidents. Industry studies consistently show that between 70% and 90% of data breaches involve some form of human-related cause—whether through social engineering, errors, or misuse.

The FBI is warning that the Silent Ransom Group (SRG) is targeting law firms with IT-themed social engineering attacks and callback phishing emails. SRG is a cybercriminal gang that demands ransoms in exchange for not leaking stolen data. “SRG has been operating since 2022 and has primarily been known for their callback phishing emails, masquerading as well-known businesses who offer subscription plans,” the FBI explains.

A phishing campaign is targeting European countries with lures themed around copyright infringement, researchers at Cybereason warn. The phishing emails are designed to deliver the Rhadamanthys infostealer malware. “These campaigns often involve emails impersonating companies and their legal departments, falsely claiming recipients have violated copyright on social media or elsewhere and demanding content removal,” the researchers write.

Researchers at Certo warn that a new AI chatbot called “Veniceai” can allow cybercriminals to easily generate phishing messages or malware code. The tool, which only costs $18 per month, is growing in popularity on criminal forums. “One of the starkest contrasts between Veniceai and more mainstream AI systems like ChatGPT is how each responds to harmful or malicious requests,” Certo says.

Last year, KnowBe4's report "Exponential Growth in Cyber Attacks Against Higher Education Institutions" illustrated the growing cyber threats facing universities and colleges. The report highlighted the perfect storm of factors making educational institutions prime targets: vast data repositories, open networks, limited security resources, and decentralized governance structures.

Researchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing. IBM has observed seventeen waves of the campaign since March 2024, and at least 160,000 victims have clicked on the phishing link. “The phishing emails inform recipients that their Amazon Prime subscription will automatically renew at a cost of 480 Euros per year,” IBM explains.

You know what's interesting about data breaches? Everyone focuses on credit card numbers and financial data, but the reality is that every piece of information has value to someone. The Legal Aid breach perfectly illustrates this point, with over two million pieces of information accessed including details about domestic abuse victims, family cases, and criminal proceedings.