Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: Two crypto thieves arrested in the US, the creator of the Skynet Dark Web market sentenced, and more.

Phishing campaign leverages HTTP headers for credential theft, Scattered Spider targets cloud accounts, and UNC2970 exploits victims looking for jobs.

A phishing campaign is targeting GitHub users with phony CAPTCHA pages, according to researchers at McAfee. The phishing emails ask users to address a security vulnerability in a GitHub repository that they recently contributed to, and contain a link to find more information about the alleged vulnerability. This link leads to a fake CAPTCHA page that attempts to trick them into installing malware.

HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ blog discussed its use in distributing malware by storing binaries in immutable blob data within JavaScript code that gets decoded on the client-side browser, eventually delivering the payload.

New analysis of attacks on the financial sector shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat. According to IBM, financial services is the second most expensive sector with an average cost of a data breach at $6.1 million.

Amid the numerous instruments that have augmented our digital communication and commerce experiences over time, email remains a staple for everything, from confirming purchases to life-changing events like the authorization of financial aid. It comes as no surprise that email scams have been a mainstay of cyberattacks since the earliest days of online correspondence. Worse yet, their scope and sophistication have kept pace with and taken liberal advantage of general digital developments.

Phishing-as-a-Service (PaaS) platforms have become the go-to tool for cybercriminals, to launch sophisticated phishing campaigns targeting the general public and businesses, especially in the financial services sector. PaaS operates much like other subscription-based malware models, where cybercriminals offer phishing kits, including spam tools, phishing pages’ templates, bulletproof servers, and victim databases to less-experienced attackers.

Researchers at Barracuda have observed an increase in phishing attacks that abuse popular content creation and collaboration platforms. These include online graphic design platforms and document-sharing services widely used by educational institutions and businesses. “The analysts found that attackers are sending out emails from these platforms, featuring legitimate-looking posts, designs, and documents, but with embedded phishing links,” the researchers write.

A reminder to read your emails with a critical eye.

Read also: A massive botnet that infected over 200K devices worldwide disrupted, a Chinese man charged for phishing attacks on NASA, and more.