Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ChatGPT subscription was declined, inviting them to click a link in order to update their payment method. The phishing emails appear fairly convincing, but trained users could spot some red flags. The most obvious giveaway is that the emails were sent from “info@mtacom,” which is clearly unrelated to OpenAI.

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm. “Unlike traditional phishing scams that rely on deceptively crafted emails and malicious links, these incidents use genuine DocuSign accounts and templates to impersonate reputable companies, catching users and security tools off guard,” Wallarm says.

This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. Retailer databases are chock-full of information that makes them highly attractive targets for ransomware gangs, as highlighted by Trustwave SpiderLabs in its recent 2024 Trustwave Risk Radar Report: Retail Sector.

Remote Browser Isolation (RBI) is a cybersecurity solution that significantly reduces cyber threats by allowing you to browse the internet on an isolated server. Also referred to as browser isolation, RBI effectively separates web content from your device, significantly reducing the attack surface. By implementing an RBI solution, your organization can protect users against online threats, block malicious content from reaching computers and support Zero Trust Network Access (ZTNA).

Yes, someone can steal your identity with your government-issued ID or driver’s license. Any documents that contain Personally Identifiable Information (PII) – including your full name, home address, date of birth, photo or even your signature – can be used to steal your identity and target you with phishing scams. Continue reading to learn what someone can do with your ID, how to tell if someone is using your ID, what to do if your ID is lost or stolen and how to keep your ID safe.

As hybrid work becomes the norm, it’s clear that traditional virtual private networks (VPNs) and network access control (NAC) solutions are falling short. Once the gold standard for secure remote access, VPNs now pose more problems than solutions—think slow performance, security risks, and complex operations.

Due to their numerous components and dependencies, web applications often have multiple vulnerabilities—many of them unknown and susceptible to zero-day attacks—that can be exploited by malicious HTTP requests. Determining whether a vulnerability exists is challenging without visibility into an application’s real-time data and event flows, which isn’t possible with existing firewall-based solutions.

Runtime security in multi-cloud environments encompasses the continuous monitoring and protection of cloud-based resources during their active operation. Unlike traditional security approaches that focus on static configurations or pre-deployment checks, runtime security emphasizes: This approach ensures that potential risks are identified and mitigated in real-time, providing an additional layer of protection against both known and emerging threats in complex multi-cloud setups.

Read also: German police bust Dstat.cc DDoS platform, the alleged Snowflake hacker arrested in Canada, and more.

This Cyber Security Awareness month, we’re thrilled to launch The 403 Circle, our new community-driven approach to building a safer world. It isn’t for everyone, but it might be for you. We are surrounded by an overwhelming trove of information, from AI chatbots and mile-long whitepapers to social networks or ‘communities’ that treat you like a product—to acquire, upsell, and renew contracts. At Astra, we strive to simplify proactive security.