Social media has overtaken email as the primary channel for online scams in the UK, accounting for 34% of reported incidents according to recent research. This shift highlights growing concerns over fraudulent content on platforms such as Facebook and Instagram, particularly in finance-related advertising. A new analysis by BrokerChooser examined over 1,200 active finance-related ads in the Meta Ads Library to assess exposure to high-risk promotions across multiple countries. The study classi
phishing (161)
A new analysis by researchers at CyberArk has detailed a significant research effort revealing operational details of a StealC malware operator by exploiting a vulnerability in the malware's leaked web panel. The recent findings demonstrate how poor security practices within criminal infrastructure can be turned against threat actors. StealC is information-stealing malware operating under a Malware-as-a-Service (MaaS) model since early 2023. It enables customers to steal passwords, session co
Securonix threat researchers have been tracking a stealthy campaign targeting the hospitality sector that uses click-fix social engineering, fake captchas, and fake blue screens of death to trick users into pasting malicious code. It leverages a trusted MSBuid.exe tool to bypass defenses and deploys a stealthy, Russian-linked DCRat payload for full remote access and the ability to drop secondary payloads.[1]
An ongoing malware campaign tracked as PHALT#BLYX has been identified as a multi-stage
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associat
New England is known for lobster. But lately, it is known for the lobsters that went missing. Thieves allegedly stole a truckload of lobster valued at $400,000 from a Massachusetts facility earlier in December. The scheme was complex, according to Dylan Rexing, chief executive of Rexing Companies, the logistics firm that was coordinating the shipment.
The first part allegedly involved a phishing scam, and not of the seafood kind. According to Rexing, a culprit ever-so-slightly altered the em
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
In the modern digital ecosystem, subscribing to a calendar series has become a routine convenience. Whether it is a retailer sharing dates for upcoming sales, a sports association like FIFA publishing match schedules, or a government body listing public holidays, the standard ‘ICS’ web calendar format, also known as iCalendars, allows third parties to integrate events directly into a user’s device. A new report indicates that this functionality is being weaponized by cybercriminals to distribu
The automobile dealership sector continues to evolve digitally with connected vehicles, cloud-based dealership management systems (DMS), online financing, and electronic sales workflows. But the newly released CDK State of Dealership Cybersecurity 2025 report shows a sector still struggling to keep pace with threat actors who increasingly target these high-value, high-data retail environments. Despite gains in awareness and investment, dealerships face widening gaps in employee readiness, thir
If you manage Facebook advertising for a small or medium-sized business, open your inbox with suspicion, because attackers have been sending highly convincing invites that appear to come straight from Meta.
Researchers at Check Point found that the attackers used Facebook Business pages and the platform’s invitation feature to send messages that appear to come from the real @facebookmail.com domain, making them much harder to spot with automated filters and human instincts alike.[1]
The campaign
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. (including all significant vessel keys words). Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observe
A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. "The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents," Aryaka Threat Research Labs researchers Aditya K Sood and Varadharajan K said in a report shared with The Hacker News. "When opened,
Professionals have ignored cybersecurity on their phones. Instead of compensating for that, organizations are falling into the very same trap, even though available security options could cut smishing success and breaches in half. Enterprise cybersecurity risks from employees using their personal phones for work are rising, but companies aren't adopting solutions quickly enough to account for them. The data collected in Verizon Business' 2025 Mobile Security Index (MSI) paints a clear picture
Microsoft’s Digital Defense Report 2025[1] warns of a marked increase in identity-based attacks, driven in part by the growing use of artificial intelligence to craft convincing social engineering lures. The company says its systems analyze more than 100 trillion security signals every day and that identity attacks rose 32% in the first half of 2025 compared with the previous period.[2]
Microsoft emphasizes that password attacks remain the primary vector: more than 97% of observed identity-base
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
WhatsApp has become one of the most popular applications, with over 2 billion users using it for communication with friends and family. Unfortunately, this makes WhatsApp an easy target for cybercriminals to exploit unsuspecting individuals. Since the app is used for friendly methods, many assume that contact via WhatsApp can be trusted. It cannot, and users must be cautious.[1]
Threat actors have elevated their tactics from the traditional style of email phishing to utilizing WhatsApp. They app
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated
FortiGuard Labs recently identified a phishing campaign leveraging carefully crafted emails to deliver malicious URLs linked to convincing phishing pages. These pages are designed to entice recipients into downloading JavaScript files that act as droppers for UpCrypter Malware that ultimately deploys various remote access tools (RATs).
The attack chain begins with a small, obfuscated script that redirects victims to a spoofed site personalized with the target’s email domain, enhancing credibili
Remote Access Trojans, also known as RATs, have been around for years, although their prevalence in the market has surged recently. RATs are digital skeleton keys, giving an attacker remote control over a system, often without the user ever knowing. This kind of access often starts with someone clicking a malicious link or opening a rogue attachment in a phishing email or messaging app. From there, the attacker can move laterally, steal data, monitor activity, or trigger ransomware.
RATs have
The legal market segment has been a prime target for cybercriminals due to the highly sensitive and confidential data it holds. A recent report from the International Legal Technology Association (ILTA) and Fenix24, "Security at Issue: State of Cybersecurity in Law Firms," reveals a crucial shift in the threat landscape. The report, based on a survey of 60 law firms, indicates that while awareness and investment are rising, fundamental vulnerabilities persist, and human-operated attacks are no
In early July 2025, a new DarkCloud campaign was observed in the wild by Fortinet’s FortiGuard Labs team. It began with a phishing email containing an attached RAR archive. Fortinet subsequently investigated this campaign and conducted a step-by-step analysis. DarkCloud is a known stealthy Windows-based information-stealer malware that was first identified in 2022. It is designed to steal sensitive information from the victim’s computer, including saved login credentials, financial data, conta
