Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

tanium

CTI Roundup: SystemBC, ShinyHunters, AI-obfuscated Phishing

Oct 1, 2025 By Tanium In Tanium
This week, Tanium’s Cyber Threat Intelligence (CTI) team investigates SystemBC, a large-scale proxy botnet that’s leveraging compromised virtual private server (VPS) infrastructure to support cybercriminal operations, including ransomware and credential theft. Next, the team looks at ShinyHunters—a financially motivated data extortion group that’s now targeting enterprise cloud applications.
Read Post
Trustwave

From Folding to Folded: Hacking High Volume Mailer Machines

Sep 30, 2025 By John Jackson In Trustwave
The Quadient DS-700iQ is a high-volume folder-inserter machine designed for automating the process of assembling, folding, and inserting mail into envelopes for large mailing operations. It features a modular design that can handle complex mailing jobs, supports multiple feeders and enclosures, and offers integration with barcode/OMR/2D scanning for document integrity and sorting.
Read Post
knowbe4

The 3 Biggest Email Security Challenges Facing Legal Organizations

Sep 30, 2025 By KnowBe4 Team In KnowBe4
Law firms really are under constant pressure to meet tight deadlines, maintain client confidentiality and protect privileged communications. And like most aspects of life with technology so deeply intertwined, the same tools that make work possible can also be significant sources of risk. Consider something as basic as email; likely the most commonly used tool in the profession.
Read Post
Spotting "Instant Loan" Phishing and Taking Campaigns Down

Spotting "Instant Loan" Phishing and Taking Campaigns Down

Sep 29, 2025 By SecuritySenses In SecuritySenses
While instant loans promise quick cash for emergencies, they also come with risks of scams. Phishing campaigns, deceptive emails, and fake apps target users who need fast financial solutions, steal data, or demand fees. The latest FTC report shows $12.5 billion in fraud losses across all categories in 2024, with loan scams being a rising threat. By knowing red flags in loan-bait emails, you can stop phishing campaigns and protect your personal or business information and finances. Let's find out how to identify a fake loan app, loan offer, or phishing email.
Read Post
Preventing Data Breaches: Essential Steps Your Business Needs Today

Preventing Data Breaches: Essential Steps Your Business Needs Today

Sep 26, 2025 By SecuritySenses In SecuritySenses
The average total cost of a data breach is now $3.86 million, making prevention a top priority for businesses of every size. Yet most organizations still struggle to stay ahead. Studies reveal that it takes nearly 280 days on average to identify and contain a breach, and the shift to remote work has only made matters worse. More than three quarters of companies report longer detection and containment times, adding an estimated $137,000 to the cost of each incident.
Read Post
knowbe4

Attackers Abuse Google's AppSheet to Send Phishing Emails

Sep 23, 2025 By KnowBe4 Team In KnowBe4
Hackread reports that attackers are abusing Google’s AppSheet platform to send phishing emails. The campaign was spotted by researchers at Raven, who warn that attackers are sending messages that impersonate AppSheet, informing users of phony trademark violations. Notably, the emails are sent from AppSheet’s legitimate infrastructure, making them more likely to bypass security controls and appear legitimate to human recipients.
Read Post
knowbe4

AI-Assisted Phishing Attacks Are an Increasingly Serious Threat

Sep 18, 2025 By KnowBe4 Team In KnowBe4
AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at USIA. In an article for CBIA, Weidman explains that attackers can use AI tools to craft targeted, convincing phishing messages that are almost indistinguishable from the real thing.
Read Post
foresiet

RaccoonO365 Domain Takedown: Microsoft and Cloudflare Dismantle Global Phishing Network

Sep 17, 2025 By Foresiet In Foresiet
The cybercrime world took a major hit this month with the RaccoonO365 domain takedown, a coordinated move by Microsoft’s Digital Crimes Unit (DCU) and Cloudflare. By seizing 338 malicious domains, investigators disrupted a sprawling phishing-as-a-service ( PhaaS) network that had stolen more than 5,000 Microsoft 365 credentials across 94 countries. This action signals a shift toward large-scale, proactive disruption of phishing operations that exploit everyday users and global enterprises alike.
Read Post
knowbe4

Report: AI-Powered Phishing Fuels Ransomware Losses

Sep 12, 2025 By KnowBe4 Team In KnowBe4
AI-powered social engineering attacks are significantly more successful than traditional attacks, according to a new report from cyber risk management firm Resilience. The researchers state, “Social engineering attacks fueled 88% of material losses, with AI-powered phishing achieving a 54% success rate compared to just 12% for traditional attempts.” AI allows attackers to easily craft sophisticated phishing emails, as well as voice and video deepfakes.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.