Topic: social engineering
-
M&S hit by ransomware attack due to social engineering
M&S suffered a ransomware attack after cybercriminals used social engineering to impersonate an employee, gaining access via a third-party provider and deploying DragonForce ransomware. The attack involved detailed impersonation tactics, potentially facilitated by Tata Consultancy Services, and e...
Read More » -
Russian Hackers Bypass Two-Factor Authentication in New Attack
Russian hackers bypassed two-factor authentication (2FA) using social engineering, exploiting legitimate account features like Gmail's "app password" to target high-profile individuals. A British researcher, Keir Giles, was tricked by hackers posing as U.S. officials, who used forged documents an...
Read More » -
ClickFix Exploits MHSTA to Evade Security for Infostealers
ClickFix is a growing social engineering tactic that tricks users into executing harmful commands by pretending to fix system issues, often through deceptive pop-ups. ClickFix has driven a 10% increase in drive-by compromises and is now the second most common evasion technique, often exploiting t...
Read More » -
Microsoft Defender Stops Email Bombing Attacks in Office 365
Microsoft Defender for Office 365 now includes automatic detection and blocking of email bombing attacks, protecting organizational inboxes without requiring manual setup. The new 'Mail Bombing' feature, fully deployed by July 2025, diverts suspicious emails to Junk and allows monitoring via Thre...
Read More »
