🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

FCC and crypto firms are being hit in advanced phishing attacks using fake Okta logins

Techradar

Techradar · 1y ago

FCC and crypto firms are being hit in advanced phishing attacks using fake Okta logins

Security researchers have discovered a sophisticated phishing campaign targeting employees of the US Federal Communications Commission (FCC) and leading cryptocurrency exchanges, including Binance and Coinbase. The threat actor behind the campaign aims to obtain login credentials for Okta, a popular authentication platform. The attackers create fake landing pages that are nearly identical to the genuine ones and use phishing kit CryptoChameleon to engage with victims through emails, calls, and SMS messages. The campaign has successfully phished over 100 victims so far, with many still being targeted. The researchers believe the campaign is similar to the 2022 Oktapus campaign.

Related News

India tops global list for mobile malware attacks: report

Economic Times

Economic Times · 6m ago

India tops global list for mobile malware attacks: report

India has emerged as the global leader in mobile malware attacks, overtaking the United States and Canada, according to a report by Zscaler ThreatLabz. The report shows that India accounted for 28% of total mobile malware attacks, surpassing the US (27.3%) and Canada (15.9%). The rise in attacks highlights the urgent need for Indian enterprises to strengthen their cybersecurity measures. The financial sector in India is particularly vulnerable, with a 29% increase in banking malware attacks and a 111% rise in mobile spyware attacks. Phishing attacks targeting major Indian banks have also increased, with attackers using fake websites and SMS messages to deceive users into revealing sensitive information.

Account compromise of “unprecedented scale” uses everyday home devices

Arstechnica

Arstechnica · 1y ago

Account compromise of “unprecedented scale” uses everyday home devices

Okta has issued a warning about an ongoing campaign that uses fraudulent login requests to conceal malicious activity. The campaign involves routing login attempts through the mobile devices and browsers of everyday users, making it difficult to identify and combat the attacks. The attackers use various techniques, including the TOR network and proxy services, to mask their IP addresses. They then use these devices in credential-stuffing attacks, trying to gain unauthorized access to online accounts by using login credentials obtained from previous breaches. Okta advises users to be cautious when installing apps or enrolling in services and provides guidance for network administrators to protect against credential-stuffing attacks.

Tanla Platforms unveils AI-based anti-phishing chatbot to detect scam messages

Economic Times

Economic Times · 1y ago

Tanla Platforms unveils AI-based anti-phishing chatbot to detect scam messages

Indian CPAAS (communications platform as a service) provider, Tanla Platforms, has developed an anti-phishing chatbot using AI to detect fraudulent messages and scams. Phishing accounts for 65% of cyberattacks in India, with SMS being the main channel. The chatbot, called WiseATP Spotlight, operates on WhatsApp and utilises machine learning algorithms to investigate suspicious messages and provide a verdict on their legitimacy. Tanla's flagship platform, Wisely ATP, is already being used by major Indian banks and has successfully detected and blocked over 15 million scam attacks in real-time, safeguarding 4.2 million Indian citizens.

The evolution of phishing: vishing & quishing

Techradar

Techradar · 1y ago

The evolution of phishing: vishing & quishing

Phishing attacks have evolved with the rise of AI technology, with voice-based phishing attacks (known as vishing) becoming more prevalent. Attackers are using AI tools to impersonate voices and make targeted attacks more personalized and difficult to detect. Another emerging phishing technique is known as "quishing," where malicious links are hidden behind QR codes sent via email. To combat these evolving techniques, organizations need to adopt a zero-trust mentality and encourage employees to verify communication through alternative channels. A resilient cybersecurity culture and training staff to never implicitly trust information sources are crucial in protecting sensitive data.

AI-powered social engineering attacks are seeing a huge rise - and that's a major problem

Techradar

Techradar · 1y ago

AI-powered social engineering attacks are seeing a huge rise - and that's a major problem

Hackers are increasingly using generative AI tools in their attacks, leading to more successful phishing attempts, according to research by cybersecurity firm Darktrace. The study found that phishing attacks rose by 135% between January and February 2023, coinciding with the growth in popularity of chatbots. The use of generative AI tools has allowed hackers to create more sophisticated and convincing phishing emails, with a 35% increase in polished emails between September and December 2023. The research also highlights that organizations need to integrate AI into their defenses to combat the growing threat of AI-powered attacks.

SMBs are being targeted by this new phishing scam — make sure you don't fall victim

Techradar

Techradar · 1y ago

SMBs are being targeted by this new phishing scam — make sure you don't fall victim

Hackers are exploiting SendGrid, a popular email service provider, to conduct phishing campaigns targeting businesses. The attackers gained unauthorized access to client mailing lists and sent convincing phishing emails impersonating SendGrid. The emails instructed recipients to activate multi-factor authentication and included a link that led to a fake login page controlled by the hackers. This campaign is particularly dangerous as it bypasses traditional email security measures, making it difficult to detect. Kaspersky recommends training employees to recognize and prevent email-based attacks as an effective defense against phishing.

Ubuntu will manually review Snap Store after crypto wallet scams

Arstechnica

Arstechnica · 1y ago

Ubuntu will manually review Snap Store after crypto wallet scams

The Snap Store, which distributes containerized Snap apps for Ubuntu's Linux distribution, has been targeted by fake crypto wallet uploads aimed at stealing users' currencies. In response to the ongoing attacks, engineers at Ubuntu's parent firm, Canonical, are manually reviewing apps before they become available. The move follows reports by Alan Pope, a former Canonical/Ubuntu staffer, who highlighted how a user lost nine bitcoins by using a malicious "Exodus Wallet" app from the Snap store. Canonical is now implementing additional safety measures while also exploring ways to properly publish crypto wallets in the Snap store.

Are remote workers at greater risk of cybersecurity threats?

Techradar

Techradar · 1y ago

Are remote workers at greater risk of cybersecurity threats?

Remote and hybrid work models have become prevalent, but they also raise concerns about cybersecurity. Many employees rely on outdated methods for managing passwords, such as memorization, writing them down, or using spreadsheets. While unique passwords are common, there are still workers who reuse passwords across accounts, including work and personal ones. To protect against security vulnerabilities, remote workers should practice good cybersecurity habits like regularly updating software, using two-factor authentication, and being aware of phishing attacks. Employers should also provide training and guidelines to enhance cybersecurity measures.

How to stay safe from cybercriminal "quishing" attacks

Techradar

Techradar · 1y ago

How to stay safe from cybercriminal "quishing" attacks

Phishing attacks using QR codes, also known as "quishing," are gaining momentum as scammers aim to bypass multi-factor authentication (MFA). QR phishing takes advantage of users' trust and familiarity with QR codes, embedding malicious codes in seemingly legitimate emails. Scammers can then redirect users to phishing sites designed to steal business credentials and MFA tokens. The success of quishing lies in the less secure nature of mobile devices, difficulty in detecting malicious links behind QR codes, and effective social engineering techniques. Businesses need to implement stronger security measures, such as training employees to recognize these attacks, enforcing strict password policies, reducing MFA token expiration time, and implementing anomaly detection and extended detection and response (XDR) solutions for monitoring and rapid response.

OpenAI account compromised, hacker circulates fraudulent and fake crypto token posts on X | Mint

Livemint

Livemint · 9m ago

OpenAI account compromised, hacker circulates fraudulent and fake crypto token posts on X | Mint

OpenAI reported that one of its social media accounts was compromised by an unauthorized person who sent out posts promoting a fake crypto token. The hacked account saw fake posts for around an hour before being deleted. This comes after previous instances of OpenAI accounts being hijacked to post fraudulent crypto-related content. Additionally, OpenAI is planning to release "Strawberry," an AI model focused on reasoning, this month, as part of its ChatGPT service. This model is designed to think before responding, distinguishing it from other conversational AI systems.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

May 2025

GenAlpha masters STEM with Cinderella & Ganesha.

Bringing hope to life, one thought at a time.

PenseeWeb Studios

When Study Apps Failed, We Built Our Own System

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

'We are busy building Bhujia comp ...

JioBlackRock Broking receives SEB ...

Engineer or MBA? Narayana Murthy ...

Download the medial app to read full posts, comements and news.