🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥
✕
Login
Home
News
Messages
Startup Showcase
Trackers
Premium
Premium Content
Jobs
Notifications
Settings
Try our Valuation Calculator →
Log In
News on Medial
LastPass users targeted in phishing attacks good enough to trick even the savvy
Arstechnica
·
1y ago
Medial
A recent phishing campaign targeted LastPass users by using a combination of emails, SMS, and voice calls to trick them into revealing their master passwords, according to company officials. The attackers used an advanced phishing-as-a-service kit called CryptoChameleon, which includes high-quality URLs, counterfeit sign-on pages, and real-time communications options. LastPass was one of several sensitive services targeted by CryptoChameleon. LastPass users were instructed to press a number to allow or block access to their account, then received a follow-up call from a spoofed number posing as a LastPass employee. The attackers attempted to steal user credentials and take control of the account. This is not the first time LastPass has been targeted, as previous attacks have resulted in data breaches and unauthorized access to user vaults. To protect themselves, users should be cautious of incoming phone calls and always contact the service directly using official contact information.
View Source
Related News
Novel technique allows malicious apps to escape iOS and Android guardrails
Arstechnica
·
10m ago
Medial
Phishing campaigns are now using a new method to trick iOS and Android users into installing malicious apps that bypass the safety measures put in place by Apple and Google. The attackers are able to install a phishing application without the user having to allow third-party app installation. The technique involves enticing users to install a Progressive Web App (PWA) that looks like an official banking app. Once installed, the malicious app steals account credentials and sends them to the attackers in real time. This method has been observed in attacks against banks in Czechia, Hungary, and Georgia.
View Source
The evolution of phishing: vishing & quishing
Techradar
·
1y ago
Medial
Phishing attacks have evolved with the rise of AI technology, with voice-based phishing attacks (known as vishing) becoming more prevalent. Attackers are using AI tools to impersonate voices and make targeted attacks more personalized and difficult to detect. Another emerging phishing technique is known as "quishing," where malicious links are hidden behind QR codes sent via email. To combat these evolving techniques, organizations need to adopt a zero-trust mentality and encourage employees to verify communication through alternative channels. A resilient cybersecurity culture and training staff to never implicitly trust information sources are crucial in protecting sensitive data.
View Source
Phishing attacks on Apple Mac OS and iOS up by 9% in 2019: Kaspersky Report
Livemint
·
8m ago
Medial
Reports indicate a rise in phishing attacks targeting Apple devices, with 1.6 million attacks recorded in the first half of 2019. While Apple's MacOS and iOS platforms have historically experienced fewer malicious attacks compared to Windows and Android, cybercriminals are increasingly turning to phishing as it is platform agnostic and more effective. One popular phishing scheme mimics the iCloud interface, tricking users into revealing their Apple ID credentials. Users are urged to be cautious of suspicious emails and refrain from clicking on unverified links.
View Source
5 charged in “Scattered Spider,” one of the most profitable phishing scams ever
Arstechnica
·
6m ago
Medial
Federal prosecutors have charged five men for running a phishing scheme that compromised hundreds of companies, stole non-public information, and millions of dollars in cryptocurrency. The group, known as Scattered Spider, was responsible for a major breach at MGM that cost the company $100 million. They also hacked into the network of authentication provider Twilio, giving them access to other targeted companies. The phishing attacks were sophisticated and difficult to detect. The defendants face multiple charges and could face up to 20 years in prison if convicted. This case highlights the increasing sophistication of phishing and hacking attacks.
View Source
There's a new scam targeting iPhone owners with a barrage of notifications
Business Insider
·
1y ago
Medial
In a new phishing scam targeting Apple users, some iPhone owners have received repeated notifications to allow a reset of their Apple ID password. The attack, known as "MFA bombing," uses Apple device notifications to prompt users, preventing them from using their phone until they deny or accept the request. The scammers even went further by making spoofed calls from the Apple Support phone number to trick users into resetting their passwords. Apple has acknowledged the issue and advises customers not to provide personal information and to report any suspicious messages or calls.
View Source
Gmail users targeted by AI-driven phishing attacks
Economic Times
·
9m ago
Medial
Google's efforts to combat sophisticated scams that imitate legitimate support services are facing challenges in protecting Gmail users from phishing threats. One user, Sam Mitrovic, fell victim to an AI scam call that attempted to trick him into revealing sensitive information. Similar phishing tactics involve fake emails or notifications asking users to confirm account recovery or password reset requests. Another user, Garry Tan, reported a phishing scam involving a Google support person fabricating a scenario about a family member trying to access his account. Google is working with anti-scam alliances to address these challenges.
View Source
Apple users targeted in phishing attack: How to protect your iPhone
Livemint
·
1y ago
Medial
Apple users are facing a phishing attack that exploits the password reset system, bombarding their devices with notifications or multi-factor authentication messages. The attack aims to trick users into authorizing a password change request, giving the attackers control of the Apple ID. The onslaught of notifications renders the devices unusable until each alert is dismissed. Attackers are even attempting to coerce victims into divulging one-time passwords sent to their phone numbers. Users are advised to be cautious and not approve suspicious password change requests, and to be wary of unsolicited calls requesting password reset codes.
View Source
How to stay safe from cybercriminal "quishing" attacks
Techradar
·
1y ago
Medial
Phishing attacks using QR codes, also known as "quishing," are gaining momentum as scammers aim to bypass multi-factor authentication (MFA). QR phishing takes advantage of users' trust and familiarity with QR codes, embedding malicious codes in seemingly legitimate emails. Scammers can then redirect users to phishing sites designed to steal business credentials and MFA tokens. The success of quishing lies in the less secure nature of mobile devices, difficulty in detecting malicious links behind QR codes, and effective social engineering techniques. Businesses need to implement stronger security measures, such as training employees to recognize these attacks, enforcing strict password policies, reducing MFA token expiration time, and implementing anomaly detection and extended detection and response (XDR) solutions for monitoring and rapid response.
View Source
“MFA Fatigue” attack targets iPhone owners with endless password reset prompts
Arstechnica
·
1y ago
Medial
Phishing attacks are exploiting human weaknesses by bombarding Apple users with multifactor authentication (MFA) prompts that cannot be skipped. Known as MFA fatigue attacks, this technique involves overwhelming users with repeated prompts, forcing them to either click "Allow" without thinking or accidentally click the wrong option. Both state-sponsored threat actor Fancy Bear and a group called Lapsus$ have successfully used this tactic. The attacks also involve spoofed Apple support calls. The vulnerability highlights the need for rate limiting or access control in Apple's password-reset system. FIDO-compliant MFA is immune to such attacks.
View Source
Not due to phishing: WazirX Co-founder Nischal on hackers stealing ₹1,965 crore
Twitter
·
11m ago
Medial
WazirX Co-founder Nischal Shetty clarified that the platform didn't lose ₹1,965 crore to hackers due to a phishing link. "We are certain that hardware keys of any of the 3 WazirX wallets were NOT compromised," he explained. Phishing is a type of cyberattack in which attackers use emails or texts to trick people into sharing sensitive data or downloading malware.
View Source
Trackers
Active Indian VC’s
OG Capital
Email
With a hands-on approach, OG Capital aims to invest in over 20 promising...
Accel Partners
Email
Early and growth-stage investments in disruptive technology companies with...
Blume
Email
Early-stage venture capital firm investing in technology startups in India. Focus on...
Access All Trackers
Startup Showcase Winners
June 2025
Buddy
Helping your parents when you are miles away
BiteStop
The Pit Stop Your Cravings Deserve
Bloomer
The next generation E-commerce platform
Enter Ongoing Startup Showcase
Top Users
Trending News on Medial
Download the medial app to read full posts, comements and news.
Go to Medial App
Not Now
Know everything that’s happening in the startup ecosystem, first.
Enable Notifications?
No, thanks
Count me in
