#phishing

New phishing campaign alert.

The Federal Bureau of Investigation warns criminals are impersonating city and county officials to request fraudulent zoning permit payments.

Attackers leverage public permit records to craft convincing emails.
Verify payment requests carefully.

Source: https://www.ic3.gov/PSA/2026/PSA260309

Follow @technadu for infosec updates.

#Infosec #Phishing #ScamAlert

⚠️ Attackers are hijacking Microsoft accounts without stealing passwords.

OAuth Device Code #phishing tricks users into approving logins on M365 pages, granting token-based access to corporate email and files.

How to defend against this breach vector👇
https://any.run/cybersecurity-blog/oauth-device-code-phishing/?utm_source=mastodon&utm_medium=post&utm_campaign=oauth_device_code_phishing&utm_term=100326&utm_content=linktoblog

#cybersecurity #infosec

Dutch intelligence agencies warn of a phishing campaign targeting Signal and WhatsApp accounts of government officials and military personnel.

Attackers impersonate support channels to obtain verification codes and hijack accounts.

https://www.technadu.com/russian-cybercriminals-target-signal-and-whatsapp-accounts-of-high-value-individuals-in-large-scale-phishing-operation/623040/

#infosec #phishing #signal #whatsapp #threatintel

Best Western Hotels: Weltweite Cyberangriffe auf touristische Buchungssysteme

Immer noch gibt es neue Berichte von Phishing-Nachrichten kurz nach Buchung bei Best Western Hotels. Ursache seien anhaltende Cyberangriffe.

https://www.heise.de/news/Best-Western-Hotels-Weltweite-Cyberangriffe-auf-touristische-Buchungssysteme-11205460.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Kriminalität #Cybercrime #IT #Phishing #Security #news

A researcher infiltrated phishing panels targeting European banks after analyzing a phishing email impersonating Argenta.
Weak IP-based auth and plaintext logs exposed attacker infrastructure.
Tools like Burp Suite helped access the panel and disrupt campaigns.
Phishing kits remain dangerously accessible.

Source: https://inti.io/p/how-i-infiltrated-phishing-panels

Follow TechNadu for infosec updates.

#Infosec #Phishing #ThreatIntel

An EU court adviser suggests banks should immediately refund phishing victims after unauthorized transactions are reported.

Under the EU Payment Services Directive, refunds should come first - unless there’s evidence of customer fraud.

https://www.technadu.com/immediate-restitution-for-phishing-victims-suggested-by-eu-court-of-justice-adviser-a-landmark-legal-opinion/622925/

Should banks bear greater responsibility for phishing losses?

#infosec #cybersecurity #phishing #fraud

Pivot across Mastodon instances via default trust and UI logic gaps. Zero complex exploits, pure OSINT and SE to target remote users. Elite vector for user acquisition in high-LTV fediverse niches. Read to harden trust boundaries or refine initial access. Offensive insights, defensive value.

#security #hacking #fediverse #mastodon #osint #phishing