New downgrade attack can bypass FIDO auth in Microsoft Entra ID
https://www.bleepingcomputer.com/news/security/new-downgrade-attack-can-bypass-fido-auth-in-microsoft-entra-id/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Account_Takeover #AiTM #FIDO #Microsoft_Entra_ID #Phishing #Session #virus_removal #malware_removal #computer_help #technical_support

I've just received this #Email #Spam posing as #Cloudflare.

Don't reply or click anything in it. I'm only a free account so I can't email their support directly about this.

But please reshare for awareness.

Thanks.

New Multi-Stage Tycoon2FA Phishing Attack Now Beats Top Security Systems https://cybersecuritynews.com/new-multi-stage-tycoon2fa-phishing-attack/ #CyberAttackArticle #CyberSecurityNews #cybersecuritynews #CyberSecurity #cybersecurity #Phishing #ANY.RUN

Proof Point: Don’t Phish-let Me Down: FIDO Authentication Downgrade https://www.proofpoint.com/us/blog/threat-insight/dont-phish-let-me-down-fido-authentication-downgrade #cybersecurity #infosec #phishing

Kaspersky: New trends in phishing and scams: how AI and social media are changing the game https://securelist.com/new-phishing-and-scam-trends-in-2025/117217/ @Kaspersky #cybersecurity #infosec #phishing #scam #AI #socialmedia

Cofense: Personalization in Phishing: Advanced Tactics for Malware Delivery https://cofense.com/blog/personalization-in-phishing-advanced-tactics-for-malware-delivery #cybersecurity #infosec #phishing #malware

Abnormal Security: IBM Data Breach Report 2025: The Soaring Cost of Email Attacks https://abnormal.ai/blog/ibm-cost-of-a-data-breach-2025 #cybersecurity #Infoec #phishing

#DefCon33: So einfach wird Microsofts Login-Seite zum #Phishing-Service | iX Magazin https://www.heise.de/news/Def-Con-34-Phishing-as-a-Service-mit-Microsoft-10518817.html #Microsoft #DEFCON

Scammers DO take vacations. Lots of them. These are social media from VexTrio key figures - tons more where these came from.

Don't blame the victim, blame the guy on a private jet to a Coldplay concert. fr fr.

Possible Phishing
on: hxxps[:]//enlineaaaaa33[.]z13[.]web[.]core[.]windows[.]net
Analysis at: https://urldna.io/scan/689bcb8a3b7750000a1212e9
#cybersecurity #phishing #infosec #urldna #scam #infosec

I understand that one strategy employed by spammers and phishers is to make their messages stupid and absurd on purpose, so that only gullible and stupid people will fall for them, thus ensuring the scammers won't waste their time trying to scam people smart enough to figure it out.
Nevertheless, the mind boggles at how stupid someone would have to be to fall for a message like the one below, which I received this morning.
#spam #phishing #infosec

Phishing: Kein Schadensersatz bei Eingabe von Login und PIN - Golem.de
https://glm.io/199077?n #Cybercrime #Phishing #Schadensersatz

#Phishing: Angebliche "ungewöhnliche Aktivitäten" bei der #Targobank: https://www.verbraucherzentrale.nrw/phishing

The “Incriminating Video” Scam – Source: www.schneier.com https://ciso2ciso.com/the-incriminating-video-scam-source-www-schneier-com/ #rssfeedpostgeneratorecho #SchneierOnSecurity #SchneieronSecurity #CyberSecurityNews #socialengineering #Uncategorized #Phishing #Scams #Video

A post that describes a scenario in which a user could be coerced into inadvertently giving an attacker access to their entire home drive or other network shares

https://blog.delivr.to/filejacking-exfiltrating-mapped-drives-from-the-browser-bb0af6736625

Precision Endodontics of Raleigh: Sicherheitsvorfall #Einbruch #Datendiebstahl #Phishing #Identitätsdiebstahl #TeamInfoSec #cyberangriff https://www.security-incidents.de/sicherheitsvorfaelle/sicherheitsvorfall-precision-endodontics-US-10324.php