Social Engineering Archives

Microsoft Teams Used in Social Engineering Attacks

News, Social Engineering / secureteampstg

Highly targeted phishing attacks have been carried out by the threat actor Midnight Blizzard, previously known as NOBELIUM, via Microsoft Teams. These attacks targeted a range of organisations including government and non-government organisations, IT services, technology businesses, manufacturing, and media companies. Through social engineering techniques Midnight Blizzard were able to achieve token and credential theft […]

Microsoft Teams Used in Social Engineering Attacks Read More »

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks

Articles, Information Assurance, Social Engineering / secureteampstg

A large-scale phishing attack was recently launched against employees at Twilio, a global cloud-based communications and infrastructure company. Phishing text messages were sent to employees, impersonating Twilio’s IT department, with the aim of harvesting employee credentials. These stolen credentials were used to access internal systems, resulting in a breach of confidentiality in which the data

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks Read More »

LinkedIn the Top Phishing Brand in Q2 2022

Articles, Social Engineering / secureteampstg

Phishing is the most common cyber attack vector, and while email is well known for phishing, increasingly LinkedIn is being used as well. End-user phishing was the initial access point in 56% of cyber attacks that took place in 2021, according to a recent report. Phishing attacks rely on user interaction to trigger the initial access,

LinkedIn the Top Phishing Brand in Q2 2022 Read More »

Phishing Attacks That Can Bypass MFA

Articles, Information Assurance, Social Engineering / secureteampstg

A large-scale phishing attack campaign has emerged using adversary-in-the-middle (AiTM) to steal credentials and circumvent multi-factor authentication (MFA) needs. Microsoft have released a security blog post regarding the use of these phishing attacks and the impersonation of Microsoft Azure Active Directory (Azure AD) login pages. This campaign has reportedly targeted over 10,000 organisations in the

Phishing Attacks That Can Bypass MFA Read More »

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat

Articles, Information Assurance, Social Engineering / secureteampstg

First discovered in 2019, BRATA malware is contained in a malicious app which victims are tricked into installing on their phones. BRATA is a banking Trojan that gains access to your bank, withdraws your funds, and then wipes your phone with a factory reset to hide the evidence of its activities. BRATA stands for “Brazilian

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat Read More »

The rise and rise of BEC fraud

Articles, Social Engineering / secureteampstg

Business Email Compromise, and its evil brother CEO Fraud, are both email based fraud attacks that seek to trick the victim into paying a fake invoice or transferring or diverting funds through some other kind of deception. Read on to learn how to protect your business from BEC Fraud. What is BEC fraud? Business Email

The rise and rise of BEC fraud Read More »

How To Become An Ethical Hacker

Articles, Cyber Essentials, Social Engineering / secureteampstg

Everyone has heard of hacking, but not many will know of its less-sinister counterpart, ethical hacking. Rather than the image of an evil villain breaking into important software in a dingy basement, imagine someone working alongside important companies and training them in techniques to prevent malicious attacks to their system. Ethical hacking is quickly becoming

How To Become An Ethical Hacker Read More »

Online Safety For Kids

Articles, Cyber Essentials, Social Engineering / secureteampstg

Early use of digital technology has been shown to improve language skills in young children, as well as helping to promote their creativity and social development. However, it’s not without risks. Threats to children online include cyberbullying and harassment, invasions of privacy, exposure to inappropriate content and dangerous sexual online activities. You might be asking

Online Safety For Kids Read More »

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch