According to Abnormal Security, threat actors are using popular file-hosting or e-signature solutions to trick victims into revealing private information or downloading malware. A file-sharing phishing attack involves a cybercriminal posing as a familiar colleague, file-hosting solution, or e-signature solution and sending a malicious email with a link to what seems to be a shared file or document. Clicking on the link starts the second phase of the attack, which may involve stealing login credentials or infecting the target's device with malware.

Joseph K. Nwankpa, Miami University Associate Professor of Information Systems and Analytics, points out that default privacy settings are a potential risk to user privacy. As a cybersecurity scholar, he finds that many apps' privacy settings can often increase the vulnerability of end users to data exposure despite appearing to enable privacy. According to Nwankpa, these apps intentionally have complicated default privacy settings that make the user's information more public than private. Users are often unaware of the additional steps required for optimal privacy settings.

Czech Republic, Hungary, and Georgia are facing financial fraud campaigns involving a recently discovered sophisticated mobile phishing technique. This phishing technique uses Progressive Web Applications (PWAs), which offer a native-app-like experience and are growing on Android and iOS devices. ESET researchers detected the campaigns, noting that this method installs a phishing app from a third-party website without user consent. This article continues to discuss observations regarding the PWA phishing method.

The French security company Quarkslab found a major backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading Chinese chip manufacturer. According to Quarkslab researcher Philippe Teuwen, the backdoor allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms worldwide. Teuwen explained that a supply chain attacker could execute instantaneous, scaled attacks using the backdoor, which requires only a few minutes of physical proximity to an affected card.

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Jenkins vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The exploitation of this flaw enables Remote Code Execution (RCE). Jenkins is a popular open source automation server that lets developers automate the process of building, testing, and deploying software using Continuous Integration (CI) and Continuous Delivery (CD).

The Iranian-linked threat actor "TA453," also known as "Charming Kitten," has been using a PowerShell-based malware toolkit named "BlackSmith" in a sophisticated phishing attack. According to researchers at Proofpoint, the campaign began in July 2024, targeting a prominent Jewish figure with emails spoofing the Institute for the Study of War (ISW). TA453, posing as the ISW Research Director, invited the target to a podcast to appear legitimate. After building trust, the group sent a malicious link masked as a legitimate podcast URL to deliver BlackSmith.

US intelligence officials are confident that Iran was behind hacks against the Trump and Biden-Harris presidential campaigns. Tehran is believed to be using the hacks to influence American politics and the election. The Federal Bureau of Investigation (FBI) and other federal agencies' assessment was the first time the US government designated blame for hacks that have reignited fears of foreign election interference. This article continues to discuss US intelligence officials' conclusion that Iran is to blame for hacks targeting Trump and Biden-Harris campaigns.

According to a new report by the UK backup solutions provider Databarracks, more organizations than ever before have subscribed to cyber insurance, but the number of claims is declining. In its "2024 Data Health Check report," the company discovered that 66 percent of UK organizations reported having cyber insurance in 2024, up from 51 percent in 2022 and 57 percent in 2023. However, the number of organizations filing cyber insurance claims decreased from 58 percent in 2022 to 36 percent in 2024.