home.social

#social-engineering — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #social-engineering, aggregated by home.social.

fetched live
  1. The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets

    A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.

    Pulse ID: 6a566597fbaff52dd5288ce4
    Pulse Link: otx.alienvault.com/pulse/6a566
    Pulse Author: AlienVault
    Created: 2026-07-14 16:36:39

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

  2. The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets

    A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.

    Pulse ID: 6a566597fbaff52dd5288ce4
    Pulse Link: otx.alienvault.com/pulse/6a566
    Pulse Author: AlienVault
    Created: 2026-07-14 16:36:39

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

  3. Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today

    Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.

    Pulse ID: 6a55e306b92e2ed9438ab45f
    Pulse Link: otx.alienvault.com/pulse/6a55e
    Pulse Author: AlienVault
    Created: 2026-07-14 07:19:34

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault

  4. Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today

    Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.

    Pulse ID: 6a55e306b92e2ed9438ab45f
    Pulse Link: otx.alienvault.com/pulse/6a55e
    Pulse Author: AlienVault
    Created: 2026-07-14 07:19:34

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault

  5. DATE: July 13, 2026 at 05:46PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA

    Here are any URLs found in the article text:

    healthcareinfosecurity.com/bip

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  6. DATE: July 13, 2026 at 05:46PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA

    Here are any URLs found in the article text:

    healthcareinfosecurity.com/bip

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  7. Sign here… and install an unwanted RMM

    A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.

    Pulse ID: 6a512b20f12a5adf6bf2c1b3
    Pulse Link: otx.alienvault.com/pulse/6a512
    Pulse Author: AlienVault
    Created: 2026-07-10 17:25:52

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault

  8. Sign here… and install an unwanted RMM

    A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.

    Pulse ID: 6a512b20f12a5adf6bf2c1b3
    Pulse Link: otx.alienvault.com/pulse/6a512
    Pulse Author: AlienVault
    Created: 2026-07-10 17:25:52

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault

  9. Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2

    A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.

    Pulse ID: 6a5414fab18f9d7456d7eda8
    Pulse Link: otx.alienvault.com/pulse/6a541
    Pulse Author: AlienVault
    Created: 2026-07-12 22:28:10

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault

  10. Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2

    A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.

    Pulse ID: 6a5414fab18f9d7456d7eda8
    Pulse Link: otx.alienvault.com/pulse/6a541
    Pulse Author: AlienVault
    Created: 2026-07-12 22:28:10

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault

  11. Experiment of the week.

    We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.

    If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.

    Link: thepodradar.com/episode/8d5b7b

    #Podcast #Technology #CyberSecurity #InformationSecurity #SocialEngineering #GDPR

  12. Experiment of the week.

    We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.

    If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.

    Link: thepodradar.com/episode/8d5b7b

  13. DATE: July 10, 2026 at 05:23PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #AI Threats Put #Healthcare Vendors in #Hackers' Crosshairs: #HIPAA #BusinessAssociates Tied to 50% of #DataBreach Victims as #AI-Aided Attacks Loom t.co/BM2ieuq230 #wallofshame @HHSOCR

    Here are any URLs found in the article text:

    t.co/BM2ieuq230

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  14. DATE: July 10, 2026 at 05:23PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #AI Threats Put #Healthcare Vendors in #Hackers' Crosshairs: #HIPAA #BusinessAssociates Tied to 50% of #DataBreach Victims as #AI-Aided Attacks Loom t.co/BM2ieuq230 #wallofshame @HHSOCR

    Here are any URLs found in the article text:

    t.co/BM2ieuq230

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  15. DATE: July 10, 2026 at 05:18PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    Why #AI Can't Fix Broken #Healthcare Processes, Bad Data: Peter Justen of #AmeriTrustSolutions on How Data Integrity Affects Benefits Administration t.co/i9vDNxCIyn

    Here are any URLs found in the article text:

    t.co/i9vDNxCIyn

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  16. DATE: July 10, 2026 at 05:18PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    Why #AI Can't Fix Broken #Healthcare Processes, Bad Data: Peter Justen of #AmeriTrustSolutions on How Data Integrity Affects Benefits Administration t.co/i9vDNxCIyn

    Here are any URLs found in the article text:

    t.co/i9vDNxCIyn

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  17. Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign

    A malicious campaign was detected impersonating an Italian banking brand through a fraudulent domain offering fake financial rewards for installing a mobile application. Users are redirected to a Telegram bot that distributes a malicious Android APK outside official app stores. The APK functions as a dropper containing an embedded second-stage payload identified as Albiriox, an Android banking Remote Access Trojan. This payload exploits Accessibility services, implements overlay attacks, intercepts SMS messages, captures credentials, and enables remote device control through a custom TCP-based command-and-control protocol. The infrastructure uses domain impersonation and social engineering with financial incentives to distribute the malware. Communication occurs via raw TCP sockets to endpoints on ports 5555 and 5552, with JSON messages framed using big-endian length prefixes. Attribution to Albiriox is supported by protocol similarities, behavioral patterns, and comparison with known Albiriox samples.

    Pulse ID: 6a501da5e79e415cb0ec861e
    Pulse Link: otx.alienvault.com/pulse/6a501
    Pulse Author: AlienVault
    Created: 2026-07-09 22:16:05

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Bank #CyberSecurity #Endpoint #InfoSec #Italian #Malware #NATO #OTX #OpenThreatExchange #RCE #RemoteAccessTrojan #SMS #SocialEngineering #TCP #Telegram #Trojan #bot #AlienVault

  18. Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign

    A malicious campaign was detected impersonating an Italian banking brand through a fraudulent domain offering fake financial rewards for installing a mobile application. Users are redirected to a Telegram bot that distributes a malicious Android APK outside official app stores. The APK functions as a dropper containing an embedded second-stage payload identified as Albiriox, an Android banking Remote Access Trojan. This payload exploits Accessibility services, implements overlay attacks, intercepts SMS messages, captures credentials, and enables remote device control through a custom TCP-based command-and-control protocol. The infrastructure uses domain impersonation and social engineering with financial incentives to distribute the malware. Communication occurs via raw TCP sockets to endpoints on ports 5555 and 5552, with JSON messages framed using big-endian length prefixes. Attribution to Albiriox is supported by protocol similarities, behavioral patterns, and comparison with known Albiriox samples.

    Pulse ID: 6a501da5e79e415cb0ec861e
    Pulse Link: otx.alienvault.com/pulse/6a501
    Pulse Author: AlienVault
    Created: 2026-07-09 22:16:05

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #Android #Bank #CyberSecurity #Endpoint #InfoSec #Italian #Malware #NATO #OTX #OpenThreatExchange #RCE #RemoteAccessTrojan #SMS #SocialEngineering #TCP #Telegram #Trojan #bot #AlienVault

  19. RedHook Returns with a Dangerous Upgrade

    RedHook is an Android Remote Access Trojan that has re-emerged with significant enhancements, particularly in privilege abuse capabilities. The malware autonomously exploits Android's ADB Wireless Debugging features to obtain shell-level access, integrating the Shizuku framework to execute protected system APIs. Recent activity shows expansion beyond Vietnam to Indonesia, targeting Southeast Asian users through spoofed government and financial websites. Malicious APKs are hosted on trusted platforms like AWS S3 and GitHub repositories. The current version supports 53 distinct server-issued commands and employs sophisticated persistence mechanisms including foreground activity spoofing, silent media playback, and cross-process monitoring. Distribution relies on social engineering via phone calls and messaging applications, tricking victims into downloading malicious APKs and enabling Accessibility services under false pretenses.

    Pulse ID: 6a4fa023bcc8675bb1b91cfc
    Pulse Link: otx.alienvault.com/pulse/6a4fa
    Pulse Author: AlienVault
    Created: 2026-07-09 13:20:35

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #AWS #Android #Asia #CyberSecurity #GitHub #Government #Indonesia #InfoSec #Malware #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Rust #SMS #SocialEngineering #Trojan #UK #Vietnam #bot #AlienVault

  20. RedHook Returns with a Dangerous Upgrade

    RedHook is an Android Remote Access Trojan that has re-emerged with significant enhancements, particularly in privilege abuse capabilities. The malware autonomously exploits Android's ADB Wireless Debugging features to obtain shell-level access, integrating the Shizuku framework to execute protected system APIs. Recent activity shows expansion beyond Vietnam to Indonesia, targeting Southeast Asian users through spoofed government and financial websites. Malicious APKs are hosted on trusted platforms like AWS S3 and GitHub repositories. The current version supports 53 distinct server-issued commands and employs sophisticated persistence mechanisms including foreground activity spoofing, silent media playback, and cross-process monitoring. Distribution relies on social engineering via phone calls and messaging applications, tricking victims into downloading malicious APKs and enabling Accessibility services under false pretenses.

    Pulse ID: 6a4fa023bcc8675bb1b91cfc
    Pulse Link: otx.alienvault.com/pulse/6a4fa
    Pulse Author: AlienVault
    Created: 2026-07-09 13:20:35

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #APK #AWS #Android #Asia #CyberSecurity #GitHub #Government #Indonesia #InfoSec #Malware #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Rust #SMS #SocialEngineering #Trojan #UK #Vietnam #bot #AlienVault

  21. DATE: July 9, 2026 at 05:32PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #AI Raises Stakes for #RuralHospital #Security: @duncanregional CIO Roger Neal on Bolstering #Cyber Defenses as AI Threats Grow Teams t.co/P1t3OyPMkX

    Here are any URLs found in the article text:

    t.co/P1t3OyPMkX

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  22. DATE: July 9, 2026 at 05:32PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #AI Raises Stakes for #RuralHospital #Security: @duncanregional CIO Roger Neal on Bolstering #Cyber Defenses as AI Threats Grow Teams t.co/P1t3OyPMkX

    Here are any URLs found in the article text:

    t.co/P1t3OyPMkX

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  23. DATE: July 8, 2026 at 05:45PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    @HHSOCR Delays Planned #HIPAA #Security Rule Overhaul to Mid-2027: @HHSGov Working on Modified HIPAA #Privacy Rule, #HealthIT Interoperability Proposals t.co/HDniU7IuYE #HITECH

    Here are any URLs found in the article text:

    t.co/HDniU7IuYE

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  24. RE: infosec.exchange/@betweentheha

    I recently encountered a ClickFix attack while visiting a trusted website. After reproducing it across multiple browsers, I realized the larger story isn’t just the malware, it’s how attackers are increasingly impersonating security mechanisms themselves.

    I wrote about the experience and what it means for users and organizations.

    betweenthehacks.com/blog/click

    #Cybersecurity #ClickFix #SocialEngineering

  25. A CAPTCHA should never ask you to open Terminal.

    I recently encountered a real ClickFix attack while visiting a trusted website. That experience led me to investigate why attackers are increasingly impersonating security itself instead of simply impersonating trusted brands.

    New Between The Hacks article:

    betweenthehacks.com/blog/click

    #ClickFix #Cybersecurity #InfoSec #SocialEngineering

  26. Fake job interview requests lead to Google account credential theft.

    Employees responding to these job "opportunities" are reluctant to admit it to their employers once their accounts are compromised slowing down detection and response. A good social engineering campaign.

    bleepingcomputer.com/news/secu

    gist.github.com/BushidoUK/57c3

    #phishing #google #jobscam #socialengineering

  27. GDID: come Microsoft ha aiutato l’FBI a incastrare un presunto membro di Scattered Spider

    Atti giudiziari desecretati rivelano come il Global Device Identifier (GDID) di Windows abbia aiutato FBI e Microsoft a identificare Peter Stokes, 19enne accusato di appartenere a Scattered Spider. Dalla richiesta di riscatto da 8 milioni contro una gioielleria di lusso all'arresto a Helsinki.

    insicurezzadigitale.com/gdid-c

  28. DATE: July 7, 2026 at 03:34PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    @AtriumHealth to Pay $1.8M to Settle Web Tracker Lawsuit: #NorthCarolina Nonprofit Is Latest #Healthcare Organization to Resolve #Privacy Claims Involving Online Trackers t.co/TFpT2g0gu1 #Pixel #HIPAA

    Here are any URLs found in the article text:

    t.co/TFpT2g0gu1

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  29. What Is the BabaDeda Loader? Analysis of a New ClickFix Malware Campaign.

    The BabaDeda loader family has undergone significant advancements in its capabilities, particularly in stealth, evasion, and payload flexibility. Discovered during April 2026, this evolved framework continues to conceal malicious payloads within seemingly legitimate installer packages while expanding its functionality. The attack methodology begins with a social engineering exploit known as ClickFix, which encourages users to execute commands via trusted operating system utilities. This initial step transitions into a sophisticated multi-stage loader that employs several tactics, including hidden PowerShell commands, in-memory shellcode, DLL sideloading, and external payload storage.

    Pulse ID: 6a47b2cc64d3d9241377df01
    Pulse Link: otx.alienvault.com/pulse/6a47b
    Pulse Author: AlienVault
    Created: 2026-07-03 13:02:04

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #ICS #InfoSec #Malware #OTX #OpenThreatExchange #PowerShell #RAT #Rust #ShellCode #SideLoading #SocialEngineering #bot #AlienVault

  30. Learn everything you need to know about Social Engineering via these 62 free HackerNoon blog posts. hackernoon.com/62-blog-posts-t #socialengineering

  31. Once, during an #awareness session, I brought a jar into the room.

    One of those old-school glass jars with a metal lid.

    I put it on the table and asked the executives (not the CISOs) to drop a poker chip inside.

    Yes, poker chips. Don’t laugh. That’s what I had.

    The value of each chip was supposed to reflect two things: perceived risk and willingness to spend.

    At the beginning, the jar looked miserable.

    Two or three 50s.
    One brave 500.
    Fewer than ten 100s.

    Then came lunch.
    Paid for, obviously.
    But lunch was also the exercise.

    Heavy #socialengineering. Casual conversation. Names, routines, vendors, habits, internal friction, travel plans, tools, weak points, ego, trust.

    Then the last two hours began.
    Real risk demonstration.

    #spearphishing built with information collected during lunch.
    Fake WhatsApp chats after recon.
    #OSINT before the session even restarted.
    QR codes everywhere.

    Then we talked about recovery costs.

    Regulatory fines.
    Production downtime.
    Loss of trust.
    Reputational damage.
    The unpleasant difference between “unlikely” and “not impossible”.

    And, magically, the jar filled up with 500 and 1000 chips.

    You don’t fucking say.

    My #Decoded for #Baited: blog.baited.io/2026/cost-of-ph

  32. DATE: July 2, 2026 at 04:57PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #RenownHealth Is Reshaping Its Digital ID Strategy:
    #Nevada Hospital System #CISO Steven Ramirez Shares Modernization Efforts t.co/2Y5EiACcIW

    Here are any URLs found in the article text:

    t.co/2Y5EiACcIW

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  33. A single RedLine C2 pivots into a maritime spear-phishing cluster and attacker-owned infrastructure.

    An investigation beginning with a single RedLine Stealer C2 server from VMRay UniqueSignal evolved into uncovering a targeted Business Email Compromise campaign against South Korean maritime infrastructure. The analysis started with IP 194.156.79.122 on port 55615, leveraging fingerprinting techniques through FOFA and VirusTotal to identify additional C2 infrastructure. Pivoting through communicating files revealed spear-phishing emails targeting Kangrim Heavy Industries, a major South Korean marine boiler manufacturer. The campaign delivered Formbook malware through impersonated maritime supply chain companies. Further infrastructure analysis identified seven fraudulent domains hosted on TheHost LLC infrastructure, utilizing similar naming patterns and TLS certificates. The attack demonstrates sophisticated BEC tactics combining malware delivery with social engineering, mimicking legitimate business correspondence within the maritime shipping sector.

    Pulse ID: 6a464b96bef17724be5668a0
    Pulse Link: otx.alienvault.com/pulse/6a464
    Pulse Author: AlienVault
    Created: 2026-07-02 11:29:26

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Email #FormBook #ICS #InfoSec #Korea #Malware #Mimic #OTX #OpenThreatExchange #Phishing #RAT #RedLine #RedlineStealer #Rust #SocialEngineering #SouthKorea #SpearPhishing #SupplyChain #TLS #VirusTotal #bot #AlienVault