#social-engineering — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #social-engineering, aggregated by home.social.
-
📬 Telegram: Angeblich stehen 182 Millionen Nutzer-Datensätze zum Verkauf
#Cyberangriffe #Datenschutz #CyberNews #Identitätsdiebstahl #NutzerDatensätze #Phishing #Reddit #socialengineering #Telegram https://sc.tarnkappe.info/6e0c38 -
📬 Telegram: Angeblich stehen 182 Millionen Nutzer-Datensätze zum Verkauf
#Cyberangriffe #Datenschutz #CyberNews #Identitätsdiebstahl #NutzerDatensätze #Phishing #Reddit #socialengineering #Telegram https://sc.tarnkappe.info/6e0c38 -
📬 Telegram: Angeblich stehen 182 Millionen Nutzer-Datensätze zum Verkauf
#Cyberangriffe #Datenschutz #CyberNews #Identitätsdiebstahl #NutzerDatensätze #Phishing #Reddit #socialengineering #Telegram https://sc.tarnkappe.info/6e0c38 -
📬 Telegram: Angeblich stehen 182 Millionen Nutzer-Datensätze zum Verkauf
#Cyberangriffe #Datenschutz #CyberNews #Identitätsdiebstahl #NutzerDatensätze #Phishing #Reddit #socialengineering #Telegram https://sc.tarnkappe.info/6e0c38 -
📬 Telegram: Angeblich stehen 182 Millionen Nutzer-Datensätze zum Verkauf
#Cyberangriffe #Datenschutz #CyberNews #Identitätsdiebstahl #NutzerDatensätze #Phishing #Reddit #socialengineering #Telegram https://sc.tarnkappe.info/6e0c38 -
DATE: July 14, 2026 at 05:40PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments https://t.co/9wulCCspBV
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 14, 2026 at 05:40PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments https://t.co/9wulCCspBV
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 14, 2026 at 05:40PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments https://t.co/9wulCCspBV
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 14, 2026 at 05:40PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments https://t.co/9wulCCspBV
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets
A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.
Pulse ID: 6a566597fbaff52dd5288ce4
Pulse Link: https://otx.alienvault.com/pulse/6a566597fbaff52dd5288ce4
Pulse Author: AlienVault
Created: 2026-07-14 16:36:39Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault
-
The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets
A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.
Pulse ID: 6a566597fbaff52dd5288ce4
Pulse Link: https://otx.alienvault.com/pulse/6a566597fbaff52dd5288ce4
Pulse Author: AlienVault
Created: 2026-07-14 16:36:39Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault
-
The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets
A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.
Pulse ID: 6a566597fbaff52dd5288ce4
Pulse Link: https://otx.alienvault.com/pulse/6a566597fbaff52dd5288ce4
Pulse Author: AlienVault
Created: 2026-07-14 16:36:39Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault
-
The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets
A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.
Pulse ID: 6a566597fbaff52dd5288ce4
Pulse Link: https://otx.alienvault.com/pulse/6a566597fbaff52dd5288ce4
Pulse Author: AlienVault
Created: 2026-07-14 16:36:39Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault
-
The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets
A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.
Pulse ID: 6a566597fbaff52dd5288ce4
Pulse Link: https://otx.alienvault.com/pulse/6a566597fbaff52dd5288ce4
Pulse Author: AlienVault
Created: 2026-07-14 16:36:39Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault
-
Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today
Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.
Pulse ID: 6a55e306b92e2ed9438ab45f
Pulse Link: https://otx.alienvault.com/pulse/6a55e306b92e2ed9438ab45f
Pulse Author: AlienVault
Created: 2026-07-14 07:19:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault
-
Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today
Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.
Pulse ID: 6a55e306b92e2ed9438ab45f
Pulse Link: https://otx.alienvault.com/pulse/6a55e306b92e2ed9438ab45f
Pulse Author: AlienVault
Created: 2026-07-14 07:19:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault
-
Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today
Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.
Pulse ID: 6a55e306b92e2ed9438ab45f
Pulse Link: https://otx.alienvault.com/pulse/6a55e306b92e2ed9438ab45f
Pulse Author: AlienVault
Created: 2026-07-14 07:19:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault
-
Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today
Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.
Pulse ID: 6a55e306b92e2ed9438ab45f
Pulse Link: https://otx.alienvault.com/pulse/6a55e306b92e2ed9438ab45f
Pulse Author: AlienVault
Created: 2026-07-14 07:19:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault
-
Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today
Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.
Pulse ID: 6a55e306b92e2ed9438ab45f
Pulse Link: https://otx.alienvault.com/pulse/6a55e306b92e2ed9438ab45f
Pulse Author: AlienVault
Created: 2026-07-14 07:19:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault
-
DATE: July 13, 2026 at 05:46PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 13, 2026 at 05:46PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 13, 2026 at 05:46PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 13, 2026 at 05:46PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
Sign here… and install an unwanted RMM
A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.
Pulse ID: 6a512b20f12a5adf6bf2c1b3
Pulse Link: https://otx.alienvault.com/pulse/6a512b20f12a5adf6bf2c1b3
Pulse Author: AlienVault
Created: 2026-07-10 17:25:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault
-
Sign here… and install an unwanted RMM
A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.
Pulse ID: 6a512b20f12a5adf6bf2c1b3
Pulse Link: https://otx.alienvault.com/pulse/6a512b20f12a5adf6bf2c1b3
Pulse Author: AlienVault
Created: 2026-07-10 17:25:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault
-
Sign here… and install an unwanted RMM
A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.
Pulse ID: 6a512b20f12a5adf6bf2c1b3
Pulse Link: https://otx.alienvault.com/pulse/6a512b20f12a5adf6bf2c1b3
Pulse Author: AlienVault
Created: 2026-07-10 17:25:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault
-
Sign here… and install an unwanted RMM
A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.
Pulse ID: 6a512b20f12a5adf6bf2c1b3
Pulse Link: https://otx.alienvault.com/pulse/6a512b20f12a5adf6bf2c1b3
Pulse Author: AlienVault
Created: 2026-07-10 17:25:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault
-
Sign here… and install an unwanted RMM
A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.
Pulse ID: 6a512b20f12a5adf6bf2c1b3
Pulse Link: https://otx.alienvault.com/pulse/6a512b20f12a5adf6bf2c1b3
Pulse Author: AlienVault
Created: 2026-07-10 17:25:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault
-
Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2
A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.
Pulse ID: 6a5414fab18f9d7456d7eda8
Pulse Link: https://otx.alienvault.com/pulse/6a5414fab18f9d7456d7eda8
Pulse Author: AlienVault
Created: 2026-07-12 22:28:10Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault
-
Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2
A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.
Pulse ID: 6a5414fab18f9d7456d7eda8
Pulse Link: https://otx.alienvault.com/pulse/6a5414fab18f9d7456d7eda8
Pulse Author: AlienVault
Created: 2026-07-12 22:28:10Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault
-
Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2
A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.
Pulse ID: 6a5414fab18f9d7456d7eda8
Pulse Link: https://otx.alienvault.com/pulse/6a5414fab18f9d7456d7eda8
Pulse Author: AlienVault
Created: 2026-07-12 22:28:10Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault
-
Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2
A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.
Pulse ID: 6a5414fab18f9d7456d7eda8
Pulse Link: https://otx.alienvault.com/pulse/6a5414fab18f9d7456d7eda8
Pulse Author: AlienVault
Created: 2026-07-12 22:28:10Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault
-
Operation Capsule Vault: RokRAT Attack Chain Analysis Using EMBED_PAYLOAD_v2
A sophisticated spear-phishing campaign targeted individuals in research, policy, and academic fields through emails disguised as materials from an actual academic conference. The attack leveraged a cloud storage link delivering a malicious ISO file containing a PIF executable disguised as a PDF document. The multi-stage loader used EMBED_PAYLOAD_v2 structure to embed both legitimate documents and malicious payloads, which were sequentially extracted and executed in memory. Shellcode injection into explorer.exe ultimately deployed a RokRAT variant communicating with cloud-based C2 infrastructure via pCloud, Dropbox, and Yandex Cloud. The campaign demonstrated advanced social engineering by exploiting information from a real event, combined with sophisticated evasion techniques including process injection and cloud-based command-and-control operations. Attribution analysis linked the activity to APT37 based on infrastructure overlap, code similarities, and operational patterns.
Pulse ID: 6a5414fab18f9d7456d7eda8
Pulse Link: https://otx.alienvault.com/pulse/6a5414fab18f9d7456d7eda8
Pulse Author: AlienVault
Created: 2026-07-12 22:28:10Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Cloud #CodeInjection #CyberSecurity #Dropbox #Email #InfoSec #OTX #OpenThreatExchange #PDF #Phishing #RAT #ShellCode #SocialEngineering #SpearPhishing #bot #pCloud #AlienVault
-
Experiment of the week.
We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.
If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.
Link: https://thepodradar.com/episode/8d5b7bd2-13d4-4ee1-a7c5-059debf2643d
#Podcast #Technology #CyberSecurity #InformationSecurity #SocialEngineering #GDPR
-
Experiment of the week.
We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.
If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.
Link: https://thepodradar.com/episode/8d5b7bd2-13d4-4ee1-a7c5-059debf2643d
#Podcast #Technology #CyberSecurity #InformationSecurity #SocialEngineering #GDPR
-
Experiment of the week.
We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.
If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.
Link: https://thepodradar.com/episode/8d5b7bd2-13d4-4ee1-a7c5-059debf2643d
#Podcast #Technology #CyberSecurity #InformationSecurity #SocialEngineering #GDPR
-
Experiment of the week.
We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.
If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.
Link: https://thepodradar.com/episode/8d5b7bd2-13d4-4ee1-a7c5-059debf2643d
#Podcast #Technology #CyberSecurity #InformationSecurity #SocialEngineering #GDPR
-
Experiment of the week.
We've submitted Episode 16, "GDPR Enters the Chat", to The Pod Radar to see how our podcast performs on a community-driven discovery platform.
If you've listened to the episode and feel it deserves a recommendation, we'd appreciate your vote. It's a small gesture that can help other IT professionals discover the show.
Link: https://thepodradar.com/episode/8d5b7bd2-13d4-4ee1-a7c5-059debf2643d
#Podcast #Technology #CyberSecurity #InformationSecurity #SocialEngineering #GDPR
-
71% der Schweizer Firmen berichten Cybervorfälle - inside-it[.]ch https://www.inside-it.ch/71percent-der-schweizer-firmen-berichten-cybervorfaelle-20260708 #Malware #Ransomware #phishing #SocialEngineering
-
71% der Schweizer Firmen berichten Cybervorfälle - inside-it[.]ch https://www.inside-it.ch/71percent-der-schweizer-firmen-berichten-cybervorfaelle-20260708 #Malware #Ransomware #phishing #SocialEngineering
-
71% der Schweizer Firmen berichten Cybervorfälle - inside-it[.]ch https://www.inside-it.ch/71percent-der-schweizer-firmen-berichten-cybervorfaelle-20260708 #Malware #Ransomware #phishing #SocialEngineering
-
71% der Schweizer Firmen berichten Cybervorfälle - inside-it[.]ch https://www.inside-it.ch/71percent-der-schweizer-firmen-berichten-cybervorfaelle-20260708 #Malware #Ransomware #phishing #SocialEngineering
-
No "human verification" thing on a website login will ask you to paste some command into a terminal. Anyone who does that is asking for consequences. #SocialEngineering
-
No "human verification" thing on a website login will ask you to paste some command into a terminal. Anyone who does that is asking for consequences. #SocialEngineering
-
No "human verification" thing on a website login will ask you to paste some command into a terminal. Anyone who does that is asking for consequences. #SocialEngineering
-
Operation „First Light 2026“: 5.800 Verdächtige weltweit festgenommen | heise online https://www.heise.de/news/Operation-First-Light-2026-5-800-Verdaechtige-bei-weltweit-festgenommen-11360175.html #Interpol #SocialEngineering #CyberCrime #FirstLight2026
-
Operation „First Light 2026“: 5.800 Verdächtige weltweit festgenommen | heise online https://www.heise.de/news/Operation-First-Light-2026-5-800-Verdaechtige-bei-weltweit-festgenommen-11360175.html #Interpol #SocialEngineering #CyberCrime #FirstLight2026
-
Operation „First Light 2026“: 5.800 Verdächtige weltweit festgenommen | heise online https://www.heise.de/news/Operation-First-Light-2026-5-800-Verdaechtige-bei-weltweit-festgenommen-11360175.html #Interpol #SocialEngineering #CyberCrime #FirstLight2026
-
Operation „First Light 2026“: 5.800 Verdächtige weltweit festgenommen | heise online https://www.heise.de/news/Operation-First-Light-2026-5-800-Verdaechtige-bei-weltweit-festgenommen-11360175.html #Interpol #SocialEngineering #CyberCrime #FirstLight2026
-
DATE: July 10, 2026 at 05:23PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#AI Threats Put #Healthcare Vendors in #Hackers' Crosshairs: #HIPAA #BusinessAssociates Tied to 50% of #DataBreach Victims as #AI-Aided Attacks Loom https://t.co/BM2ieuq230 #wallofshame @HHSOCR
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:23PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#AI Threats Put #Healthcare Vendors in #Hackers' Crosshairs: #HIPAA #BusinessAssociates Tied to 50% of #DataBreach Victims as #AI-Aided Attacks Loom https://t.co/BM2ieuq230 #wallofshame @HHSOCR
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:23PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#AI Threats Put #Healthcare Vendors in #Hackers' Crosshairs: #HIPAA #BusinessAssociates Tied to 50% of #DataBreach Victims as #AI-Aided Attacks Loom https://t.co/BM2ieuq230 #wallofshame @HHSOCR
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:23PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
#AI Threats Put #Healthcare Vendors in #Hackers' Crosshairs: #HIPAA #BusinessAssociates Tied to 50% of #DataBreach Victims as #AI-Aided Attacks Loom https://t.co/BM2ieuq230 #wallofshame @HHSOCR
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:18PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
Why #AI Can't Fix Broken #Healthcare Processes, Bad Data: Peter Justen of #AmeriTrustSolutions on How Data Integrity Affects Benefits Administration https://t.co/i9vDNxCIyn
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:18PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
Why #AI Can't Fix Broken #Healthcare Processes, Bad Data: Peter Justen of #AmeriTrustSolutions on How Data Integrity Affects Benefits Administration https://t.co/i9vDNxCIyn
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:18PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
Why #AI Can't Fix Broken #Healthcare Processes, Bad Data: Peter Justen of #AmeriTrustSolutions on How Data Integrity Affects Benefits Administration https://t.co/i9vDNxCIyn
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
DATE: July 10, 2026 at 05:18PM
SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.
Why #AI Can't Fix Broken #Healthcare Processes, Bad Data: Peter Justen of #AmeriTrustSolutions on How Data Integrity Affects Benefits Administration https://t.co/i9vDNxCIyn
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
-
Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign
A malicious campaign was detected impersonating an Italian banking brand through a fraudulent domain offering fake financial rewards for installing a mobile application. Users are redirected to a Telegram bot that distributes a malicious Android APK outside official app stores. The APK functions as a dropper containing an embedded second-stage payload identified as Albiriox, an Android banking Remote Access Trojan. This payload exploits Accessibility services, implements overlay attacks, intercepts SMS messages, captures credentials, and enables remote device control through a custom TCP-based command-and-control protocol. The infrastructure uses domain impersonation and social engineering with financial incentives to distribute the malware. Communication occurs via raw TCP sockets to endpoints on ports 5555 and 5552, with JSON messages framed using big-endian length prefixes. Attribution to Albiriox is supported by protocol similarities, behavioral patterns, and comparison with known Albiriox samples.
Pulse ID: 6a501da5e79e415cb0ec861e
Pulse Link: https://otx.alienvault.com/pulse/6a501da5e79e415cb0ec861e
Pulse Author: AlienVault
Created: 2026-07-09 22:16:05Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APK #Android #Bank #CyberSecurity #Endpoint #InfoSec #Italian #Malware #NATO #OTX #OpenThreatExchange #RCE #RemoteAccessTrojan #SMS #SocialEngineering #TCP #Telegram #Trojan #bot #AlienVault
-
Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign
A malicious campaign was detected impersonating an Italian banking brand through a fraudulent domain offering fake financial rewards for installing a mobile application. Users are redirected to a Telegram bot that distributes a malicious Android APK outside official app stores. The APK functions as a dropper containing an embedded second-stage payload identified as Albiriox, an Android banking Remote Access Trojan. This payload exploits Accessibility services, implements overlay attacks, intercepts SMS messages, captures credentials, and enables remote device control through a custom TCP-based command-and-control protocol. The infrastructure uses domain impersonation and social engineering with financial incentives to distribute the malware. Communication occurs via raw TCP sockets to endpoints on ports 5555 and 5552, with JSON messages framed using big-endian length prefixes. Attribution to Albiriox is supported by protocol similarities, behavioral patterns, and comparison with known Albiriox samples.
Pulse ID: 6a501da5e79e415cb0ec861e
Pulse Link: https://otx.alienvault.com/pulse/6a501da5e79e415cb0ec861e
Pulse Author: AlienVault
Created: 2026-07-09 22:16:05Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APK #Android #Bank #CyberSecurity #Endpoint #InfoSec #Italian #Malware #NATO #OTX #OpenThreatExchange #RCE #RemoteAccessTrojan #SMS #SocialEngineering #TCP #Telegram #Trojan #bot #AlienVault
-
Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign
A malicious campaign was detected impersonating an Italian banking brand through a fraudulent domain offering fake financial rewards for installing a mobile application. Users are redirected to a Telegram bot that distributes a malicious Android APK outside official app stores. The APK functions as a dropper containing an embedded second-stage payload identified as Albiriox, an Android banking Remote Access Trojan. This payload exploits Accessibility services, implements overlay attacks, intercepts SMS messages, captures credentials, and enables remote device control through a custom TCP-based command-and-control protocol. The infrastructure uses domain impersonation and social engineering with financial incentives to distribute the malware. Communication occurs via raw TCP sockets to endpoints on ports 5555 and 5552, with JSON messages framed using big-endian length prefixes. Attribution to Albiriox is supported by protocol similarities, behavioral patterns, and comparison with known Albiriox samples.
Pulse ID: 6a501da5e79e415cb0ec861e
Pulse Link: https://otx.alienvault.com/pulse/6a501da5e79e415cb0ec861e
Pulse Author: AlienVault
Created: 2026-07-09 22:16:05Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APK #Android #Bank #CyberSecurity #Endpoint #InfoSec #Italian #Malware #NATO #OTX #OpenThreatExchange #RCE #RemoteAccessTrojan #SMS #SocialEngineering #TCP #Telegram #Trojan #bot #AlienVault