home.social

#social-engineering — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #social-engineering, aggregated by home.social.

fetched live
  1. DATE: July 17, 2026 at 07:40AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #DataBreaches From Lost or Stolen Devices Hit All-Time Low: Experts Say #Encryption, #Endpoint Management Helped Cut Breaches, But #AI Risks Loom t.co/VF57Ie1F1x #HIPAA @HHSOCR

    Here are any URLs found in the article text:

    t.co/VF57Ie1F1x

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  2. DATE: July 17, 2026 at 07:40AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #DataBreaches From Lost or Stolen Devices Hit All-Time Low: Experts Say #Encryption, #Endpoint Management Helped Cut Breaches, But #AI Risks Loom t.co/VF57Ie1F1x #HIPAA @HHSOCR

    Here are any URLs found in the article text:

    t.co/VF57Ie1F1x

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  3. DATE: July 17, 2026 at 07:40AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #DataBreaches From Lost or Stolen Devices Hit All-Time Low: Experts Say #Encryption, #Endpoint Management Helped Cut Breaches, But #AI Risks Loom t.co/VF57Ie1F1x #HIPAA @HHSOCR

    Here are any URLs found in the article text:

    t.co/VF57Ie1F1x

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  4. DATE: July 17, 2026 at 07:40AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #DataBreaches From Lost or Stolen Devices Hit All-Time Low: Experts Say #Encryption, #Endpoint Management Helped Cut Breaches, But #AI Risks Loom t.co/VF57Ie1F1x #HIPAA @HHSOCR

    Here are any URLs found in the article text:

    t.co/VF57Ie1F1x

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  5. DATE: July 17, 2026 at 07:38AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    @HHSGov Wants Input on #Cyber, #AI for Regulations on Clinical Labs: Experts Say the #ClinicalLaboratoryImprovementAmendments Are Seriously Outdated t.co/70qz2hfeD0 #CLIA #HIPAA #FDA #CDC #CMS

    Here are any URLs found in the article text:

    t.co/70qz2hfeD0

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  6. DATE: July 17, 2026 at 07:38AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    @HHSGov Wants Input on #Cyber, #AI for Regulations on Clinical Labs: Experts Say the #ClinicalLaboratoryImprovementAmendments Are Seriously Outdated t.co/70qz2hfeD0 #CLIA #HIPAA #FDA #CDC #CMS

    Here are any URLs found in the article text:

    t.co/70qz2hfeD0

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  7. DATE: July 17, 2026 at 07:38AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    @HHSGov Wants Input on #Cyber, #AI for Regulations on Clinical Labs: Experts Say the #ClinicalLaboratoryImprovementAmendments Are Seriously Outdated t.co/70qz2hfeD0 #CLIA #HIPAA #FDA #CDC #CMS

    Here are any URLs found in the article text:

    t.co/70qz2hfeD0

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  8. DATE: July 17, 2026 at 07:38AM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    @HHSGov Wants Input on #Cyber, #AI for Regulations on Clinical Labs: Experts Say the #ClinicalLaboratoryImprovementAmendments Are Seriously Outdated t.co/70qz2hfeD0 #CLIA #HIPAA #FDA #CDC #CMS

    Here are any URLs found in the article text:

    t.co/70qz2hfeD0

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  9. ACR Stealer: Two observed intrusion chains amid increased threat activity

    Between late April and mid-June 2026, Microsoft observed heightened ACR Stealer activity targeting enterprise environments through ClickFix social engineering lures. This information-stealing malware, associated with Amatera Stealer rebranding and offered as malware-as-a-service, deployed through two distinct campaigns. The first utilized WebDAV-delivered payloads with Python loaders and blockchain-based command-and-control resolution. The second employed a fileless approach using MSHTA and steganography-concealed payloads within images. Both campaigns harvested browser credentials, authentication tokens, and sensitive documents from compromised systems. Threat actors leveraged obfuscated PowerShell scripts, scheduled task persistence, and in-memory execution techniques to evade detection. Notable tactics included masquerading as legitimate software updates, utilizing Windows DPAPI for credential decryption, and targeting PDF and Microsoft 365 documents. The blockchain dead-drop technique enabled dynamic i...

    Pulse ID: 6a59832ac2ebd9e525a462b9
    Pulse Link: otx.alienvault.com/pulse/6a598
    Pulse Author: AlienVault
    Created: 2026-07-17 01:19:38

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BlockChain #Browser #CyberSecurity #ICS #InfoSec #Malware #MalwareAsAService #Microsoft #OTX #OpenThreatExchange #PDF #PowerShell #Python #SocialEngineering #Steganography #Windows #bot #AlienVault

  10. ACR Stealer: Two observed intrusion chains amid increased threat activity

    Between late April and mid-June 2026, Microsoft observed heightened ACR Stealer activity targeting enterprise environments through ClickFix social engineering lures. This information-stealing malware, associated with Amatera Stealer rebranding and offered as malware-as-a-service, deployed through two distinct campaigns. The first utilized WebDAV-delivered payloads with Python loaders and blockchain-based command-and-control resolution. The second employed a fileless approach using MSHTA and steganography-concealed payloads within images. Both campaigns harvested browser credentials, authentication tokens, and sensitive documents from compromised systems. Threat actors leveraged obfuscated PowerShell scripts, scheduled task persistence, and in-memory execution techniques to evade detection. Notable tactics included masquerading as legitimate software updates, utilizing Windows DPAPI for credential decryption, and targeting PDF and Microsoft 365 documents. The blockchain dead-drop technique enabled dynamic i...

    Pulse ID: 6a59832ac2ebd9e525a462b9
    Pulse Link: otx.alienvault.com/pulse/6a598
    Pulse Author: AlienVault
    Created: 2026-07-17 01:19:38

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BlockChain #Browser #CyberSecurity #ICS #InfoSec #Malware #MalwareAsAService #Microsoft #OTX #OpenThreatExchange #PDF #PowerShell #Python #SocialEngineering #Steganography #Windows #bot #AlienVault

  11. ACR Stealer: Two observed intrusion chains amid increased threat activity

    Between late April and mid-June 2026, Microsoft observed heightened ACR Stealer activity targeting enterprise environments through ClickFix social engineering lures. This information-stealing malware, associated with Amatera Stealer rebranding and offered as malware-as-a-service, deployed through two distinct campaigns. The first utilized WebDAV-delivered payloads with Python loaders and blockchain-based command-and-control resolution. The second employed a fileless approach using MSHTA and steganography-concealed payloads within images. Both campaigns harvested browser credentials, authentication tokens, and sensitive documents from compromised systems. Threat actors leveraged obfuscated PowerShell scripts, scheduled task persistence, and in-memory execution techniques to evade detection. Notable tactics included masquerading as legitimate software updates, utilizing Windows DPAPI for credential decryption, and targeting PDF and Microsoft 365 documents. The blockchain dead-drop technique enabled dynamic i...

    Pulse ID: 6a59832ac2ebd9e525a462b9
    Pulse Link: otx.alienvault.com/pulse/6a598
    Pulse Author: AlienVault
    Created: 2026-07-17 01:19:38

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BlockChain #Browser #CyberSecurity #ICS #InfoSec #Malware #MalwareAsAService #Microsoft #OTX #OpenThreatExchange #PDF #PowerShell #Python #SocialEngineering #Steganography #Windows #bot #AlienVault

  12. ACR Stealer: Two observed intrusion chains amid increased threat activity

    Between late April and mid-June 2026, Microsoft observed heightened ACR Stealer activity targeting enterprise environments through ClickFix social engineering lures. This information-stealing malware, associated with Amatera Stealer rebranding and offered as malware-as-a-service, deployed through two distinct campaigns. The first utilized WebDAV-delivered payloads with Python loaders and blockchain-based command-and-control resolution. The second employed a fileless approach using MSHTA and steganography-concealed payloads within images. Both campaigns harvested browser credentials, authentication tokens, and sensitive documents from compromised systems. Threat actors leveraged obfuscated PowerShell scripts, scheduled task persistence, and in-memory execution techniques to evade detection. Notable tactics included masquerading as legitimate software updates, utilizing Windows DPAPI for credential decryption, and targeting PDF and Microsoft 365 documents. The blockchain dead-drop technique enabled dynamic i...

    Pulse ID: 6a59832ac2ebd9e525a462b9
    Pulse Link: otx.alienvault.com/pulse/6a598
    Pulse Author: AlienVault
    Created: 2026-07-17 01:19:38

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BlockChain #Browser #CyberSecurity #ICS #InfoSec #Malware #MalwareAsAService #Microsoft #OTX #OpenThreatExchange #PDF #PowerShell #Python #SocialEngineering #Steganography #Windows #bot #AlienVault

  13. ACR Stealer: Two observed intrusion chains amid increased threat activity

    Between late April and mid-June 2026, Microsoft observed heightened ACR Stealer activity targeting enterprise environments through ClickFix social engineering lures. This information-stealing malware, associated with Amatera Stealer rebranding and offered as malware-as-a-service, deployed through two distinct campaigns. The first utilized WebDAV-delivered payloads with Python loaders and blockchain-based command-and-control resolution. The second employed a fileless approach using MSHTA and steganography-concealed payloads within images. Both campaigns harvested browser credentials, authentication tokens, and sensitive documents from compromised systems. Threat actors leveraged obfuscated PowerShell scripts, scheduled task persistence, and in-memory execution techniques to evade detection. Notable tactics included masquerading as legitimate software updates, utilizing Windows DPAPI for credential decryption, and targeting PDF and Microsoft 365 documents. The blockchain dead-drop technique enabled dynamic i...

    Pulse ID: 6a59832ac2ebd9e525a462b9
    Pulse Link: otx.alienvault.com/pulse/6a598
    Pulse Author: AlienVault
    Created: 2026-07-17 01:19:38

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BlockChain #Browser #CyberSecurity #ICS #InfoSec #Malware #MalwareAsAService #Microsoft #OTX #OpenThreatExchange #PDF #PowerShell #Python #SocialEngineering #Steganography #Windows #bot #AlienVault

  14. ClickLock Stealer: Paste Once, Lose Everything

    A new modular macOS information stealer named ClickLock Stealer has been discovered targeting users primarily in Europe, North America, and the Middle East. The malware is likely distributed via ClickFix social engineering pages that trick victims into pasting malicious commands into Terminal. Once executed, it deploys four components: a credential stealer, a Keychain stealer targeting Chrome's encryption key, a comprehensive crypto wallet harvester, and a persistent GSocket-based backdoor. The malware employs an aggressive 'locker' technique, killing all visible applications except password dialogs to force user compliance. It targets data from eight browsers, 31 crypto wallet extensions, seven password managers, desktop wallets, macOS Keychain, and shell history. The campaign has compromised at least 100 victims across 33 countries since May 2026, using compromised WordPress domains and Telegram for command and control and exfiltration.

    Pulse ID: 6a58c1a90a160ce1e25e78e7
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:01

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Encryption #Europe #InfoSec #Mac #MacOS #Malware #MiddleEast #NorthAmerica #OTX #OpenThreatExchange #Password #RAT #RCE #RDP #SocialEngineering #Telegram #Word #Wordpress #bot #AlienVault

  15. ClickLock Stealer: Paste Once, Lose Everything

    A new modular macOS information stealer named ClickLock Stealer has been discovered targeting users primarily in Europe, North America, and the Middle East. The malware is likely distributed via ClickFix social engineering pages that trick victims into pasting malicious commands into Terminal. Once executed, it deploys four components: a credential stealer, a Keychain stealer targeting Chrome's encryption key, a comprehensive crypto wallet harvester, and a persistent GSocket-based backdoor. The malware employs an aggressive 'locker' technique, killing all visible applications except password dialogs to force user compliance. It targets data from eight browsers, 31 crypto wallet extensions, seven password managers, desktop wallets, macOS Keychain, and shell history. The campaign has compromised at least 100 victims across 33 countries since May 2026, using compromised WordPress domains and Telegram for command and control and exfiltration.

    Pulse ID: 6a58c1a90a160ce1e25e78e7
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:01

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Encryption #Europe #InfoSec #Mac #MacOS #Malware #MiddleEast #NorthAmerica #OTX #OpenThreatExchange #Password #RAT #RCE #RDP #SocialEngineering #Telegram #Word #Wordpress #bot #AlienVault

  16. ClickLock Stealer: Paste Once, Lose Everything

    A new modular macOS information stealer named ClickLock Stealer has been discovered targeting users primarily in Europe, North America, and the Middle East. The malware is likely distributed via ClickFix social engineering pages that trick victims into pasting malicious commands into Terminal. Once executed, it deploys four components: a credential stealer, a Keychain stealer targeting Chrome's encryption key, a comprehensive crypto wallet harvester, and a persistent GSocket-based backdoor. The malware employs an aggressive 'locker' technique, killing all visible applications except password dialogs to force user compliance. It targets data from eight browsers, 31 crypto wallet extensions, seven password managers, desktop wallets, macOS Keychain, and shell history. The campaign has compromised at least 100 victims across 33 countries since May 2026, using compromised WordPress domains and Telegram for command and control and exfiltration.

    Pulse ID: 6a58c1a90a160ce1e25e78e7
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:01

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Encryption #Europe #InfoSec #Mac #MacOS #Malware #MiddleEast #NorthAmerica #OTX #OpenThreatExchange #Password #RAT #RCE #RDP #SocialEngineering #Telegram #Word #Wordpress #bot #AlienVault

  17. ClickLock Stealer: Paste Once, Lose Everything

    A new modular macOS information stealer named ClickLock Stealer has been discovered targeting users primarily in Europe, North America, and the Middle East. The malware is likely distributed via ClickFix social engineering pages that trick victims into pasting malicious commands into Terminal. Once executed, it deploys four components: a credential stealer, a Keychain stealer targeting Chrome's encryption key, a comprehensive crypto wallet harvester, and a persistent GSocket-based backdoor. The malware employs an aggressive 'locker' technique, killing all visible applications except password dialogs to force user compliance. It targets data from eight browsers, 31 crypto wallet extensions, seven password managers, desktop wallets, macOS Keychain, and shell history. The campaign has compromised at least 100 victims across 33 countries since May 2026, using compromised WordPress domains and Telegram for command and control and exfiltration.

    Pulse ID: 6a58c1a90a160ce1e25e78e7
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:01

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Encryption #Europe #InfoSec #Mac #MacOS #Malware #MiddleEast #NorthAmerica #OTX #OpenThreatExchange #Password #RAT #RCE #RDP #SocialEngineering #Telegram #Word #Wordpress #bot #AlienVault

  18. ClickLock Stealer: Paste Once, Lose Everything

    A new modular macOS information stealer named ClickLock Stealer has been discovered targeting users primarily in Europe, North America, and the Middle East. The malware is likely distributed via ClickFix social engineering pages that trick victims into pasting malicious commands into Terminal. Once executed, it deploys four components: a credential stealer, a Keychain stealer targeting Chrome's encryption key, a comprehensive crypto wallet harvester, and a persistent GSocket-based backdoor. The malware employs an aggressive 'locker' technique, killing all visible applications except password dialogs to force user compliance. It targets data from eight browsers, 31 crypto wallet extensions, seven password managers, desktop wallets, macOS Keychain, and shell history. The campaign has compromised at least 100 victims across 33 countries since May 2026, using compromised WordPress domains and Telegram for command and control and exfiltration.

    Pulse ID: 6a58c1a90a160ce1e25e78e7
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:01

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #Browser #Chrome #CyberSecurity #Encryption #Europe #InfoSec #Mac #MacOS #Malware #MiddleEast #NorthAmerica #OTX #OpenThreatExchange #Password #RAT #RCE #RDP #SocialEngineering #Telegram #Word #Wordpress #bot #AlienVault

  19. Novel Starland RAT and bespoke WLDR C2 implant deployed in financially motivated campaign

    A sophisticated Russian-speaking financially motivated adversary designated UAT-11795 has been conducting malicious operations targeting users in the United States and Europe since June 2025. The campaign delivers a Python-based remote access tool called Starland RAT and a PowerShell-based command-and-control memory implant known as the WLDR agent. The actor distributes trojanized installers disguised as legitimate software including MobaXterm, WebEx, Zoom, DBeaver, and FACEIT through likely ClickFix social engineering techniques. The operation targets victims' credentials and cryptocurrency wallet assets while establishing persistent connections for additional payload delivery. Alternative payloads include CastleStealer and Remcos RAT. The infrastructure utilizes distributed staging and C2 domains, Telegram bots for notifications, and a Polygon smart contract as a fallback mechanism for C2 domain resolution. The WLDR agent features encrypted beaconing, task queuing, and a Runspace execution engine for exe...

    Pulse ID: 6a58c1aa702b1130710d1bfb
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Europe #InfoSec #OTX #OpenThreatExchange #PowerShell #Python #RAT #Remcos #RemcosRAT #Russia #SocialEngineering #Telegram #Trojan #UnitedStates #Zoom #bot #cryptocurrency #AlienVault

  20. Novel Starland RAT and bespoke WLDR C2 implant deployed in financially motivated campaign

    A sophisticated Russian-speaking financially motivated adversary designated UAT-11795 has been conducting malicious operations targeting users in the United States and Europe since June 2025. The campaign delivers a Python-based remote access tool called Starland RAT and a PowerShell-based command-and-control memory implant known as the WLDR agent. The actor distributes trojanized installers disguised as legitimate software including MobaXterm, WebEx, Zoom, DBeaver, and FACEIT through likely ClickFix social engineering techniques. The operation targets victims' credentials and cryptocurrency wallet assets while establishing persistent connections for additional payload delivery. Alternative payloads include CastleStealer and Remcos RAT. The infrastructure utilizes distributed staging and C2 domains, Telegram bots for notifications, and a Polygon smart contract as a fallback mechanism for C2 domain resolution. The WLDR agent features encrypted beaconing, task queuing, and a Runspace execution engine for exe...

    Pulse ID: 6a58c1aa702b1130710d1bfb
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Europe #InfoSec #OTX #OpenThreatExchange #PowerShell #Python #RAT #Remcos #RemcosRAT #Russia #SocialEngineering #Telegram #Trojan #UnitedStates #Zoom #bot #cryptocurrency #AlienVault

  21. Novel Starland RAT and bespoke WLDR C2 implant deployed in financially motivated campaign

    A sophisticated Russian-speaking financially motivated adversary designated UAT-11795 has been conducting malicious operations targeting users in the United States and Europe since June 2025. The campaign delivers a Python-based remote access tool called Starland RAT and a PowerShell-based command-and-control memory implant known as the WLDR agent. The actor distributes trojanized installers disguised as legitimate software including MobaXterm, WebEx, Zoom, DBeaver, and FACEIT through likely ClickFix social engineering techniques. The operation targets victims' credentials and cryptocurrency wallet assets while establishing persistent connections for additional payload delivery. Alternative payloads include CastleStealer and Remcos RAT. The infrastructure utilizes distributed staging and C2 domains, Telegram bots for notifications, and a Polygon smart contract as a fallback mechanism for C2 domain resolution. The WLDR agent features encrypted beaconing, task queuing, and a Runspace execution engine for exe...

    Pulse ID: 6a58c1aa702b1130710d1bfb
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Europe #InfoSec #OTX #OpenThreatExchange #PowerShell #Python #RAT #Remcos #RemcosRAT #Russia #SocialEngineering #Telegram #Trojan #UnitedStates #Zoom #bot #cryptocurrency #AlienVault

  22. Novel Starland RAT and bespoke WLDR C2 implant deployed in financially motivated campaign

    A sophisticated Russian-speaking financially motivated adversary designated UAT-11795 has been conducting malicious operations targeting users in the United States and Europe since June 2025. The campaign delivers a Python-based remote access tool called Starland RAT and a PowerShell-based command-and-control memory implant known as the WLDR agent. The actor distributes trojanized installers disguised as legitimate software including MobaXterm, WebEx, Zoom, DBeaver, and FACEIT through likely ClickFix social engineering techniques. The operation targets victims' credentials and cryptocurrency wallet assets while establishing persistent connections for additional payload delivery. Alternative payloads include CastleStealer and Remcos RAT. The infrastructure utilizes distributed staging and C2 domains, Telegram bots for notifications, and a Polygon smart contract as a fallback mechanism for C2 domain resolution. The WLDR agent features encrypted beaconing, task queuing, and a Runspace execution engine for exe...

    Pulse ID: 6a58c1aa702b1130710d1bfb
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Europe #InfoSec #OTX #OpenThreatExchange #PowerShell #Python #RAT #Remcos #RemcosRAT #Russia #SocialEngineering #Telegram #Trojan #UnitedStates #Zoom #bot #cryptocurrency #AlienVault

  23. Novel Starland RAT and bespoke WLDR C2 implant deployed in financially motivated campaign

    A sophisticated Russian-speaking financially motivated adversary designated UAT-11795 has been conducting malicious operations targeting users in the United States and Europe since June 2025. The campaign delivers a Python-based remote access tool called Starland RAT and a PowerShell-based command-and-control memory implant known as the WLDR agent. The actor distributes trojanized installers disguised as legitimate software including MobaXterm, WebEx, Zoom, DBeaver, and FACEIT through likely ClickFix social engineering techniques. The operation targets victims' credentials and cryptocurrency wallet assets while establishing persistent connections for additional payload delivery. Alternative payloads include CastleStealer and Remcos RAT. The infrastructure utilizes distributed staging and C2 domains, Telegram bots for notifications, and a Polygon smart contract as a fallback mechanism for C2 domain resolution. The WLDR agent features encrypted beaconing, task queuing, and a Runspace execution engine for exe...

    Pulse ID: 6a58c1aa702b1130710d1bfb
    Pulse Link: otx.alienvault.com/pulse/6a58c
    Pulse Author: AlienVault
    Created: 2026-07-16 11:34:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Europe #InfoSec #OTX #OpenThreatExchange #PowerShell #Python #RAT #Remcos #RemcosRAT #Russia #SocialEngineering #Telegram #Trojan #UnitedStates #Zoom #bot #cryptocurrency #AlienVault

  24. I participated in a LinkedIn-based social engineering attempt

    The playbook:
    ✅ LinkedIn message
    ✅ Calendly meeting invite
    ✅ No camera ("technical issue")
    ✅ Gmail account, not corporate email
    ✅ Request to share your screen
    ✅ Excessive praise regardless of your answers
    ✅ Links to external sites + requests to install software

    Stay vigilant.

    alanbonnici.com/2026/07/warnin

    #CyberSecurity #Phishing #SocialEngineering #LinkedIn #ScamAlert #TTMO

  25. I participated in a LinkedIn-based social engineering attempt

    The playbook:
    ✅ LinkedIn message
    ✅ Calendly meeting invite
    ✅ No camera ("technical issue")
    ✅ Gmail account, not corporate email
    ✅ Request to share your screen
    ✅ Excessive praise regardless of your answers
    ✅ Links to external sites + requests to install software

    Stay vigilant.

    alanbonnici.com/2026/07/warnin

    #CyberSecurity #Phishing #SocialEngineering #LinkedIn #ScamAlert #TTMO

  26. I participated in a LinkedIn-based social engineering attempt

    The playbook:
    ✅ LinkedIn message
    ✅ Calendly meeting invite
    ✅ No camera ("technical issue")
    ✅ Gmail account, not corporate email
    ✅ Request to share your screen
    ✅ Excessive praise regardless of your answers
    ✅ Links to external sites + requests to install software

    Stay vigilant.

    alanbonnici.com/2026/07/warnin

    #CyberSecurity #Phishing #SocialEngineering #LinkedIn #ScamAlert #TTMO

  27. I participated in a LinkedIn-based social engineering attempt

    The playbook:
    ✅ LinkedIn message
    ✅ Calendly meeting invite
    ✅ No camera ("technical issue")
    ✅ Gmail account, not corporate email
    ✅ Request to share your screen
    ✅ Excessive praise regardless of your answers
    ✅ Links to external sites + requests to install software

    Stay vigilant.

    alanbonnici.com/2026/07/warnin

    #CyberSecurity #Phishing #SocialEngineering #LinkedIn #ScamAlert #TTMO

  28. I participated in a LinkedIn-based social engineering attempt

    The playbook:
    ✅ LinkedIn message
    ✅ Calendly meeting invite
    ✅ No camera ("technical issue")
    ✅ Gmail account, not corporate email
    ✅ Request to share your screen
    ✅ Excessive praise regardless of your answers
    ✅ Links to external sites + requests to install software

    Stay vigilant.

    alanbonnici.com/2026/07/warnin

    #CyberSecurity #Phishing #SocialEngineering #LinkedIn #ScamAlert #TTMO

  29. macOS Stealer Uses Coercion Loop to Force Password Entry

    A new macOS stealer malware has hit over 100 victims across 33 countries in just two months, with a clever coercion loop trick that forces users to enter their passwords. The attack starts with a simple paste-and-run lure, where victims unknowingly paste a command into Terminal after visiting a malicious webpage.

    osintsights.com/macos-stealer-

    #MacosStealer #MalwareOperations #EmergingThreats #SocialEngineering #Europe

  30. TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains

    TELEPUZ is a newly emerged modular malware-as-a-service first detected in April 2026, spreading through CLICKFIX-VIDAR infection chains. The lightweight, full-featured threat employs sophisticated evasion techniques including indirect syscalls, NTDLL unhooking, and anti-VM checks. It establishes persistence through service installation, communicates via WebSockets with C2 servers, and downloads additional modules for keylogging, credential theft, and web injection. The infection begins with social engineering tricks prompting victims to execute PowerShell commands, deploying VIDAR as a second stage which then delivers TELEPUZ components. Despite limited C2 infrastructure, high daily build volumes indicate active development and expanding operations by likely a small team or solo developer offering malware-as-a-service.

    Pulse ID: 6a584223f539e1c98cd537cb
    Pulse Link: otx.alienvault.com/pulse/6a584
    Pulse Author: AlienVault
    Created: 2026-07-16 02:29:55

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #PowerShell #RAT #SocialEngineering #Vidar #bot #AlienVault

  31. TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains

    TELEPUZ is a newly emerged modular malware-as-a-service first detected in April 2026, spreading through CLICKFIX-VIDAR infection chains. The lightweight, full-featured threat employs sophisticated evasion techniques including indirect syscalls, NTDLL unhooking, and anti-VM checks. It establishes persistence through service installation, communicates via WebSockets with C2 servers, and downloads additional modules for keylogging, credential theft, and web injection. The infection begins with social engineering tricks prompting victims to execute PowerShell commands, deploying VIDAR as a second stage which then delivers TELEPUZ components. Despite limited C2 infrastructure, high daily build volumes indicate active development and expanding operations by likely a small team or solo developer offering malware-as-a-service.

    Pulse ID: 6a584223f539e1c98cd537cb
    Pulse Link: otx.alienvault.com/pulse/6a584
    Pulse Author: AlienVault
    Created: 2026-07-16 02:29:55

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #PowerShell #RAT #SocialEngineering #Vidar #bot #AlienVault

  32. TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains

    TELEPUZ is a newly emerged modular malware-as-a-service first detected in April 2026, spreading through CLICKFIX-VIDAR infection chains. The lightweight, full-featured threat employs sophisticated evasion techniques including indirect syscalls, NTDLL unhooking, and anti-VM checks. It establishes persistence through service installation, communicates via WebSockets with C2 servers, and downloads additional modules for keylogging, credential theft, and web injection. The infection begins with social engineering tricks prompting victims to execute PowerShell commands, deploying VIDAR as a second stage which then delivers TELEPUZ components. Despite limited C2 infrastructure, high daily build volumes indicate active development and expanding operations by likely a small team or solo developer offering malware-as-a-service.

    Pulse ID: 6a584223f539e1c98cd537cb
    Pulse Link: otx.alienvault.com/pulse/6a584
    Pulse Author: AlienVault
    Created: 2026-07-16 02:29:55

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #PowerShell #RAT #SocialEngineering #Vidar #bot #AlienVault

  33. TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains

    TELEPUZ is a newly emerged modular malware-as-a-service first detected in April 2026, spreading through CLICKFIX-VIDAR infection chains. The lightweight, full-featured threat employs sophisticated evasion techniques including indirect syscalls, NTDLL unhooking, and anti-VM checks. It establishes persistence through service installation, communicates via WebSockets with C2 servers, and downloads additional modules for keylogging, credential theft, and web injection. The infection begins with social engineering tricks prompting victims to execute PowerShell commands, deploying VIDAR as a second stage which then delivers TELEPUZ components. Despite limited C2 infrastructure, high daily build volumes indicate active development and expanding operations by likely a small team or solo developer offering malware-as-a-service.

    Pulse ID: 6a584223f539e1c98cd537cb
    Pulse Link: otx.alienvault.com/pulse/6a584
    Pulse Author: AlienVault
    Created: 2026-07-16 02:29:55

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #PowerShell #RAT #SocialEngineering #Vidar #bot #AlienVault

  34. TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains

    TELEPUZ is a newly emerged modular malware-as-a-service first detected in April 2026, spreading through CLICKFIX-VIDAR infection chains. The lightweight, full-featured threat employs sophisticated evasion techniques including indirect syscalls, NTDLL unhooking, and anti-VM checks. It establishes persistence through service installation, communicates via WebSockets with C2 servers, and downloads additional modules for keylogging, credential theft, and web injection. The infection begins with social engineering tricks prompting victims to execute PowerShell commands, deploying VIDAR as a second stage which then delivers TELEPUZ components. Despite limited C2 infrastructure, high daily build volumes indicate active development and expanding operations by likely a small team or solo developer offering malware-as-a-service.

    Pulse ID: 6a584223f539e1c98cd537cb
    Pulse Link: otx.alienvault.com/pulse/6a584
    Pulse Author: AlienVault
    Created: 2026-07-16 02:29:55

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #PowerShell #RAT #SocialEngineering #Vidar #bot #AlienVault

  35. DATE: July 15, 2026 at 06:01PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    Why AI in #Healthcare Demands Stronger Data Oversight t.co/Pcq4pIJE48

    Here are any URLs found in the article text:

    t.co/Pcq4pIJE48

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  36. DATE: July 15, 2026 at 06:01PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    Why AI in #Healthcare Demands Stronger Data Oversight t.co/Pcq4pIJE48

    Here are any URLs found in the article text:

    t.co/Pcq4pIJE48

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  37. DATE: July 15, 2026 at 06:01PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    Why AI in #Healthcare Demands Stronger Data Oversight t.co/Pcq4pIJE48

    Here are any URLs found in the article text:

    t.co/Pcq4pIJE48

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  38. DATE: July 15, 2026 at 06:01PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    Why AI in #Healthcare Demands Stronger Data Oversight t.co/Pcq4pIJE48

    Here are any URLs found in the article text:

    t.co/Pcq4pIJE48

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  39. DATE: July 14, 2026 at 05:40PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments t.co/9wulCCspBV

    Here are any URLs found in the article text:

    t.co/9wulCCspBV

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  40. DATE: July 14, 2026 at 05:40PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments t.co/9wulCCspBV

    Here are any URLs found in the article text:

    t.co/9wulCCspBV

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  41. DATE: July 14, 2026 at 05:40PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments t.co/9wulCCspBV

    Here are any URLs found in the article text:

    t.co/9wulCCspBV

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  42. DATE: July 14, 2026 at 05:40PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    How #AI Can Speed Up Discovery of Safer #PainRelief Options: Nii Osae of #MindbeamAI Describes Project to Identify Promising New Treatments t.co/9wulCCspBV

    Here are any URLs found in the article text:

    t.co/9wulCCspBV

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  43. The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets

    A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.

    Pulse ID: 6a566597fbaff52dd5288ce4
    Pulse Link: otx.alienvault.com/pulse/6a566
    Pulse Author: AlienVault
    Created: 2026-07-14 16:36:39

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

  44. The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets

    A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.

    Pulse ID: 6a566597fbaff52dd5288ce4
    Pulse Link: otx.alienvault.com/pulse/6a566
    Pulse Author: AlienVault
    Created: 2026-07-14 16:36:39

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

  45. The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets

    A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.

    Pulse ID: 6a566597fbaff52dd5288ce4
    Pulse Link: otx.alienvault.com/pulse/6a566
    Pulse Author: AlienVault
    Created: 2026-07-14 16:36:39

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

  46. The Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets

    A sophisticated multi-layered scam operation targets fans seeking tickets for Celine Dion's French tour through two primary vectors. Fraudsters embed themselves in Facebook Groups and Marketplace, using social engineering to create artificial urgency and selling tickets before official presale dates. They exploit Ticketmaster's legitimate transfer feature to resell identical digital tickets to multiple victims, accepting direct bank transfers from compromised accounts. Simultaneously, threat actors deploy fraudulent websites impersonating official distributors like AXS and Ticketmaster, exploiting Shopify's payment infrastructure to appear legitimate. These sites share common technical indicators suggesting use of a recycled phishing kit previously deployed for other major concert events, including Oasis and Taylor Swift tours. The scheme combines emotional manipulation with technical deception to defraud victims desperate for concert access.

    Pulse ID: 6a566597fbaff52dd5288ce4
    Pulse Link: otx.alienvault.com/pulse/6a566
    Pulse Author: AlienVault
    Created: 2026-07-14 16:36:39

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Bank #CyberSecurity #Facebook #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #AlienVault

  47. Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today

    Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.

    Pulse ID: 6a55e306b92e2ed9438ab45f
    Pulse Link: otx.alienvault.com/pulse/6a55e
    Pulse Author: AlienVault
    Created: 2026-07-14 07:19:34

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault

  48. Tomorrowland 2026, Belgium: People of Tomorrow, Targets of Today

    Tomorrowland Belgium 2026, spanning two weekends in July at De Schorre in Boom, sold out rapidly, creating opportunities for cybercriminals. Investigation uncovered approximately a dozen fraudulent websites impersonating the festival brand to target ticket seekers and travellers. These scams include fake ticket shops mimicking official sales with countdown timers and fraudulent biometric checks, travel sites offering bogus accommodation and transport packages, and affiliate schemes. The operations harvest complete identity data, payment credentials, and personal information through sophisticated social engineering. Victims lose money with no recourse, face identity theft risks, and ultimately receive invalid or non-existent tickets. The scammers exploit high demand, tight supply, and rushed purchasing decisions, with sites registered weeks in advance and pushed hardest when official tickets are sold out.

    Pulse ID: 6a55e306b92e2ed9438ab45f
    Pulse Link: otx.alienvault.com/pulse/6a55e
    Pulse Author: AlienVault
    Created: 2026-07-14 07:19:34

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #Biometric #CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #RAT #SocialEngineering #bot #AlienVault

  49. DATE: July 13, 2026 at 05:46PM
    SOURCE: HEALTHCARE INFO SECURITY

    Direct article link at end of text block below.

    #Bipartisan House Bill Pushes #AI for #PediatricCancer Care: Would Create AI Coordinator, Expand Data Interoperability shttps://www.healthcareinfosecurity.com/bipartisan-house-bill-pushes-ai-for-pediatric-cancer-care-a-32216 #Cancerresearch @RepMcCaul @RepBera @MikeKellyPA

    Here are any URLs found in the article text:

    healthcareinfosecurity.com/bip

    Articles can be found by scrolling down the page at healthcareinfosecurity.com/ under the title "Latest"

    -------------------------------------------------

    Private, vetted email list for mental health professionals: clinicians-exchange.org

    Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

    -------------------------------------------------

    #security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

  50. Sign here… and install an unwanted RMM

    A sophisticated phishing campaign impersonates DocuSign's branding to compromise victims through malicious JavaScript embedded in fraudulent webpages. The attack leverages social engineering to trick users into downloading MSI installers disguised as legitimate DocuSign updates or documents. These payloads establish remote access through legitimate Remote Monitoring and Management tools from Atera Network Ltd and ConnectWise/ScreenConnect. Investigation revealed extensive attacker infrastructure spanning hundreds of domains, with tracking mechanisms via Telegram bots collecting detailed victim telemetry including IP addresses, geolocation, ISP information, and user-agent strings. The campaign targets both Windows and macOS systems, utilizing deployment kits across multiple infrastructures with similar URL patterns and JavaScript mechanisms.

    Pulse ID: 6a512b20f12a5adf6bf2c1b3
    Pulse Link: otx.alienvault.com/pulse/6a512
    Pulse Author: AlienVault
    Created: 2026-07-10 17:25:52

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #ConnectWise #CyberSecurity #InfoSec #Java #JavaScript #Mac #MacOS #OTX #OpenThreatExchange #Phishing #SMS #ScreenConnect #SocialEngineering #Telegram #Windows #bot #AlienVault