< ciso
brief />
Tag Banner

All news with #vishing tag

30 articles · page 2 of 2

ShinyHunters Launch Vishing Campaign Targeting 100s

📞 Notorious extortion group ShinyHunters released tens of gigabytes of files it claims were stolen from dating services including Hinge, Match, OkCupid and Bumble. Researchers link the disclosures to a broader campaign that combines automated phishing kits with voice-based social engineering to capture credentials and MFA tokens in real time. Security firm Silent Push detected a 'Live Phishing Panel' and infrastructure consistent with SLSH activity targeting more than 100 high-value organizations. Organizations are advised to verify IT support calls through official out-of-band channels and audit OSS logs for suspicious device enrollments and new-IP logins.
read more →

Okta Warns of Real-Time Vishing Attacks Bypassing MFA

🔔Okta Threat Intelligence has warned that cybercriminals are combining vishing calls with adaptable phishing sites to social-engineer victims and bypass multi-factor authentication (MFA). Attackers perform reconnaissance, spoof internal IT support numbers during calls and direct users to customized phishing pages that update in real time. Stolen credentials are relayed to attackers who then generate fake MFA prompts to obtain approvals and gain account access.
read more →

ShinyHunters Claim Responsibility for SSO Vishing Attacks

📞 ShinyHunters says it is behind a wave of voice-phishing campaigns that compromise single sign-on accounts at Okta, Microsoft Entra, and Google, enabling access to downstream SaaS platforms. Attackers call employees posing as IT, steer victims through dynamic phishing pages and capture multi-factor authentication in real time, then enumerate connected applications to harvest data. The group claims Salesforce as a primary target and has issued extortion demands using stolen information.
read more →

Okta SSO Accounts Targeted by Vishing Phishing Kits

🔔 Okta warns of bespoke vishing phishing kits sold as a service that enable live adversary-in-the-middle attacks to steal Okta SSO credentials. These kits include a C2 panel that lets callers control the victim's authentication flow in real time and synchronize fraudulent MFA dialogs to bypass push-based protections. Okta urges adoption of phishing-resistant MFA such as Okta FastPass, FIDO2 security keys, or passkeys and recommends user education and vendor notifications.
read more →

Harvard Alumni Systems Breached in Voice Phishing Attack

📞Harvard University disclosed that systems used by Alumni Affairs and Development were accessed in a phone‑based phishing attack discovered on November 18, 2025. Exposed information includes email addresses, phone numbers, home and business addresses, event attendance records, donation details, and biographical data for alumni, donors, some students, faculty and staff. The university stated the compromised systems did not contain Social Security numbers, passwords, payment card data, or financial account information. Harvard sent notifications on November 22 and is working with law enforcement and third‑party cybersecurity experts to investigate and remediate the incident.
read more →

Europol Raises Alarm Over Caller ID Spoofing Crisis

🚨 Europol has issued a Position Paper warning of a rising wave of caller ID spoofing, where criminals falsify numbers to impersonate banks, government bodies or relatives. The agency estimates global losses around €850m annually and reports spoofing now underpins roughly 64% of phone- and SMS-related fraud. Europol calls for harmonized technical standards, stronger cross-border cooperation and regulatory convergence to make spoofing harder to perpetrate and easier to investigate.
read more →

Outsourced IT Helpdesks: Closing a Critical Security Gap

📞 Outsourced helpdesks are increasingly targeted by vishing and other social‑engineering campaigns. Attackers can exploit service‑desk privileges to reset passwords, disable MFA, enroll devices or elevate access, enabling lateral movement. Clients should require evidence of ISO 27001 compliance, enforce least‑privilege, strict caller authentication and continuous, scenario‑based agent training. Technical controls such as caller ID spoofing detection, deepfake audio checks and MFA on helpdesk tools — combined with MDR monitoring — help close this gap.
read more →

Manufacturing Disruptions from Targeted Cyberattacks

⚠️Recent cyberattacks forced production halts at Jaguar Land Rover and Asahi, underscoring that operational disruption is now a primary objective for threat actors. JLR paused production after an August 31 compromise attributed to the Scattered Lapsus$ Hunters group, reportedly using vishing to obtain credentials, while Asahi halted orders and shipments following a systems failure. Experts emphasize that attackers exploit phishing, unpatched systems, and supply‑chain weaknesses, and urge layered defenses such as zero trust, MFA, PAM, micro‑segmentation, continuous monitoring, and air‑gapped backups to preserve business continuity.
read more →

Inside a Convincing Phone Scam: Social Engineering Exposed

🔍 A reader recounts a sophisticated phone scam in which callers posed as bank employees and provided plausible details to build trust. The scammers supplied case numbers and 'cancellation codes,' then transferred the victim to a staged supervisor named Mike Wallace to legitimize their story. Even security-aware individuals can be deceived; the anecdote illustrates how social engineering exploits procedural expectations and authority. Independently verify any unexpected bank contact via official channels before taking action.
read more →

Why Muddled Libra Draws Disproportionate Media Attention

🛡️Unit 42 explains why Muddled Libra receives outsized attention: the group uses a consistent playbook, industry-focused waves of attacks, and unusually convincing English-language vishing that makes attribution and impact more visible. In 2025 cases, about 50% led to DragonForce ransomware deployment and data exfiltration, heightening executive concern. The report highlights practical defenses such as Conditional Access Policies and analytic correlation with tools like Cortex XSIAM to detect and disrupt operations.
read more →