Cybersecurity Weekly Verified Twitter Accounts Hacked Cryptocurrency Phishing Attack Facebook Business Data Harvesting Campaign

1. Verified Twitter accounts hacked to send fake suspension notices

Threat actors are hacking verified Twitter accounts to send fake but well-written suspension messages that attempt to steal other verified users’ credentials. Read more »

2. Credential phishing attack spoofs cryptocurrency app MetaMask, targets financial industry

Researchers identified a credential-phishing attack that spoofs MetaMask, one of the most widely used crypto applications that lets users store and swap cryptocurrencies, interact with blockchain, and host dApps, which are built on a decentralized network supported by a blockchain distributed ledger. Read more »

3. Facebook business pages targeted via chatbot in data-harvesting campaign

The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn. Read more »

4. FBI warning: Crooks are using deepfakes to apply for remote tech jobs

Scammers are using deepfakes to apply for remote technology roles that provide access to corporate IT networks. Read more »

5. North Korea is likely culprit behind $100 million crypto heist

There are “strong indications” that Lazarus Group, a hacking collective with strong ties to Pyongyang, orchestrated the attack, blockchain analytics firm Elliptic said. Read more »