The FBI has issued a warning about a new phishing kit called Kali365 that targets Microsoft OAuth tokens. The kit is being offered on Telegram and uses AI-generated lures.
The warning highlights how Kali365 lowers the barrier of entry for less-technical attackers. It provides access to AI-generated phishing lures that can compromise Microsoft accounts through OAuth tokens.
Iniulat ng AI Larawang ginawa ng AI
Ahead of Idul Fitri, IT expert from Untag Surabaya, Supangat, urges the public to heighten vigilance against scams via WhatsApp and SMS. Rising digital transactions are exploited by cybercriminals. Vida founder Niki Santo Luhur identifies two main methods: phishing and malware prevalent in Indonesia.
Microsoft has alerted users that hackers are targeting password reset processes to breach accounts. The activity is attributed to the group Storm-2949.
Iniulat ng AI
FBI's Atlanta field office, with Indonesian authorities, has dismantled a sophisticated global phishing operation. The network stole thousands of victim account credentials and attempted fraud exceeding $20 million or Rp 342 billion. This marks the first joint cyber investigation of its kind.
A hacking group known as Handala, believed to be affiliated with Iranian cyberintelligence units, has breached the personal email account of FBI Director Kash Patel. The group published photos and emails from the account as proof of the hack, which the FBI and Department of Justice have confirmed involved only historical personal information. The breach follows recent U.S. actions against the group's websites and Patel's public threats to pursue them.
Iniulat ng AI
A deceptive tech support scam has tricked employees into compromising their company computers. Posing as IT help, scammers guide victims through steps that install Havoc malware. The attack begins with spam emails and escalates via fake phone calls.