Sergiu Gatlan reports: Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company representative. After becoming aware of the incident on July 24th, the networking equipment giant discovered that the attacker tricked an employee and gained access to a third-party…
Category: Phishing
Seminole County Schools recovers money taken by hackers
Nick Papantonis reports: Seminole County Schools has recovered $1.3 million that was taken in a phishing scam several years ago, a district spokeswoman said. The hackers impersonated a vendor and emailed the finance department, requesting the district to update its banking details to direct payments to a new account. The December 2023 incident was reported to authorities…
Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
HHS added ten listings to its public leak site today, all of which are part of the Integrated Oncology Network (“ION”). See updates to 22 listings. According to its substitute notice, on May 9, ION concluded an investigation of a phishing incident that occurred between December 13 and December 16, 2024. The incident resulted in…
Five youths arrested on suspicion of phishing
Dutch police report: Last week, the police arrested five young people on suspicion of phishing. On Tuesday 1 July, four minors aged 14 and 17 from Lelystad were arrested, and on Wednesday 2 July, a 21-year-old suspect from Lelystad was arrested. The police in Flevoland started an investigation some time ago after receiving reports of…
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
Ravie Lakshmanan reports: Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. “A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique known as Telephone-Oriented Attack Delivery (TOAD), also…
Marquette County Medical Care Facility discloses data breach
Marquette County Medical Care Facility (MCMCF) has issued a statement about a breach they discovered in March 2025. On March 3, 2025, MCMCF became aware of the business email compromise incident when contacts of MCMCF’s Human Resources director began receiving phishing emails from her Microsoft Office 365 (O365) account. The types of information involved included…