ioc[.]one - OSINT Cyber Threat Intelligence Database

Show in Graph

Common Information

Type	Value
Value	Phishing - T1566
Category	Attack-Pattern
Type	Mitre-Attack-Pattern
Misp Type	Cluster
Description	Adversaries may send phishing messages to gain access to victim systems. All forms of phishing are electronically delivered social engineering. Phishing can be targeted, known as spearphishing. In spearphishing, a specific individual, company, or industry will be targeted by the adversary. More generally, adversaries can conduct non-targeted phishing, such as in mass malware spam campaigns. Adversaries may send victims emails containing malicious attachments or links, typically to execute malicious code on victim systems. Phishing may also be conducted via third-party services, like social media platforms. Phishing may also involve social engineering techniques, such as posing as a trusted source, as well as evasive techniques such as removing or manipulating emails or metadata/headers from compromised accounts being abused to send messages (e.g., [Email Hiding Rules](https://attack.mitre.org/techniques/T1564/008)).(Citation: Microsoft OAuth Spam 2022)(Citation: Palo Alto Unit 42 VBA Infostealer 2014) Another way to accomplish this is by forging or spoofing(Citation: Proofpoint-spoof) the identity of the sender which can be used to fool both the human recipient as well as automated security tools.(Citation: cyberproof-double-bounce) Victims may also receive phishing messages that instruct them to call a phone number where they are directed to visit a malicious URL, download malware,(Citation: sygnia Luna Month)(Citation: CISA Remote Monitoring and Management Software) or install adversary-accessible remote management tools onto their computer (i.e., [User Execution](https://attack.mitre.org/techniques/T1204)).(Citation: Unit42 Luna Moth)

Details		Published	Attributes	Title
Details	Website	2030-03-02	20	APT QUARTERLY HIGHLIGHTS - Q3 : 2023 - CYFIRMA
Details	Website	2028-10-24	0	MIT Technology Review Insights Survey on Zero Trust in Cybersecurity
Details	Website	2025-12-17	17	Stories from the SOC: Caught in the Trap: Detecting and…
Details	Website	2025-11-13	0	Maximize Client Protection with LevelBlue and Check Point's…
Details	Website	2025-10-04	1	ThreatConnect 7.9 is Live: Smarter SLAs, Unified Search, and More Control for Security Teams \| ThreatConnect
Details	Website	2025-09-05	0	New LevelBlue Threat Trends Report gives critical insights…
Details	Website	2025-09-04	4	Medusa Intelligence Dashboard - Immediately Available for ThreatConnect \| ThreatConnect
Details	Website	2025-09-01	0	How ThreatConnect and Polarity Empower Teams to Combat Phishing Threats \| ThreatConnect
Details	Website	2025-08-01	0	—
Details	Website	2025-07-05	16	Python InfoStealer with Embedded Phishing Webserver - SANS Internet Storm Center
Details	Website	2025-07-02	13	Inside a Malware Campaign: A Nigerian Hacker’s Perspective – CyberArmor
Details	Website	2025-05-24	0	Banking sector unites for cybersecurity workshop \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security Consulting
Details	Website	2025-05-24	0	Russian Hacker Indicted Over $24 Million Qakbot Ransomware Operation \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security Consulting
Details	Website	2025-05-24	0	184 Million Users' Passwords Exposed From an Open Directory Controlled by Hackers \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security Consulting
Details	Website	2025-05-24	0	Healthcare sector bears brunt of 2024 data breaches driven by evolving ransomware tactics \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security Consulting
Details	Website	2025-05-24	0	Dragos reports surge in ransomware attacks as AI-powered tactics drive sharp rise in industrial targeting \| #ransomware \| #cybercrime - National Cyber Security Consulting
Details	Website	2025-05-24	8	Crypto Drainers are Targeting Cryptocurrency Users
Details	Website	2025-05-23	3	Fake Google Meet Page Tricks Users into Running PowerShell Malware
Details	Website	2025-05-23	1	Cybersecurity Snapshot: AI Data Security Best Practices Released, While New Framework Seeks To Help IT Pros Gain Cyber Skills \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security Consulting
Details	Website	2025-05-23	1	The Rising Tide Of Cybercrime: How We Can Protect Ourselves In The Digital Age \| #cybercrime \| #infosec - National Cyber Security Consulting
Details	Website	2025-05-23	0	Ransomware hackers charged, infrastructure dismantled in international law enforcement operation \| #ransomware \| #cybercrime - National Cyber Security Consulting
Details	Website	2025-05-23	1	3AM ransomware uses spoofed IT calls, email bombing to breach networks - PRSOL:CC
Details	Website	2025-05-23	0	Cybercriminals Take Advantage of ChatGPT and Other Generative AI Models \| #cybercrime \| #infosec - National Cyber Security Consulting
Details	Website	2025-05-23	9	Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware
Details	Website	2025-05-23	12	Crypto Drainers are Targeting Cryptocurrency Users

1
2
3
4
5
6
7
8
...
1335
next