THREAT FEED

Evil twin Wi-Fi attacks detected at major Bay Area locations including BART stations, cafes, and coworking spaces. Attackers set up fake public Wi-Fi networks that intercept login credentials for email and cloud services.

Fake Amazon Prime membership renewal emails claiming automatic charges of $139.99. Emails include a Cancel Membership button linking to a phishing site that harvests Amazon credentials and credit card information.

Sophisticated phishing campaign targeting Comcast customers in the Philadelphia metro area. Emails impersonate Comcast support and claim billing issues, directing victims to a convincing login page at comcast-billing-update.example.

Increase in malware distribution via Gmail attachments disguised as shipping notifications and invoice documents. Payloads include information-stealing trojans targeting browser-stored credentials and cryptocurrency wallets.

Phishing emails mimicking Apple purchase receipts for expensive items. Emails prompt users to cancel the order by clicking a link that leads to a fake Apple ID login page. Campaign primarily targeting iCloud email users.

Reports of USB drives left at Bay Area coworking spaces containing auto-executing malware. Malware targets Slack tokens and Zoom session cookies, enabling persistent access to corporate communications.

Man-in-the-middle attacks detected on NYC subway Wi-Fi networks. Attackers intercepting unencrypted traffic and injecting malicious content into HTTP connections. Email credentials sent over non-HTTPS connections are at risk.

Widespread phishing campaign targeting .edu email accounts. Emails impersonate university IT departments requesting password resets for security compliance. Harvested credentials used to access student financial aid portals and research data.