Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for How users are losing ...

 Threats

X (formerly Twitter) has long had a solid reputation as a primary source of crypto scams, which are often promoted on the social network by compromised or fake accounts of celebrities or major companies. Meanwhile, Metas ubiquitous platforms — Instagram, Facebook, and WhatsApp — are earning a similar reputation in   show more ...

a different category: investment fraud involving deepfakes. Criminals are eagerly exploiting AI tools to create fake videos of prominent figures in the financial sector — from famous economists and TV hosts to heads of government. Attackers then promote these videos by placing ads on social media. In this post, we explain how these schemes work, how victims are duped after watching these videos, the role WhatsApp plays in the schemes, and how you can avoid falling for them. Instagram, deepfakes, and WhatsApp: investment scams in Canada To understand how these scams work, well start with a recent campaign that targeted customers of Canadian banks. Attackers began by running Instagram ads in the name of BMO Belski. The abbreviation BMO was a deliberate choice; Canadian users consistently associate it with the countrys oldest bank, the Bank of Montreal. The mention of the Belski surname was no accident either: Brian Belski is BMOs chief investment strategist and head of the banks investment strategy team. The BMO Belski ads showed AI-generated deepfake videos of Belski himself promising users the chance to join a private investment group on WhatsApp. The criminals strategy was to dupe unsuspecting Canadian users into believing theyre getting trustworthy financial and investment advice from a recognized expert. The users would then rush to chat with the scammers through WhatsApp. This is what an Instagram ad for a fraudulent investment club with a deepfake Brian Belski looks like: users are encouraged to join a private group on WhatsApp. Source A curious detail: the BMO Belski account that ran these ads on Instagram had no profile on that social media platform at all. The ads ran through BMO Belskis Facebook page. Meta, the company that owns both social networks, lets advertisers run Instagram ads from a Facebook business page, thus eliminating the need to create a separate Instagram account. Its also interesting that the Facebook page used to promote the fraudulent ads had existed since October 27, 2023, and was previously titled Brentlinger Matt Blumm — whatever or whoever that may be. The scammers likely used a pre-made or previously stolen account that was marinated for a few years to avoid suspicion and bypass moderation. The ad with the Brian Belski deepfake was launched on Instagram, but on behalf of a Facebook page. Meta allows promoting ads on Instagram even if the advertiser doesnt have an account there. Source Researchers dont know exactly what went on in the WhatsApp private investment chats promoted by the deepfake. Theres also no information about victims of the ad featuring the fake banker, or the amount of their losses. However, other cases involving similar schemes, which we discuss later in this post, give us an idea of how this couldve looked. Scammers impersonate Financial Times chief economics commentator Several months ago in the UK, scammers employed a similar scheme, which featured a deepfake of Martin Wolf, the chief economics commentator for the Financial Times. Similarly to the Canadian bank scam, the fraudsters disseminated ads on Instagram that showed a fake Martin Wolf inviting people to join his WhatsApp group for investment advice. A former colleague of Wolfs first alerted the journalist to the ad in March 2025. Once alerted, Wolf started pushing Meta to block the ads because they violated several of the platforms own advertising policies. After some back-and-forth with Meta, the journalist managed to get one of the fraudulent ads taken down. However, Wolf soon began receiving links to other similar videos. An example of an investment deepfake video of the Financial Times journalist, which scammers advertised on Instagram. Source A subsequent investigation by the journalists colleagues at the Financial Times showed that the scam campaign included at least three different deepfake videos and several digitally manipulated images of Martin Wolf. These materials appeared in more than 1700 ads across Facebook and Instagram. According to data from the Meta Ad Library, these ads reached more than 970 000 users in EU countries alone (excluding the UK), where legislation requires platforms to disclose such information. At least ten accounts ran the campaign, with new profiles joining the game as soon as the previous ones were blocked. In just six weeks, a fraudulent advertising campaign featuring a deepfake of a Financial Times journalist reached nearly a million users in the EU alone. Source The most shocking part? All of this occurred even though Martin Wolf was enrolled in Metas new face recognition system, which is specifically designed to automatically detect and remove this kind of content. The journalist himself questions why an organization as large as Meta, with plenty of resources and AI-powered tools, is unable to detect and block such schemes — if not fully automatically, then at least after direct notifications. Is it really that difficult? What goes on inside WhatsApp scam chats: a British victims story A British office manager named Sarah shared what happens inside exclusive communities on WhatsApp after she became a victim of scammers. She joined a WhatsApp group after watching an Instagram ad that featured Peter Hargreaves, the co-founder of the UKs largest investment platform, Hargreaves Lansdown. You guessed it: the video was also a deepfake. After Sarah gave the scammers her number, they contacted her and sent her an invitation to the WhatsApp group. Following that, they sent a link to download a supposed investment app to her smartphone. Sarah was told a mentor would assist her by telling her when and at what price to buy and sell assets to lock in a profit. Initially, Sarah invested £50, but she soon began putting more and more of her savings into assets recommended in the WhatsApp group. Sarah believed she was investing in small, growing companies and quickly earning a profit. In just two weeks, her account showed about £300 in profits on a total investment of about £2 000. Problems only began several weeks later when Sarah wanted to transfer the profit to her bank account. She started receiving requests to pay taxes, withdrawal fees, and regulatory fees. She continued to pay, convinced that shed soon get her money back with a large profit. When Sarah suspected a scam, it was already too late: all the money was gone. The WhatsApp group disappeared, her mentor stopped responding, and the investment app quit working. Along with the app, the £4000 she had invested and all of her supposed profits vanished. More than 600 advertisements featuring deepfakes of Peter Hargreaves were found on the Meta platform. One of these ads led Sarah into the hands of scammers. Twenty-two fraudulent accounts placed the ads, and Hargreaves Lansdown had them removed in May of this year after filing a trademark infringement complaint. To lure victims, the scammers also deployed deepfakes of other British financial celebrities besides Peter Hargreaves and Martin Wolf. These included Anthony Bolton, a former Fidelity International fund manager, and Stephanie Flanders, a former JP Morgan Asset Management economist. From The Wolf of Wall Street to WhatsApp groups: how deepfake pump-and-dump schemes work Malicious actors also employ deepfake videos in Facebook and Instagram ads to carry out another type of investment scam known as pump and dump. This scheme involves genuine financial assets — not fictional tokens in a fake application. The catch is that criminals buy up cheap, unattractive stocks to inflate their price. They then launch an aggressive advertising campaign on social media urging users to invest and promising rapid returns. Due to the heightened interest, the stock price continues to rise for a time, and more people invest with hopes of easy profit. Once the value peaks, the scammers quickly sell off their shares and disappear with the earnings. After that, the price plummets, and everyone else is left with almost worthless stock. A similar scheme existed long before the widespread adoption of deepfakes. One of the most famous examples of its execution was the work of Jordan Belfort, the inspiration for the main character in the movie The Wolf of Wall Street. In the early 1990s, his brokerage firm sold cheap, little-known stocks to clients, artificially inflating demand for them before dumping them at an inflated price. Whereas stock market scammers in the past relied on their own asserted authority to convince victims to purchase dubious stocks, deepfake technology now allows them to exploit the reputations of experts and well-known figures. For example, a scheme was recently uncovered in Israel where bad actors artificially inflated the stock price of Ostin Technology Group Co. Ltd. (OST). To do this, they circulated deepfake videos featuring business journalist Guy Rolnik, entrepreneur Eyal Waldman, and businesswoman Shari Arison. The scammers also impersonated reputable financial institutions, including the Tel Aviv Stock Exchange, the Israel Securities Authority, Bank Hapoalim, and Israel Discount Bank. The fraudsters distributed fake promotional videos on Facebook and Instagram and, as in the previous scheme, invited users to join WhatsApp groups, where they provided them with advice on how to purchase OST stock. It didnt take much persuading; a quick Google search confirmed that OST stock was, in fact, on the rise. Rise and fall: Ostin Technology Group stock grew multiple times over, and then collapsed by 95% — after a scam campaign with deepfakes and investment chats in Israel. Source Over several weeks, the companys stock rose multiple times, reaching US$9.02 at its peak, after which it collapsed by 93%, with the stock price falling to 13 cents. In the two most serious cases, two victims lost 250 000 and 150 000 shekels (about US$75 000 and US$45 000), respectively. Meta cant protect users from deepfakes: a story from Australia Scam ads that targeted Australian Facebook and Instagram audiences employed deepfake videos of several well-known personalities to promote fraudulent investment schemes. These videos featured TV host and financial journalist David Koch, billionaire Gina Rinehart, conservationist and TV host Robert Irwin, and even Australias current prime minister, Anthony Albanese. In a fraudulent ad on Facebook, a deepfake of the Australian prime minister advertises investments Source In a deepfake video, Anthony Albanese enthusiastically advertised an investment program that promised significant returns for minimal outlay. The links within the deepfake videos of him and the other personalities directed viewers to a fake news story. The article included what appeared to be quotes from famous Australian public figures to support investments in cryptocurrencies, or other get-rich-quick schemes. Facebook users were asked to sign up for the program, after which scammers would contact them to convince them to deposit money. In response to user complaints about fraudulent ads, Facebook sent out the following boilerplate message: We didnt remove the ad. Thanks again for your report. This information helps us improve the integrity and relevance of advertising on Facebook. [] We understand this might be frustrating, so we recommend influencing the ads you see by hiding ads and changing your ad preferences. The message suggests that Meta isnt particularly eager to combat fraudulent advertising — even when users try to assist the company. Source In short, Metas efforts to fight deepfakes and investment scams on its platforms remain inadequate. Even with its plentiful resources and AI-powered tools, the company is unable to quickly detect and block obviously fake videos that exploit the likeness of public figures. These ads appear daily in users feeds as paid promotions from fake yet seemingly legitimate accounts. This means that Facebook and Instagram ultimately profit from their being spread. How to avoid falling victim to deepfake ads on Instagram and Facebook To avoid suffering from questionable and outright fraudulent investment advice, our primary recommendation is not to make financial decisions based on information from Instagram or Facebook. In addition to that: Approach ads on social media with caution. As the stories in this post clearly show, ad moderation on Facebook and Instagram (and X, too) is less than ideal. Dont forget about deepfakes. For several years now, weve been living in a reality where videos of any famous person can be easily, quickly, and cheaply faked. You should keep this in mind and verify any information you receive from dubious sources. Remember the universal rule of investing: the higher the potential return, the greater the risk involved. Therefore, you shouldnt invest money you arent prepared to lose in schemes with supposedly high profits (which actually have a high risk). Be especially careful with offers that promise quick profits with minimal outlay. This is one of the most obvious signs of a scam — you know what they say about free lunch. Use only reliable investment apps from vetted brokers downloaded from official app stores. You shouldnt trust download links sent by strangers in messaging apps. Tell your family and friends about deepfake video scams. This will help protect them from losing money and the emotional distress that can follow. Learn more about deepfakes: Watch the (verified) birdie, or new ways to recognize fakes Dont believe your ears: voice deepfakes Youre in for a big payout again How to mitigate the impact of deepfakes Scams targeting lovers or the lovelorn

 Government

The Commission on Cyber Force Generation will develop potential routes Congress and the White House could follow in creating a separate cyber service and aim to deliver them in time for next year’s must-pass national defense authorization act.

 People

The Senate voted 59-35 to place Republican Party insider Sean Cairncross atop the Office of the National Cyber Director, which plays a pivotal role in dictating policy and bolstering U.S. cybersecurity efforts.

 Cybercrime

The Treasury Department warned that the massive increase in the number of crypto ATMs — convertible virtual currency kiosks — has been accompanied by a spike in the number of operators who fail to comply with anti-money laundering rules.

 Feed

Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. "The botnet's rapid growth, which now exceeds 2,000 new infections per week, is driven by aggressive campaigns focusing on Spanish and French speakers, indicating a strategic

 Feed

Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.

 Feed

Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties

 Feed

Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT didn’t just get democratized, its security got outpaced. Employees are onboarding apps faster than

 Feed

A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers. "When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution

 Feed

Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. With the election quickly approaching, it’s essential to be informed and cautious about the growing number of voting scams. Scammers are becoming more sophisticated, using everything from artificial intelligence to fake text messages to trick people into   show more ...

sharing sensitive information. Here’s a breakdown of the types of voting scams […] La entrada Beware of These Voting Scams Happening Now – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. In today’s digital world, the line between reality and deception has become increasingly blurred, with cybercriminals leveraging cutting-edge AI technologies to exploit our trust and interest in celebrities. As we continue to engage with the internet in   show more ...

unprecedented ways, McAfee’s 2024 Celebrity Hacker Hotlist sheds light on a growing […] La entrada Scarlett Johansson Tops McAfee’s 2024 Celebrity Hacker Hotlist for AI Online Scams – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Jasdev Dhaliwal. Bad news travels quickly. Or so goes the old saying. Yet we do know this: disinformation and fake news spread faster than the truth. And what makes it spread even faster is AI. A recent study on the subject shows that fake news travels across the internet than   show more ...

stories […] La entrada Clickbait and Switch: How AI Makes Disinformation Go Viral – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Apple

Source: www.techrepublic.com – Author: J.R. Johnivan encryption truecrypt secure storage Apple patched a critical macOS vulnerability earlier this year that allowed attackers to bypass system protections and access sensitive user data across multiple devices, security researchers at Microsoft recently revealed.   show more ...

Dubbed “Sploitlight” for its exploitation of Spotlight plugins, the flaw was uncovered by Microsoft’s Security […] La entrada ‘Sploitlight’ Vulnerability: How Hackers Bypassed Apple’s TCC Protections – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APAC

Source: www.techrepublic.com – Author: Megan Crouse Image: Envato/DC_Studio One of the top challenges for threat intelligence workers is having too many data feeds, according to the July 2025 Threat Intelligence Benchmark report from Forrester Consulting and Google Cloud. Forrester Consulting surveyed more than   show more ...

1,500 IT and cybersecurity leaders across 12 industries from countries, including UK, […] La entrada Google Cloud/Forrester Report: Top Challenges to Effective Threat Intelligence – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Amazon

Source: www.techrepublic.com – Author: J.R. Johnivan A hacker recently injected code into Amazon Q in order to warn users of the platform’s potential security flaws. But the outcome could have been much worse. Generative AI virtual assistant Amazon Q was unveiled by AWS CEO Adam Selipsky in 2023. Image: AWS A   show more ...

threat actor managed to […] La entrada Hacker Exposes Amazon Q Security Flaws Using Covert Code – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.techrepublic.com – Author: Liz Ticong Source: Aqua Security Hackers are embedding AI-generated malware hidden inside seemingly benign panda images to covertly hijack Linux machines for cryptomining, according to Aqua Security. The stealthy code evades antivirus software and leaves almost no trace.   show more ...

The campaign uses a “new breed of persistent malware,” combining image-based payload delivery, […] La entrada AI Turns Panda Image Into ‘New Breed of Persistent Malware’ – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APAC

Source: www.techrepublic.com – Author: J.R. Johnivan Image: nicescene/Adobe Stock Recent attacks targeting Microsoft SharePoint have escalated, with threat actors now deploying ransomware on vulnerable systems, according to Microsoft. This surge in malicious activity follows the release of multiple SharePoint   show more ...

security patches in July. An update published to Microsoft’s blog reads, in part: “Expanded analysis and […] La entrada Microsoft SharePoint Hackers Switch Gears to Spread Ransomware – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Advanced Encryption Package

Source: www.techrepublic.com – Author: Jonathan Kalibbala We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not the content of our reviews. See our Terms of Use for details. This is a comprehensive list of the best encryption software and tools,   show more ...

covering their features, pricing and […] La entrada The 7 Best Encryption Software Choices in 2025 – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: www.techrepublic.com – Author: Aminu Abdullahi Published July 23, 2025 Federal agencies warn of rising Interlock ransomware attacks targeting healthcare and critical sectors using double extortion and advanced social engineering. Four major U.S. agencies have issued a joint cybersecurity alert warning   show more ...

about the escalating threat posed by the Interlock ransomware operation, which has increasingly targeted […] La entrada US Agencies Warn of Surging Interlock Ransomware Attacks Targeting Healthcare, Businesses – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APAC

Source: www.techrepublic.com – Author: J.R. Johnivan We may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not the content of our reviews. See our Terms of Use for details. A series of cyberattacks targeting Microsoft collaboration software,   show more ...

specifically SharePoint, have been linked to Chinese hackers and […] La entrada Microsoft Blames ‘China-Based Threat Actor’ for SharePoint Attacks – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.techrepublic.com – Author: Aminu Abdullahi Published July 22, 2025 Cyber extortion group World Leaks released more than 1.3TB of internal Dell data, including scripts and backups. Dell insists no sensitive customer information was exposed. Image: WhataWin/Adobe Stock Dell Technologies has confirmed   show more ...

a cyberattack targeting one of its internal platforms used for product demonstrations. The […] La entrada Dell Confirms Security Breach by Extortion Group, Calls Stolen Data ‘Fake’ – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson Infosec In Brief North Korea’s Lazarus Group has changed tactics and is now creating malware-laden open source software. Software supply chain management vendor Sonatype last week published research in which it claimed that Lazarus Group has created hundreds   show more ...

of “shadow downloads” that appear to be popular open source software […] La entrada Lazarus Group rises again, this time with malware-laden fake FOSS – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 CSOonline

Source: www.csoonline.com – Author: MCP makes agentic AI flexible – but also vulnerable. For CISOs, visibility, control and secure workflows are crucial for trust and resilience. The model context protocol (MCP) was only introduced at the end of 2024, but the technological consequences are already clearly   show more ...

noticeable in many architectures. MCP provides a standardized “language” […] La entrada MCP: securing the backbone of Agentic AI – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: www.csoonline.com – Author: The company’s latest threat hunting report highlights the speed and AI sophistication of threat groups today, offering defenders strategies for keeping up. CISOs and their teams are entering a “new era” of cyberthreats characterized by sophisticated threat actors who   show more ...

operate with “business-like efficiency,” researchers from CrowdStrike conclude in the cybersecurity giant’s […] La entrada CrowdStrike: A new era of cyberthreats from sophisticated threat actors is here – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Artificial Intelligence

Source: www.csoonline.com – Author: What are some of the most pressing cybersecurity threats and how CISOs manage them? CISOs have a lot on their minds, from team’s burn out, AI risks to the pressure of proving business value, security leaders are juggling a complex range of threats. The security profession   show more ...

has a stress problem The […] La entrada 6 things keeping CISOs up at night – Source: www.csoonline.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Shadow

Source: thehackernews.com – Author: . Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture. When the   show more ...

floodgates of SaaS and AI opened, […] La entrada The Wild West of Shadow IT – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. “The botnet’s rapid growth, which now   show more ...

exceeds 2,000 new infections per week, is driven by aggressive campaigns focusing on Spanish […] La entrada PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-08
Aggregator history
Monday, August 04
FRI
SAT
SUN
MON
TUE
WED
THU
AugustSeptemberOctober