Threat Research

    Vishing Campaigns Lead to Data Theft and Extortion

    Since late December 2025, the team has handled multiple incidents involving voice-based phishing (vishing) leading to data theft and extortion. These attacks have targeted organizations across Financial Services, Manufacturing, Professional & Legal Services, and Wholesale & Retail sectors....
    3/17/2026  0
    Read More »

    Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft

    The team observed increased threat activity matching tactics linked to previous ShinyHunters extortion campaigns. These operations rely heavily on advanced voice phishing (vishing) techniques. Attackers use victim-branded credential harvesting sites to capture SSO credentials and MFA codes. With initial access gained, they pivot into corporate cloud environments....
    2/2/2026  0
    Read More »

    Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE - Smishing Triad in Action

    Cybercriminals in the UAE are impersonating Dubai Police to defraud consumers, using social engineering tactics such as smishing, phishing, and vishing. Victims are tricked into paying non-existent fines, including traffic tickets and license renewals, via fraudulent phone calls....
    3/24/2025  0
    Read More »

    Two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”

    Our team is actively responding to incidents involving two distinct threat actor groups leveraging Microsoft Office 365 to infiltrate organizations, likely aiming to steal data and deploy ransomware. Investigations into these clusters began following customer incidents in November and December 2024, with the threats tracked as STAC5143 and STAC5777....
    1/22/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.