Security News

Attackers are using an oft-used and still effective lure to steal credentials to key Microsoft apps by sending emails notifying potential victims that they have a voicemail message, researchers have found. One aspect of the campaign that does set it apart from other similarly themed attacks is that it involves "More research and effort as the attacks are customized for each target," he said.

A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees' Office365 and Outlook login credentials, Zscaler warns. The campaing seems to be a repeat of a previous, similar one, and targets security solution providers, software security developers, supply-chain organizations in manufacturing and shipping, healthcare and pharmaceutical firms, and the US military.

Someone is trying to steal people's Microsoft 365 and Outlook credentials by sending them phishing emails disguised as voicemail notifications. These emails were detected in May and are ongoing, according to researchers at Zscaler's ThreatLabz, and are similar to a phishing campaign launched a couple of years ago.

A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials. The operation is ongoing and the threat actor behind it uses fake voicemail notifications to lure victims into opening a malicious HTML attachment.

More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found. Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years.

A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially escalate their access to targeted organizations and gain access to various internal services and steal highly sensitive information," SonarSource said in a report shared with The Hacker News.

New features in Metasploit 6.2.0. Capture plugin - While Metasploit has always included modules to steal credentials on a network, a new 'Capture' plugin has been introduced that offers a more streamlined approach.

The "New and improved" version of Emotet is exhibiting a "Troubling" behavior of effectively collecting and using stolen credentials, "Which are then being weaponized to further distribute the Emotet binaries," Charles Everette from Deep Instinct revealed in a blog post this week. In April, Emotet malware attacks returned after a 10-month "Spring break" with targeted phishing attacks linked to the threat actor known as TA542, which since 2014 has leveraged the Emotet malware with great success, according to a report by Proofpoint.

A cybercriminal stole 1 million Facebook account credentials over 4 months. As phishing attacks continue to be a go-to for threat actors, one scam found that a user had stolen a million Facebook account credentials over a span of just four months.

An Interpol-led operation code-named Killer Bee has led to the arrest and conviction of a Nigerian man who was said to have used a remote access trojan to reroute financial transactions and steal corporate credentials. Interpol linked the suspects to a syndicate of Nigerian fraudsters using a RAT known as Agent Tesla to access business computers and divert monetary transactions to their own accounts.