Security News

Once the attacker has the stolen credentials and session cookies, they can access the victim's email boxes and run a business email compromise campaign, in this case payment fraud, according to Microsoft security researchers. "While AiTM phishing isn't new, our investigation allowed us to observe and analyze the follow-on activities stemming from the campaign - including cloud-based attack attempts - through cross-domain threat data from Microsoft 365 Defender," researchers from the Microsoft 365 Defender Research Team and Microsoft Threat Intelligence Center wrote in a blog post.

At 19 minutes after 3 o'clock UK time today , the criminals behind this scam registered a generic and unexceptionable domain name of the form control-XXXXX.com, where XXXXX was a random-looking string of digits, looking like a sequence number or a server ID:. 28 minutes later, at 15:47 UK time, we received an email, linking to a server called facebook. We've highlighted the error message "Password incorrect", which comes up whatever you type in, followed by a repeat of the password page, which then accepts whatever you type in.

While Russia is fighting a physical war on the ground against Ukraine, advanced persistent threat groups affiliated with or backing Vladimir Putin's government are ramping up phishing and other attacks against Ukrainian and European targets in cyberspace, Google is warning. There have been a recent spate of distributed denial-of-service attacks against Ukrainian government sites, such as the Ministry of Foreign Affairs and the Ministry of Internal Affairs, as well as key services that help Ukrainians find information, such as Liveuamap, according to Google TAG. China's Mustang Panda also has joined the fray, using the war in Ukraine to target European entities with lures related to the Ukrainian invasion in a recent phishing campaign.

So how can organizations overcome the sudden increase in security threats and regain the upper hand against bad actors with fewer resources than ever before? Increasingly, it looks like zero-trust will become the ideal approach for doing more with less, because ultimately, it's the users and their cyber-hygiene that's the first line in phishing defense. As anyone, no matter how technically savvy, is at risk of falling victim to phishing attacks, it's vital that organizations rethink their approach to security as a whole to combat these threats.

Phishers are impersonating Proofpoint, the cybersecurity firm, in an attempt to make off with victims' Microsoft Office 365 and Google email credentials. "The email claimed to contain a secure file sent via Proofpoint as a link," they explained in a posting on Thursday.

Don't miss our cybersecurity podcast minisodes! Bliss is a hill in wine country. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

It's easy to forget that the "Obviousness" of many scam emails comes from the fact that the crooks never intended those scams for us in the first place. We received a phish this morning that specifically targeted one of the main South African banks.

Apache patches an embarrassing bug and then has to patch the patch. Oh! No! The computer that punched a user in the face.

It's the second week of Cybersecurity Awareness Month 2021, and this week's theme is an alliterative reminder: Fight the Phish! Anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it's what computer scientists or mathematical analysts call a solved game.

The Milanote app, billed as the "Evernote for creatives" by reviewers, has attracted the notice of cybercriminals who are abusing it to carry out credential-stealing campaigns that skate past secure email gateways, researchers said. According to analysis from Avanan released Thursday, attackers are looking to hook victims by starting off with a simple email.