Security News

A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft. At the time, the researchers revealed that the adversary behind the campaign was leveraging trusted domains to ensure that phishing emails successfully bypass email protections.

Cybercriminals ruthlessly exploited the coronavirus pandemic to set up phishing websites that posed as Pfizer, BioNTech and other household-name suppliers of vaccines and PPE, according to Palo Alto Networks. In a post published today, Palo Alto's Unit 42 threat intel division said COVID-themed phishing lure URLs "Largely centered around Personal Protective Equipment and testing kits in March 2020, government stimulus programs from April through the summer 2020 and vaccines from late fall 2020 onward."

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Ongoing Office 365-themed phishing campaign targets executives, assistants, financial departmentsA sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries. As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leakMicrosoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March.

Sony's new PS5 is one topic ripe for exploitation, especially since the new console is in short supply due to a scarcity of semiconductor chips. A Friday report from security firm Kaspersky explains how a new scam promising a PS5 is playing out and offer tips on how to avoid taking the bait.

A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise attacks, according to a new report from Area 1 Security. These new, sophisticated attacks are aimed at C-suite executives, their assistants and financial departments, and can work around email security and Office 365 defenses.

A new phishing campaign is targeting U.S. taxpayers with documents that purport to contain tax-related content, but ultimately deliver NetWire and Remcos malware - two prolific remote access trojans which allows attackers to take control of victims' machines through a new phishing email scheme, Cybereason discovered. The new infection process is designed to evade antivirus tools and tricks targets into installing the malware via a tax-themed Word Document containing a malicious macro that downloads an OpenVPN client on the targeted machine.

US taxpayers are being targeted by phishing attacks attempting to take over their computers using malware and steal sensitive personal and financial information. "The potential for damage is serious and the malware allows threat actors to gain full control over a victim's machine and steal sensitive information from users or their employers."

A sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries. The threat actors are leveraging phishing kits and a number of sophisticated methods at every step of the attack.

Phishing sites are now using JavaScript to evade detection by checking whether a visitor is browsing the site from a virtual machine or headless device. Cybersecurity firms commonly use headless devices or virtual machines to determine if a website is used for phishing.