Experts reported a phishing attempt targeted at Verizon that involves the use of mathematical symbols to bypass anti-phishing systems to acquire users’ Office 365 credentials. The spoofed messages pretend to be a voicemail notification with an embedded Play button. The recent campaign reflects how ...
Kaspersky unearthed a cyberespionage campaign exploiting a zero-day flaw in Windows to deliver MysterySnail malware and steal data. A connection to a Chinese-speaking APT was also established. Experts recommend organizations stay proactive and ready with adequate security measures.
Iran-linked hackers were found conducting extensive password spraying attacks against Office 365 accounts of defense technology and global maritime firms in the U.S. and Israel. The group attempts to gain access to commercial satellite imagery and proprietary shipping plans/logs. Microsoft notifie ...
The NSA clued in organizations against the use of wildcard TLS certificates that may lead to a widespread attack on an organization, as well as invite the new ALPACA TLS attack. According to researchers, around 119,000 web servers are still exposed to the new ALPACA attacks.
An Android-based phishing campaign was observed targeting customers of telecommunication services based in Japan. The malware-laced fake app steals credentials and session cookies. Experts recommend bypass such risks by avoiding apps downloads from unknown third-party stores.
New Mandiant report claims FIN12 has been dropping Ryuk ransomware rapidly across multiple sectors, with one in five victims in the healthcare sector. It targets organizations that have annual revenues over $300 million, with an average of almost $6 billion. The report found that the average time F ...
The bots are used to automatically call targets as a part of a phishing scam and lure them to giving up their OTP codes. Other bots are targeting social media users in SIM swapping and phishing attempts.