Discovered in or around the beginning of March, the Microsoft Outlook vulnerability was found to affect several applications from the Microsoft 365 Apps Enterprise stack, including MS Office 2019, 2016, 2013, and LTSC.

The users receive an SMS with information on the status of a fictional package, presumably ordered from outside of the country. Also, they are informed of the fact that the delivery has failed due to the customs fee not being paid.

The Lorenz gang chose to get inside organizations’ networks by leveraging critical flaws in Mitel telephony systems. After the initial access, the threat actor remains silent for months and then exfiltrates and encrypts files using a backdoor.

Cyble researchers determined that, in order to target a variety of well-known applications, the attackers are actively changing and customizing their phishing websites. Aurora targets data from web browsers and crypto wallets, among others.

Contacted by an anonymous reader, Heimdal was made aware that numerous Danish smartphone owners have been flooded by cryptic messages from a user that goes by the moniker of “Dansk-game.”

Hive group laid bare the files that were allegedly stolen after breaking into LCMHS systems. Bills of materials, cards, contracts, medical information, papers, medical records, scans, residents, and other documents are among the files listed.

During the attack, BTC.com lost about $700,000 worth of crypto owned by its clients and $2.3 million in digital assets owned by the company. The company has recovered some of the stolen cryptocurrency despite not disclosing the amount.

Multiple high-impact vulnerabilities affecting Thunderbird, Firefox ESR, and Firefox were fixed by updates from Mozilla. The bugs might have given arbitrary code execution if they were successfully exploited.

Researchers discovered a new sub-economy linked to cybercriminal activity: hackers scamming each other for millions of dollars. This practice led to the apparition of arbitration rooms in forums to settle conflicts.

The breach allegedly happened in November, with details made available only on the dark web. Passports, paystubs, and other details on Intersport customers are included in a sample file that media outlet Numerama claims Hive leaked on the dark web.