Phishing Archives | ThreatsHub Cybersecurity News

Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to Russia, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America.
The post New Russia-affiliated actor Void Blizzard targets critical sectors for espionage appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

August 8, 2023 TH Author

Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks

Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy.
The post Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

April 13, 2023 TH Author

Threat actors strive to cause Tax Day headaches

With U.S. Tax Day approaching, Microsoft has observed phishing attacks targeting accounting and tax return preparation firms to deliver the Remcos RAT and compromise target networks.
The post Threat actors strive to cause Tax Day headaches appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

March 13, 2023 TH Author

DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit

DEV-1101 is an actor tracked by Microsoft responsible for the development, support, and advertising of several AiTM phishing kits, including an open-source kit capable of circumventing MFA through reverse-proxy functionality.
The post DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

November 17, 2022 TH Author

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

DEV-0569’s recent activity shows their reliance on malvertising and phishing in delivering malicious payloads. The group’s changes and updates in delivery and payload led to distribution of info stealers and Royal ransomware.
The post DEV-0569 finds new ways to deliver Royal ransomware, various payloads appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

August 15, 2022 TH Author

Disrupting SEABORGIUM’s ongoing phishing operations

The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM in campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft.
The post Disrupting SEABORGIUM’s ongoing phishing operations appeared first on Microsoft Security Blog. READ MORE HERE…

Networkworld

August 11, 2022 TH Author

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group

Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account. READ MORE HERE…

Microsoft Secure

July 12, 2022 TH Author

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).
The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

February 16, 2022 TH Author

‘Ice phishing’ on the blockchain

Our recent analysis of a phishing attack connected to the blockchain reaffirms the durability of threats like social engineering, as well as the need for security fundamentals to be built into related future systems and frameworks.
The post ‘Ice phishing’ on the blockchain appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

January 26, 2022 TH Author

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA

We uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign.
The post Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA appeared first on Microsoft Security Blog. READ MORE HERE…