Widespread credential phishing campaign abuses open redirector links

Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links, which allow attackers to use a URL in a trusted domain and embed the eventual final malicious URL as a parameter.
The post Widespread credential phishing campaign abuses open redirector links appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Trend-spotting email techniques: How modern phishing emails hide in plain sight

By spotting trends in the techniques used by attackers in phishing attacks, we can swiftly respond to attacks and use the knowledge to improve customer security and build comprehensive protections through Microsoft Defender for Office 365 and other solutions.
The post Trend-spotting email techniques: How modern phishing emails hide in plain sight appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Spotting brand impersonation with Swin transformers and Siamese neural networks

Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In this blog, we discuss our latest innovation toward developing another detection layer focusing on the visual components of brand impersonation attacks.
The post Spotting brand impersonation with Swin transformers and Siamese neural networks appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Risks in Telecommunications IT Sr. Threat Researcher Sr. Threat Researcher Sr. Threat Researcher Manager, Threat Research

We summarize the characteristics, threats, and recommendations to improve the security posture of enterprises’ and telecommunications companies’ IT infrastructure. Read More HERE…

Read more

Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment

Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the Phorphiex botnet continues to maintain a large network of bots and generates wide-ranging malicious activities. These activities have expanded to include cryptocurrency mining. Read our in-depth research into this botnet.
The post Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment appeared first on Microsoft Security. READ MORE HERE…

Read more

Business email compromise campaign targets wide range of orgs with gift card scam

Read our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft targeting the consumer goods, process manufacturing and agriculture, real estate, discrete manufacturing, and professional services sectors.
The post Business email compromise campaign targets wide range of orgs with gift card scam appeared first on Microsoft Security. READ MORE HERE…

Read more

What tracking an attacker email infrastructure tells us about persistent cybercriminal operations

Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to email campaigns in real-time.
The post What tracking an attacker email infrastructure tells us about persistent cybercriminal operations appeared first on Microsoft Security. READ MORE HERE…

Read more