Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication (MFA). "The attackers then used the stolen credentials and session cookies to access affected users' mailboxes and perform follow-on business email … [Read more...] about Microsoft Warns of Large-Scale AiTM Phishing Attacks Against Over 10,000 Organizations
attacks
Ransomware attacks can and will shut you down
No, ransomware attacks are not random. From extortion to data breaches, ransomware is always evolving, and is becoming very lucrative with ransomware-as-a-service kit making it easier to target organizations. The days of just a single bad actor searching for vulnerabilities in your security stack are over. Security Operations Centers (SOCs) and the security analyst community … [Read more...] about Ransomware attacks can and will shut you down
Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. "The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims," Interpol said in a … [Read more...] about Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks
A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia. Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed Cobalt Illusion … [Read more...] about Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks
Detecting Targeted Attacks on Public Cloud Services with Cisco Secure Cloud Analytics
The Public Cloud and Security Responsibility Across many businesses, leveraging services offered and hosted by public cloud providers such as AWS proves to be extremely advantageous for both improving operational efficiencies, cost savings, scaling, and for security. For AWS customers, Lambda functions are a great example of this advantage in providing a useful way to execute … [Read more...] about Detecting Targeted Attacks on Public Cloud Services with Cisco Secure Cloud Analytics
Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets … [Read more...] about Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks
A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. "An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would … [Read more...] about 15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks
Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia's invasion of Ukraine. Google's Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia's … [Read more...] about Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access … [Read more...] about Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
The Easy Solution for Stopping Modern Attacks
Modern cyberattacks are multifaceted, leveraging different tools and techniques and targeting multiple entry points. As noted in the CrowdStrike 2022 Global Threat Report, 62% of modern attacks do not use traditional malware and 80% of attacks use identity-based techniques, meaning that attacks target not only endpoints, but also cloud and identity layers with techniques that … [Read more...] about The Easy Solution for Stopping Modern Attacks