Hacking, Phishing and Security Intelligence

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

Security Affairs

NOVEMBER 18, 2020

Microsoft is tracking an ongoing Office 365 phishing campaign aimed at enterprises that is able to detect sandbox solutions and evade detection. Microsoft is tracking an ongoing Office 365 phishing campaign that is targeting enterprises, the attacks are able to detect sandbox solutions and evade detection.

Phishing

Phishing Social Engineering Passwords Security Intelligence

North Korea-linked APT Emerald Sleet is using a new tactic

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. The IT giant recommends training users about phishing and employing attack surface reduction rules. LNK shortcut files, disguised as Office documents.

Phishing

Phishing Malware Security Intelligence Hacking

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. — Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021.

Phishing

Phishing Banking Passwords Malware

Phishing campaign leverages Google Translate as camouflage

Security Affairs

FEBRUARY 8, 2019

Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. The phishing campaign targets both Google and Facebook accounts, the use of Google Translate allows the attackers to make the phishing page as a legitimate form from a Google domain.

Phishing

Phishing Mobile Security Intelligence Advertising

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. Pierluigi Paganini.

Phishing

Phishing Accountability Hacking Surveillance

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

The Hacker News

FEBRUARY 6, 2025

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).

Malware

Malware Phishing Security Intelligence Hacking

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware

Malware Phishing Security Intelligence Hacking

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. com , an Arabic-language computer hacking forum. 001 for his security research and bug hunting.

DNS

DNS Penetration Testing Malware Hacking

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing

Phishing Media Hacking Education

Crooks continues to use COVID-19 lures, Microsoft warns

Security Affairs

MAY 13, 2020

Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan. SecurityAffairs – COVID-19, hacking). Pierluigi Paganini.

Phishing

Phishing Advertising Security Intelligence Banking

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Advertising Accountability

Organizations in aerospace and travel sectors under attack, Microsoft warns

Security Affairs

MAY 13, 2021

Threat actors conducted a spear-phishing campaign using messages that were specifically designed to be of interest to the targeted organizations. pic.twitter.com/aeMfUUoVvf — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. SecurityAffairs – hacking, Microsoft). ” concludes Microsoft.

Security Intelligence

Security Intelligence Phishing Malware Hacking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware

Malware Security Intelligence Banking Phishing

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Phishing Malware

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

The recent large scale campaign uncovered by Microsoft aimed at the service providers was uncovered by Microsoft researchers, in order to avoid detection, threat actors repetitively changed tactics and used a broad range of hacking tools and malware. SecurityAffairs – hacking, cyber security). Pierluigi Paganini.

Telecommunications

Telecommunications Technology Hacking Malware

A week in security (June 28 – June 4)

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance

Cyber Insurance Social Engineering Scams Insurance

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware

Malware Phishing DNS Cybercrime

A week in security (August 9 – August 15)

Malwarebytes

AUGUST 16, 2021

Synology NAS devices are under attack from StealthWorker PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday Thief pulls off colossal, $600m crypto-robbery…and gives the money back If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam Twitter says it out loud: removing anonymity will not stop online abuse Microsoft’s (..)

Social Engineering

Social Engineering Scams VPN Phishing

Staying a Step Ahead of the Hack

Webroot

DECEMBER 11, 2020

As it turns out, it’s easier to hack our trust than our computers. Standard phishing tactics – Phishing techniques include website spoofing emails appearing to come from an official source asking you to reset your password or confirm personal data. After clicking the link and entering the info, your security is compromised.

Hacking

Hacking Social Engineering Engineering Phishing

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

“Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. SecurityAffairs – hacking, CISA). Pierluigi Paganini.

Government

Government Banking Advertising Malware

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. SecurityAffairs – hacking, BISMUTH). Experts also speculate that Bismuth hackers are exploring new ways of generating revenue from compromising systems.

Cryptocurrency

Cryptocurrency Antivirus Government Manufacturing

Microsoft warns of a large-scale BEC campaign to make gift card scam

Security Affairs

MAY 8, 2021

link] pic.twitter.com/HTqYsUlCSn — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021. To make the emails appear legitimate, the attackers used fake replies, an increasingly common technique in phishing emails. pic.twitter.com/oZaqAv3FYa — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021.

Scams

Scams Manufacturing Security Intelligence Internet

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

APRIL 18, 2020

pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020. This week’s campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message from a non-profit offering free COVID-19 test.

Malware

Malware Advertising Security Intelligence Phishing

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. ” The attack chain starts with spear-phishing messages containing a malicious link that leads the potential victims to an LNK file. Pierluigi Paganini.

Antivirus

Antivirus Malware Advertising Security Intelligence

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. A surprising 91.5

Encryption

Encryption Malware Ransomware Firewall

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

Chief Hacking Officer: Yevi, where are you at with London bank hack?”. Chief Hacking Officer: What? You committed that hack two weeks ago!”. Security kinda tough get inside.”. Chief Hacking Officer: When you should have never committed this hack.”. Hackers Also Have Financial Reporting And Quotas :).

Hacking

Hacking CISO Cybersecurity Banking

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

Whilst this is concerning, when talking to executives outside of security, like I did on a recent masterclass with Nowcomm , it’s vital they understand of the following: 1. These days, hacking as a service is cheap. Security intelligence comes with a high pay off. All attacks are not sophisticated. million.

Cyber Risk

Cyber Risk Risk Cybersecurity Technology

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. VoIP phishing and impersonation also victimized millions of corporate employees across the world , contributing to an even greater cyber threat.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Cybersecurity Checklist for Political Campaigns

Lenny Zeltser

MAY 3, 2019

Campaign attackers have been highly effective at fooling victims into revealing their logon credentials to copycat websites (phishing). Attackers stole campaign participants’ access credentials. They’ve also tricked people into granting malicious applications access to email and other sensitive resources. government.

Cybersecurity

Cybersecurity Social Engineering Authentication Software

Cyber Security Informer

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

North Korea-linked APT Emerald Sleet is using a new tactic

Trending Sources

HTML Smuggling technique used in phishing and malspam campaigns

Phishing campaign leverages Google Translate as camouflage

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

French Firms Rocked by Kasbah Hacker?

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Crooks continues to use COVID-19 lures, Microsoft warns

Iran-linked Phosphorous APT hacked emails of security conference attendees

Organizations in aerospace and travel sectors under attack, Microsoft warns

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Microsoft warns of “massive campaign” using COVID-19 themed emails

Russia-linked Nobelium APT targets orgs in the global IT supply chain

A week in security (June 28 – June 4)

Threat actor has been targeting the aviation industry since at least 2018

A week in security (August 9 – August 15)

Staying a Step Ahead of the Hack

CISA alert warns of Emotet attacks on US govt entities

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft warns of a large-scale BEC campaign to make gift card scam

Trickbot is the most prolific malware operation using COVID-19 themed lures

A new Astaroth Trojan Campaign uncovered by Microsoft

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

Hackers Also Have Financial Reporting And Quotas :)

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Cyber Security Awareness and Risk Management

Cybersecurity Checklist for Political Campaigns

Stay Connected