December 3, 2024 at 04:52AM North Korea-aligned Kimsuky is linked to phishing attacks using Russian sender addresses to steal credentials. These attacks, primarily targeting South Korean users, exploit email services and impersonate institutions like Naver. Kimsuky utilizes compromised servers and tools for spoofing to evade security, aiming for account hijacking and further attacks. ### Meeting … Read more
December 2, 2024 at 05:41PM A new phishing campaign exploits Microsoft Word’s file recovery feature with corrupted document attachments, evading security measures. These emails, disguised as payroll communications, prompt users to scan a QR code leading to a credential-stealing site. Most antivirus solutions fail to detect these attachments, enhancing their effectiveness. ### Meeting Takeaways 1. … Read more
November 29, 2024 at 05:33AM Researchers warn of a phishing-as-a-service (PhaaS) toolkit, Rockstar 2FA, targeting Microsoft 365 credentials through email campaigns. Utilizing adversary-in-the-middle (AitM) attacks, it bypasses multi-factor authentication (MFA). Promoted features assist cybercriminals in executing campaigns with minimal expertise, leading to significant potential financial losses for victims. ### Meeting Takeaways – Cybercrime / Cloud … Read more
November 27, 2024 at 08:03AM Multi-stage cyber attacks involve complex tactics, such as embedding malicious links in documents and using QR codes, to evade detection. Current methods include multi-stage redirects and email attachments, often leading to phishing pages. Tools like ANY.RUN’s sandbox can analyze these threats, providing insights to strengthen defense strategies against such attacks. … Read more
November 19, 2024 at 07:35AM Maryland AI company iLearningEngines reported a $250,000 loss from a wire transfer fraud linked to a business email compromise scheme. Following the incident, the company activated its cybersecurity response plan and engaged external experts. Despite containing the situation, iLearningEngines faces potential legal scrutiny and adverse impacts on operations and stock … Read more
November 18, 2024 at 08:14AM Scammers are exploiting the Microsoft 365 Admin Portal to send sextortion emails that bypass spam filters by using the legitimate “o365mc@microsoft.com” address. These emails claim to have compromising content and demand payment. Microsoft is investigating this abuse, but users should remain vigilant and not respond to these scams. ### Meeting … Read more
November 18, 2024 at 07:03AM Google is developing a feature called Shielded Email that enables users to create unique email aliases for online sign-ups, enhancing privacy and reducing spam. This follows similar features from Apple and others. Additionally, Google has launched the Android System Key Verifier for improved security in messaging through encryption keys. ### … Read more
November 12, 2024 at 04:47PM Microsoft revealed a critical vulnerability (CVE-2024-49040) in Exchange Server 2016 and 2019, allowing email spoofing by forging legitimate senders. Discovered by Vsevolod Kokorin, the flaw leads to exploitation risks. Microsoft has released updates for detection and added warning banners for suspicious emails, urging users to maintain security features. ### Meeting … Read more
November 12, 2024 at 10:15AM Cybersecurity researchers warn of GoIssue, a tool for orchestrating large-scale phishing attacks on GitHub users by extracting emails from profiles. Marketed by a threat actor, it enables customized mass email campaigns, increasing risks of data theft and breaches. Additionally, a new two-step phishing attack uses compromised Microsoft files. ### Meeting … Read more
November 12, 2024 at 09:32AM GoIssue is a new tool enabling cybercriminals to extract email addresses from GitHub profiles for bulk email attacks on users, highlighting vulnerabilities in GitHub’s security for developers and corporate supply chains. The article discusses its implications for online security. **Meeting Takeaways:** 1. **Introduction of GoIssue Tool**: A new tool named … Read more