August 27, 2024 at 10:05AM A massive QR code phishing campaign exploited Microsoft Sway to host landing pages, targeting Microsoft 365 users primarily in Asia and North America. The attacks dramatically surged in July 2024, contrasting minimal activity in the first half of the year. Tactics included using QR codes to direct users to malicious … Read more
August 22, 2024 at 05:43PM Qilin ransomware group deployed a custom stealer to harvest Google Chrome credentials, constituting a concerning shift in ransomware tactics. The attack involved gaining network access, 18 days of reconnaissance, credential theft via PowerShell script, event logs deletion, and ransomware deployment. Organizations are advised to prohibit browser secret storage, implement multi-factor … Read more
August 21, 2024 at 12:36PM Researchers have uncovered a critical security flaw in Microsoft’s Copilot Studio (CVE-2024-38206) that allows unauthorized access to sensitive information. Microsoft has addressed the vulnerability and stated no customer action is required. The disclosure follows the announcement of security flaws in Microsoft’s Azure Health Bot Service and the upcoming enforcement of … Read more
August 20, 2024 at 06:42AM Microsoft will make multi-factor authentication (MFA) mandatory for all Azure customers starting in October. This measure aims to reduce the risk of account compromise and data breaches. Notifications will be sent out to customers to prepare for the enforcement date, and various MFA options will be available, with exceptions until … Read more
August 19, 2024 at 09:43AM Microsoft is ramping up account protection in Azure with mandatory multi-factor authentication (MFA) starting in October. This move aims to enhance security and will gradually apply to all tenants. Microsoft is notifying customers in advance and offers various MFA options. The tech giant emphasizes the effectiveness of MFA in preventing … Read more
August 13, 2024 at 04:54AM Law enforcement agencies in the US, Germany, and the UK announced the disruption of Radar/Dispossessor ransomware group’s infrastructure, targeting various sectors. The group made 43 victims globally and was led by an individual known as “Brain”. Multiple servers and domains were taken down, and 12 individuals associated with the group … Read more
August 7, 2024 at 11:12AM The UK’s Information Commissioner’s Office has announced its intent to fine the Advanced Computer Software Group £6.09 million due to a ransomware attack on the National Health Service. Personal data of 82,946 patients was compromised, causing disruption to the 111 call service. The attack was linked to inadequate security measures, … Read more
August 7, 2024 at 08:54AM The Rapid7 Ransomware Radar Report 2024 reveals an alarming increase in ransomware attacks and leaks, surpassing 2023 levels. The report points to a rising threat of ransomware, particularly through the double extortion of encryption and data exfiltration. Additionally, it highlights the activities of key ransomware groups and emphasizes the critical … Read more
August 1, 2024 at 03:03PM Attackers are using hijacked Facebook pages to lure victims into downloading a seemingly legitimate AI photo editor, but ultimately serving up a widely distributed infostealer, the Lumma stealer, to steal user credentials and sensitive information. The malvertising campaign exploits AI’s popularity and various tactics to deliver malware, with phishing being … Read more
July 26, 2024 at 03:37PM Cryptocurrency exchange Gemini experienced a data breach due to a cyberattack at its ACH service provider. A third-party breached the system, affecting customers’ banking information, including full names, bank account numbers, and routing numbers used for ACH fund transfers. The incident has been contained, and an investigation is ongoing. Recipients … Read more