Collaborate Disseminate
Cybercriminals set up three different CAPTCHAs that Office 365 targets must click through before the final phishing page. Continue reading Microsoft Office 365 Phishing Attack Uses Multiple CAPTCHAs
Researchers say that the campaign sidesteps end user detection and security solutions. Continue reading Spammers Smuggle LokiBot Via URL Obfuscation Tactic
In addition to Windows and Linux machines, a new variant of the malware now targets Mac and Android devices. Continue reading InterPlanetary Storm Botnet Infects 13K Mac, Android Devices
The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion. Continue reading Android Spyware Variant Snoops on WhatsApp, Telegram Messages
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable. Continue reading Microsoft Exchange Servers Still Open to Actively Exploited Flaw
Researchers warn of emails pretending to help business employees upgrade to Windows 10 – and then stealing their Outlook emails and passwords. Continue reading Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials
FinSpy has returned in new campaigns targeting dissident organizations in Egypt – and researchers uncovered new samples of the spyware targeting macOS and Linux users. Continue reading Mac, Linux Users Now Targeted by FinSpy Variants
Twitter has fixed a caching issue that could have exposed developers’ API keys and tokens. Continue reading Twitter Warns Developers of API Bug That Exposed App Keys, Tokens
Privacy fears are blasting off after Amazon’s Ring division unveiled the new Always Home Cam, a smart home security camera drone. Continue reading Ring’s Flying In-Home Camera Drone Escalates Privacy Worries
An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks. Continue reading Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks