New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Troja… Continue reading New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to prote… Continue reading Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Phishing is still the most commonly used attack on organizations, survey says

The survey found that the majority of cyberattacks – 75% – came from outsiders, while 25% were due to insiders. Continue reading Phishing is still the most commonly used attack on organizations, survey says

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Phishing works no matter how hard a company tries to protect its customers or employees.

Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat Protect… Continue reading Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Phishers’ Favorite Brands to Spoof

Phishers are always looking for a better brand to spoof and improve their success rates. They’re quick to switch out brands to keep their bait fresh, too. Keeping the tally of their favorites in a given period may afford insights into attack trends, b… Continue reading Phishers’ Favorite Brands to Spoof

Phishing attack exposes data of more than a million patients across Midwest

Nearly 1.4 million people across the U.S. Midwest may have had their personal information exposed in a data breach at one of the region’s largest health care networks.  UnityPoint Health, a network of hospitals, clinics, and home care services in Iowa, Illinois, and Wisconsin, said this week that multiple internal email accounts were compromised between March 14 and April 3, following a series of phishing attacks.  The phishing emails were disguised to appear to have originated from a “trusted executive” within UnityPoint Health.  The stolen data included patient names, addresses, dates of birth, extensive medical records including surgical information and lab results, insurance information and, in some cases, Social Security, bank account, and driver’s license numbers.  According to UnityPoint Health’s press release, the attack was likely financially motivated, rather than focused on obtaining patient information, as the hackers tried to use the company’s email system to divert payroll or vendor payments.  Stolen personal […]

The post Phishing attack exposes data of more than a million patients across Midwest appeared first on Cyberscoop.

Continue reading Phishing attack exposes data of more than a million patients across Midwest

Why did Maria Butina want info on a phished civil rights group?

Maria Butina, the Russian national accused of spying on the U.S., took a keen interest in a D.C.-based organization’s cybersecurity vulnerabilities soon after the group was hit by phishing attempts and its website was defaced with fake Islamic State messaging, according to a consultant who helped the group recover from the incident. The organization, which works on civil rights issues, was targeted through a “social engineering campaign,” said Jon Steinman, the co-founder of HillCyber, a cybersecurity consultancy. Soon afterward, Butina sent an email to the organization “asking to come meet with folks and interview them about their vulnerabilities,” said Steinman, who declined to name the group. Although the indictment against Butina centers on how she ingratiated herself with U.S. conservatives, her interest in left-leaning organizations also has been documented — the Washington Post reported that in the summer of 2017, “Butina began probing groups on the left … trying unsuccessfully to interview a D.C.-based civil rights group about […]

The post Why did Maria Butina want info on a phished civil rights group? appeared first on Cyberscoop.

Continue reading Why did Maria Butina want info on a phished civil rights group?

Email Phishers Using A Simple Way to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cyber criminals and email scammers are using in the wild to bypass most AI-powered phishing detection mechanisms implemented by widely used email services and web security scanners.

Continue reading Email Phishers Using A Simple Way to Bypass MS Office 365 Protection

Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links

Security researchers revealed a way around that some hacking groups have been found using in the wild to bypass a security feature of Microsoft Office 365, which is originally designed to protect users from malware and phishing attacks.

Dubbed Safe Li… Continue reading Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links