Collaborate Disseminate
Security researchers came across a phishing email that used a Google Ad redirect as a part of its efforts to steal victims’ Microsoft credentials. Cofense found that the email originated from the legitimate email address “info@jtpsecurity[…. Continue reading Phishing Email Uses Google Ad Redirect to Steal Microsoft Credentials
A subsidiary of the Dussman Group suffered a ransomware infection in which malicious actors stole and publicly leaked its data. As reported by Bleeping Computer, the operators of Nefilim ransomware made good on a promise made back in March to begin pub… Continue reading Dussman Group Subsidiary Struck by Ransomware that Leaked Its Data
Phishers leveraged fake automated messages from collaborative platform Sharepoint as a means to target users’ Office 365 credentials. Abnormal Security found that the phishing campaign began with an attack email that appeared to be an automated m… Continue reading Phishers Using Fake Sharepoint Messages to Target Office 365 Details
The Cybersecurity & Infrastructure Security Agency (CISA) and the National Security Agency (NSA) laid out a series of recommendations for critical infrastructure owners and operators to protect their operational technology (OT) assets. In an alert … Continue reading CISA, NSA Lay Out Recommendations for Protecting OT Assets
Security researchers discovered a multi-platform malware framework called “MATA” that had succeeded in targeting victims worldwide. On Securelist, Kaspersky Lab revealed that it had shared its discovery of MATA with its Threat Intelligence … Continue reading Multi-Platform Malware Framework ‘MATA’ Claimed Victims Worldwide
An assisted living services provider in Maryland revealed a data security incident in which attackers encrypted some of its information. In an update posted to its website, Lorien Health Services revealed that the security incident had occurred back on… Continue reading Assisted Living Services Provider Discloses Data Security Incident
Security researchers detected a clever new phishing campaign that abused three enterprise cloud services in an attempt to steal victims’ credentials. On July 18, Bleeping Computer revealed that the phishing campaign’s attack emails claimed … Continue reading Cloud Services Abused by Clever Phishing Campaign
Security researchers discovered a new Android banking malware family called “BlackRock” that targets 337 mobile applications. ThreatFabric found that BlackRock hid its icon when it first launched itself on a mobile device. It then posed as … Continue reading BlackRock Android Banking Malware Targeting 337 Mobile Apps
A man received prison time for helping to conduct an identity theft and fraud scheme that targeted thousands of veterans and U.S. service members. On July 9, the Office of Public Affairs at the U.S. Department of Justice announced that Chief U.S. Distr… Continue reading Man Gets Prison Time for Identity Theft Scheme Targeting Veterans
Security researchers observed some variants of the TrickBot malware family mistakenly warning victims that they had suffered an infection. Advanced Intel’s Vitali Kremez traced the mistake to “password-stealing grabber.dll.” This modu… Continue reading TrickBot Malware Warning Victims of Infection by Mistake