20 May 2020

Microsoft warns of ‘massive’ phishing attack pushing legit RAT

Microsoft’s Security Intelligence team has recently warned users of a phishing campaign with a COVID-19 theme that installs NetSupport Manager remote, an administration tool. The campaign is spreading the tool through various malicious Excel attachments on emails pretending to be from the Johns Hopkins Center, providing information on the number

Read More
15 May 2020

New Microsoft 365 Sign-in Pages Already Spoofed for Phishing

Microsoft’s newly updated sign-in pages have already been succumbed to phishing campaigns by attackers. The new sign-in page update was created in an attempt to lower the bandwidth requirements of the pre-existing Azure AD sign-in pages. Additionally, it allowed Microsoft users to more easily determine if they were the potential

Read More
13 May 2020

Healthcare giant Magellan Health hit by ransomware attack

Yesterday, Magellan Health Inc. disclosed that it was the victim of a ransomware attack occurring on April 11, which resulted in theft of personal information from a corporate server. Magellan Health is a Fortune 500 for-profit managed health care and insurance firm whose customers include other managed care organizations, labor

Read More
13 May 2020

Coronavirus-related cyberattacks surge to 192,000 in one week

Cyberattackers have been capitalizing on the ongoing pandemic, using it to lure new victims, often through enticing malicious links advertising fraudulent vaccine or treatment information. They have also been creating phishing emails, suspicious or malicious websites, infected downloads such as apps and files, and other content that aim to trap

Read More
04 May 2020

Microsoft Teams Impersonation Attacks Flood Inboxes

According to security researchers at Abnormal Security, Microsoft Teams has been hit by two separate attacks targeting as many as 50,000 users. The campaigns reportedly aim to phish Office 365 logins. The cyberattacks impersonate notifications from Microsoft Teams in order to prompt the victim to enter login credentials, which are

Read More
04 May 2020

TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy

IBM X-Force recently disclosed that malicious actors are spreading the TrickBot trojan through fake messages that are COVID-19 themes. The new campaign capitalizes on public concern and interest in the Department of Labor’s Family and Medical Leave Act (FMLA). IBM X-Force stated that they uncovered the campaign after the analysis

Read More
01 May 2020

Microsoft Sway Abused in Office 365 Phishing Attack

According to an analysis released by Group-IB on Thursday, a threat actor group called PerSwaysion has attacked Microsoft services, compromising at least 150 executives in a targeted phishing campaign. The attacks were effective in gathering the Office 365 credentials of the executives since mid-2019. The campaign’s success was attributed to

Read More
30 Apr 2020

Pharma Giant ExecuPharm Suffers Data Breach/Ransomware Combo

According to major US pharmaceutical firm ExecuPharm, the company was hit by a cyberattack on March 13 in which threat actors attacked the company’s IT systems with ransomware and demanded payment in return for decryption. The pharmaceutical firm stated that their servers were encrypted as a result of the attack

Read More
28 Apr 2020

Fake Fedex and UPS delivery issues used in COVID-19 phishing

The online shopping and home delivery industries have experienced an influx over the past several weeks as people socially isolate and telecommute. Threat actors have been capitalizing on this recent adjustment, creating new scams luring victims through fake Coronavirus delivery issue emails. The emails contain malicious links or open malware.

Read More
20 Apr 2020

COVID-Themed Phishing Messages Fill Phishing Filters on Gmail

Google has stated that nearly a fifth of all phishing email messages that have been identified on its Gmail platform feature COVID-19 as part of their content, using the pandemic to lure victims into malicious links and attachments. The giant stated that last week, they saw roughly 18 million email

Read More