Cybersecurity researchers at Microsoft have identified a massive phishing campaign that is distributing trojan malware to create a backdoor into Windows systems, stealing usernames, passwords, and other sensitive information from victims. The phishing messages deliver the latest version of the Java-based STRRAT malware. The email campaign consists of utilizing compromised

Attackers are targeting Microsoft and Google Clouds to perform mass phishing attempts, sending roughly 52 million malicious messages leveraging the likes of Office 385, Azure, OneDrive, SharePoint, G-Suite, and Firebase storage. The reported influx in phishing attempts was recorded in Q1 of 2021 and is likely a result of threat

Website Planet researchers recently uncovered an AWS S3 web bucket left unsecured by FastTrack Reflex Recruitment, which has been renamed to TeamBMS. The database included personal information pertaining to tens of thousands of jobseekers and held sensitive data and documents such as dates of birth, email addresses, full names, home

In the aftermath of a destructive ransomware attack against the Irish Health Service Executive (HSE), the Irish government has warned that sensitive medical information and other patient data may be leaked. Officials have condemned any public release by the attackers of stolen patient data, stating that the move would be

A new malware on Android impersonating the Google Chrome App has spread to hundreds of thousands of people. The app is a part of a hybrid cyberattack that also uses mobile phishing to steal credentials. Targets first receive an SMS text asking for custom fees to be paid to release

Researchers at Armorblox have discovered two new phishing scams seeking to trick customers of JPMorgan Chase Bank into submitting login credentials. Both of the identified scams utilize social engineering and brand impersonation tactics to deceive targets into believing the messages are legitimate. One scam involved email notifications that appeared to

Costo Wholesale Corporation has released a scam warning, advising its customers to be wary of more than a dozen digital scams currently targeting its customer base. Costco posted screenshots of 14 fraudulent emails, texts, and posts, in which cybercriminals are impersonating Costco to scam its customers. It seems as though

The Cybersecurity and Infrastructure Security Agency (CISA) has advised cybersecurity researchers to be aware of a recent phishing campaign that targets professionals within the field. The attacks were first disclosed in January and were found to be targeting researchers working on vulnerability research and development within various organizations. The individuals

The Internal Revenue Service (IRS) has warned of a scam targeting college students. The scam is a phishing attempt in which the perpetrators are posing as the IRS with subject lines such as “Tax Refund Payment,” according to a warning released by the agency. The IRS sought to alert educators,

The US Department of Justice has arrested almost 500 individuals for criminal activity relating to the Covid-19 pandemic. Many cybercriminals have been leveraging the pandemic to launch more convincing cyber campaigns such as phishing attacks, capitalizing on widespread public fear. The US government has observed campaigns pushing fraudulent Covid-19 ‘treatments,’