Thousands of BEC lures use Google Forms in recon campaign
While the threat actor’s motives are not fully apparent, researchers believe it was an effort to conduct reconnaissance for future campaigns.
While the threat actor’s motives are not fully apparent, researchers believe it was an effort to conduct reconnaissance for future campaigns.
In Nov. 2020 alone, company blocked 262 million emails containing malicious, remotely hosted images.
A phishing campaign has been disguising its spam as an email chain, using messages taken from email clients on previously compromised hosts.
The poor record raises questions about whether the mobile carrier’s massive merger with Sprint left the combined company more vulnerable.
Vaccine distribution could mean a return to offices, but most experts expect a new hybrid model to emerge. Pile that on top of the already challenging situation posed by a supposed skills gap and efforts to improve diversity, and the cybersecurity community may need to redefine workforce priorities.
Enhanced email security? Growth of digital identities? Vulnerability management born from mergers and acquisitions? No more VPNs? Here, cybersecurity experts offer their take on what strategic shifts we should expect within the enterprise.
Cyber experts expect more sophisticated attacks to come – with ransomware and phishing continuing at a steady, but more advanced clip, and emerging threats tied to deepfakes and 5G beginning to show impact.
The Financial Crime Enforcement Network detailed for banks or other financial services organizations potential issues, asking the sector to be particularly attuned to ransomware attacks on distribution networks and the supply chains for the manufacture of vaccines.
The credential phishing attack impersonated the U.S. Postal Service that sought to get victims to give up their credit card credentials and pay a special delivery fee within three days to ensure package delivered.
Researchers observed a spear phishing campaign that exactly spoofed a Microsoft email domain to trick Office 365 users. This suggests Microsoft’s servers were not enforcing protective DMARC authentication protocols when communications were received – and perhaps still are not.