Attackers targeted a major US energy company with a phishing campaign that overall sent more than 1,000 emails armed with malicious QR codes aimed at stealing Microsoft credentials. The campaign, discovered by Cofense in May, used both PNG image attachments and redirect links associated with Microsoft Bing and well-known business applications — including Salesforce and…
Threat actors’ use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months. “The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud apps,” Netskope security researcher Jan Michael said. Cloudflare R2, analogous to Amazon Web Service…
A government department in Colorado is the latest victim of a third-party attack by Russia’s Cl0p ransomware group in connection with the MOVEit Managed File Transfer platform. Department officials say that the group stole the personal health data of about 4 million members of state health programs from IBM-managed systems. On May 31, the Colorado…
Hardcoded credentials in the Dell Compellent storage array service could enable attackers to take over enterprise VMware environments for any organizations running those two services in collaboration. Dell Compellent reached its end of life in 2019, and holds less than a 1% share of the data storage market, according to Enlyft. However, organizations still using…
A Microsoft 365 phishing campaign has targeted over 100 companies since March and successfully compromised accounts belonging to senior business executives. The attackers used EvilProxy, a phishing toolkit that uses reverse-proxy tactics to bypass multifactor authentication (MFA). “Contrary to what one might anticipate, there has been an increase in account takeovers among tenants that have…
An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. Authorities in Indonesia arrested the site’s alleged administrator and another man, while Japanese police arrested an additional suspect, Interpol announced Tuesday. The site, 16shop, has been in existence since at least 2017. It…
After vulnerabilities were found in the TETRA communications protocol that powers industrial control systems globally, researchers have revealed new research showing multiple additional zero-day vulnerabilities in a Motorola base station and system chip. Both are required to run and decrypt the TETRA communications algorithm, potentially exposing sensitive information. TETRA, or Terrestrial Trunked Radio, is a…
The Biden administration says it want to get ahead of ransomware attacks against schools before tens of millions of pupils resume studies later this month. Typically understaffed and underfunded when it comes to cybersecurity, American K-12 schools have experienced a ramp-up in ransomware attacks, particularly after the novel coronavirus pandemic forced hasty adoption of remote…
A five-year old vulnerability in Fortinet SSL VPNs remains one of the most widely exploited flaws in enterprise networks, despite repeat patch warnings. So say cybersecurity officials across the U.S. and its Five Eyes intelligence alliance partners in a new joint security advisory detailing the 12 most common vulnerabilities and exposures that were most “routinely…
Qualys, Inc. (NASDAQ: QLYS), a provider of disruptive cloud-based IT, security and compliance solutions, today announced it is opening up its risk management platform to AppSec teams to bring their own detections to assess, prioritize and remediate the risk associated with first-party software and its embedded open source components. In the digital transformation era, every…