Threat actors’ use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months. “The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud apps,” Netskope security researcher Jan Michael said. Cloudflare R2, analogous to Amazon Web Service…

A Microsoft 365 phishing campaign has targeted over 100 companies since March and successfully compromised accounts belonging to senior business executives. The attackers used EvilProxy, a phishing toolkit that uses reverse-proxy tactics to bypass multifactor authentication (MFA). “Contrary to what one might anticipate, there has been an increase in account takeovers among tenants that have…

An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. Authorities in Indonesia arrested the site’s alleged administrator and another man, while Japanese police arrested an additional suspect, Interpol announced Tuesday. The site, 16shop, has been in existence since at least 2017. It…

For cybercriminals looking to attack businesses, email continues to be the preferred attack vector. Despite a rapidly changing technology landscape with new innovations such as ChatGPT, cybercriminals are opting to adapt their email-based techniques to improve old tactics rather than create new methods altogether. This is largely because email provides cybercriminals with a direct line…

Attackers are increasingly targeting users through their mobile devices, attacking vulnerabilities in services that are built into applications and mounting increasing numbers of SMS phishing attacks. That’s according to mobile security firm Zimperium’s 2023 “Global Mobile Threat Report,” which also found that the average number of unique mobile malware samples grew 51% in 2022, totaling…

The Iran-linked threat group known as APT35 (aka Charming Kitten, Imperial Kitten, or Tortoiseshell) has updated its cyberattack arsenal with improved abilities to hide its actions, as well as an upgraded custom backdoor that it’s distributing via a spear-phishing campaign. The advanced persistent threat (APT) has been alleged to be operating out of Iran and…

Expert instructors from the SANS Institute here yesterday detailed what they cite as the most dangerous forms of cyberattacks for 2023. Some of the key themes bubbling to the surface included the intersection of AI with attack patterns and the ways that attackers are taking advantage of highly flexible development environments. “This is my favorite…

Ukrainian law enforcement busted a transnational group of scammers that used more than 100 phishing websites to defraud Europeans. The Cyber Police of Ukraine and the Security Service of Ukraine, together with Czech law enforcement agencies, detained 19 individuals across Ukraine and the EU, including Ukrainian and Belarusian nationals. Ukrainian authorities said Thursday the suspects…