An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security. These fake messages have landed in about 80,000 inboxes so far.
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
CISA, citing a new report by IBM, is warning organizations involved in COVID-19 vaccine production and distribution of a global phishing campaign targeting the cold storage and transport supply chain. Many vaccines in development must be kept at low temperatures before being administered.
Interpol the international law enforcement organization, is warning of a potential surge in organized crime activity tied to COVID-19 vaccines. The alert follows recent reports of spikes in alleged cyberattacks by suspected North Korean hackers against companies working on vaccines and treatments.
Europol, along with the other law enforcement agencies in Europe, prevented payment fraud losses of $47.5 million by targeting fraudsters who were selling stolen card data on darknet websites known as card shops.
Interpol, Nigerian law enforcement agencies and security firm Group-IB have collectively uncovered a massive Nigerian business email compromise gang that was active across more than 150 countries. Three suspected members have been arrested in Nigeria.
A Chinese advanced persistent threat group has recently begun ramping up its activities with a new phishing campaign leveraging updated malware that's targeting diplomatic missions around the world to collect data and monitor communications, according to Proofpoint.
Last week, fraudsters targeted two cryptocurrency platforms by accessing domains managed by GoDaddy, according to notices published by the victimized firms. The domain register company previously has had issues with unauthorized access.