Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials
Legacy Windows protocols are still exposing organizations to credential theft, Resecurity found
A new campaign has been observed using malicious Windows shortcuts in credential-themed ZIP files to deploy PowerShell script
Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
A new malware campaign targeting Windows and Linux systems has been identified, deploying tools for evasion and credential theft
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Microsoft has warned of a long-running credential stealing campaign from Russia’s APT28
Russian-linked Anonymous Sudan claims to have stolen credentials
Researchers detail the DLL side-loading technique used to deploy malware that facilitates credential theft and lateral movement
The findings come from security researchers at Cisco Talos
Harvesting API keys and secrets from AWS SES, Microsoft Office 365 and other services
The attack bypassed both SPF and DMARC email authentication checks