FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
High-volume phishing campaign delivers Phorpiex malware via malicious Windows Shortcut files
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions
Misconfigurations abused to make phishing emails look like they come from within the organization
A surge in phishing attacks exploiting Microsoft’s OAuth device code flow has been identified by Proofpoint
Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide
Phishing campaign unveiled MostereRAT, targeting Windows systems with advanced evasion techniques
A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes
The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity
A new attack targeting Microsoft Teams users used vishing, remote access tools and DLL sideloading to deploy a JavaScript backdoor
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware
A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API
Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts
A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations
A new PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients
SmokeLoader malware identified targeting Taiwanese firms via phishing, exploiting Microsoft Office vulnerabilities
Microsoft has seized 240 websites associated with the “ONXX” phishing-as-a-service operation, and has sued the developer of this service