Russian Cyberattackers Launch Multi-Phase PsyOps Campaign
Operation Texonto spanned several months, using various Russian propaganda lures and spear-phishing to misinform and trick users into giving up Microsoft 365 credentials.
Phishing uses deceptive messages to steal credentials or deliver malware, while user verification, MFA, and email filtering reduce the risk.
Search across headline titles and summaries.
Background for this topic.
Phishing is deceptive communication—by email, text, phone, or a fake website—that impersonates a trusted person or service to make someone disclose credentials, approve a transaction, reveal sensitive information, or run harmful software. Attackers use it to bypass technical controls by persuading a legitimate user to perform an action, and may target employees, customers, administrators, or suppliers.
Its impact can include account takeover, unauthorized payments, exposure of personal or business data, and access to internal systems. The most effective control for stolen-password phishing is phishing-resistant multi-factor authentication, such as hardware-backed passkeys or security keys, which binds authentication to the legitimate site. Organizations should also filter and authenticate messaging where possible, use password managers, restrict risky actions, train users to verify unusual requests through a separate channel, and provide rapid reporting so suspected credentials or sessions can be revoked.
Operation Texonto spanned several months, using various Russian propaganda lures and spear-phishing to misinform and trick users into giving up Microsoft 365 credentials.
The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being stolen through malicious form fields. [...]
Kaspersky explained the fraudulent emails prompted recipients to enable two-factor authentication
3 Suspects Charged With Using Sugar Ransomware, Phishing Attacks Against RussiansRussian authorities have reportedly arrested three accused members of the SugarLocker ransomware-as-a-service operation. Their alleged crime? Targeting Russians, although one suspect has also been tied to a massive hack of Australian health insurer Medibank and subsequent data leak.
Compromising valid identities became the top initial access vector in 2023 while phishing dropped to second place, IBM found in a new report
Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation
Trend and other private entities recently contributed to INTERPOL’s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity.
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023