phishing Archives - Securezoo

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA

Authentication, Cloud Security, Cybersecurity Articles, Cybersecurity Attacks, Identity & Access Management / Frank Crast / November 22, 2022 / AitM, Azure, credentials, Microsoft, pass-the-cookie, phishing

The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.

Microsoft: Attackers are increasingly using token theft in cyberattacks to bypass MFA Read More »

Researchers warn shoppers to beware of Black Friday hacker scams

Messaging Security, Phishing, Social Engineering / Frank Crast / November 20, 2022 / Black Friday, Check Point, Cyberscam, phishing

Researchers from Check Point Research are warning shoppers to beware of Black Friday hacker “holiday special” scams.

Researchers warn shoppers to beware of Black Friday hacker scams Read More »

Attackers exploit open redirect vulnerability on Amex and Snapchat sites

Cybersecurity Attacks, Phishing, Vulnerabilities & Exploits / Frank Crast / August 16, 2022 / Amex, Cybersecurity Threat Center, Docusign, FedEx, Google Workspace, INKY, Microsoft, Microsoft 365, phishing, redirect, Snapchat

Attackers have been exploiting a well-known open redirect vulnerability on American Express and Snapchat sites to phish for victim’s personal data.

Attackers exploit open redirect vulnerability on Amex and Snapchat sites Read More »

Interpol operation “First Light 2022” leads to thousands of arrests of social engineering scammers worldwide

Cybercrime, Fraud, Phishing, Social Engineering / Frank Crast / June 17, 2022 / Cybercrime, Cybersecurity Threat Center, First Light 2022, Interpol, phishing, Ponzi, scammer, social engineering

Interpol has arrested thousands and seized millions of US dollars from social engineering scammers worldwide involved in telecommunication fraud, business mail compromise (BEC) and associated money laundering.

Interpol operation “First Light 2022” leads to thousands of arrests of social engineering scammers worldwide Read More »

Justice Department seizes domains used in Nobelium spear-phishing attacks

Cybersecurity Attacks, Messaging Security, Phishing / Frank Crast / June 2, 2021 / C2, DOJ, Microsoft, MSTIC, Nobelium, phishing, Spearphishing, U.S Department of Justice, USAID

The U.S. Justice Department has announced the seizure of domains used in Nobelium spear-phishing attacks previously identified by Microsoft last week.

Justice Department seizes domains used in Nobelium spear-phishing attacks Read More »

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’

Cybersecurity Attacks, Malware, Messaging Security, Phishing / Frank Crast / May 28, 2021 / Constant Contact, email, GoldMax, Microsoft, MSTIC, phishing, SolarWinds, Sunburst, Teardrop

The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.

Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’ Read More »

FBI: Cyber criminals target employee credentials via voice phishing attacks

Cybercrime, Cybersecurity Attacks, Phishing / Frank Crast / January 18, 2021 / COVID-19, DHS, FBI, phishing, vishing, VPN

The FBI issued a private industry notification of cyber criminals targeting employee credentials via voice phishing or “vishing” attacks.

FBI: Cyber criminals target employee credentials via voice phishing attacks Read More »

Threat actors targeting COVID-19 vaccine cold chain

Cybersecurity Attacks, Phishing, Third-Party Security / Frank Crast / December 8, 2020 / Agent Tesla, CCEOP, cold chain, COVID-19, Gavi, Haier, malware, phishing, third party, X-Force

Security researchers have spotted malicious cyber actors targeting the COVID-19 vaccine cold chain via a global phishing cyber campaign.

Threat actors targeting COVID-19 vaccine cold chain Read More »

Malicious accounts used in BEC attacks against 6,600 organizations

Cybersecurity Attacks, Messaging Security, Phishing / Frank Crast / August 11, 2020 / AOL, Barracuda, BEC, Gmail, hackers, phishing, Scam, Shark Tank

Hackers are using thousands of legitimate emails accounts to launch impersonation and business email compromise (BEC) attacks against thousands of organizations.

Malicious accounts used in BEC attacks against 6,600 organizations Read More »

Twitter provides update on high profile account hacking incident

Cybersecurity Attacks, Phishing / Frank Crast / July 20, 2020 / Obama, phishing, Scam, Twitter

Attackers hacked into a number of Twitter internal systems and took over 45 high profile Twitter accounts, to include those from celebrities, politicians and large organizations.

Twitter provides update on high profile account hacking incident Read More »