Jess Weatherbed reports: Over 130 organizations, including Twilio, DoorDash, and Cloudflare, have been potentially compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials belonging to nearly 10,000 individuals were stolen by attackers who imitated the popular single sign-on service Okta, according to a report from cybersecurity outfit Group-IB. Read more…
Category: Phishing
UAE: Cybercriminal arrested for trying to embezzle Dh2.8 million in phishing scam
Afkar Ali Ahmed reports: The Sharjah Police have arrested a 32-year-old man who tried to embezzle Dh2.8 million after hacking an advertisement company’s bank account. The Asian suspect committed the cyber fraud through phishing, the police said. Lt.-Col. Muhammad bin Haider, acting head of the Buhaira Comprehensive Police Station, said the suspect was arrested within…
How many breaches has Overlake Medical Center & Clinics experienced in the past few years?
In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake Medical Center and Clinics, the covered entity (CE), reported that multiple employees were the victims of an…
Hacker accesses injured workers’ personal info in cyberattack on North Dakota agency
It’s not often we see a breach report from North Dakota. Forum reports: The North Dakota Workforce Safety & Insurance agency was a victim of a cybersecurity attack on June 28 that involved personal data, according to a statement released by WSI on Friday, Aug. 19. According to the statement: A Workforce Safety & Insurance…
Disrupting SEABORGIUM’s ongoing phishing operations
From Microsoft’s Blog: The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state interests. Its campaigns involve persistent phishing and credential theft…
Chile: Empresa Nacional Del Petroleo spared from financial losses in BEC attack by alert bank
ENAP (Empresa Nacional Del Petroleo), is a Chilean state-owned company engaged in the exploitation, production, refining, and marketing of oil and its derivatives. It reports administratively to the Ministry of Energy. As Nicolas Parra Tapia and Felipe Diaz Montero recently reported, well-known Nigerian cybercriminals had targeted ENAP in a wire transfer scheme. It was only…