Bloomberg reports: Microsoft Corp. customers were targeted in a massive phishing campaign that has sought to defraud users in 62 countries since December. Recently, the malicious emails have evolved to capitalize on the pandemic, according to Microsoft. The attack “targeted business leaders across a variety of industries, attempting to compromise accounts, steal information and re-direct…
Category: Phishing
Hakbit ransomware campaign targeting specific European countries
Derek Kortepeter reports: Proofpoint researchers have published findings on a campaign involving the Hakbit ransomware. As their blog post states, the ransomware is being spread via spear-phishing emails targeted at individuals in “mid-level positions across the pharmaceutical, legal, financial, business service, retail, and healthcare sector.” The attacks, described as low-volume, are specifically targeting employees of organizations located in…
UnityPoint Health Reaches $2.8M Settlement Over 2018 Data Breach
There’s an update to the litigation stemming from two UnityPoint Health phishing incidents that were discovered within months of each other in 2018. Part of the lawsuit was thrown out in 2019, but negligence claims were allowed to go forward. Not surprisingly, that seemed to result in a settlement. Jessica Davis reports: Iowa Health System,…
Phishing attacks impersonate QuickBooks invoices ahead of July 15 tax deadline
Heads up! Lance Whitney describes the type of campaign CEOs and employees need to remain vigilant about: The campaign analyzed was aimed at a cutting-edge technology company, a tempting target for cybercriminals looking for maximum profits. In the first wave, the cybercriminals spoofed QuickBooks, a product commonly being used in advance of the July 15…
Microsoft 365 phishing campaign exploits Samsung, Adobe, and Oxford University
Lance Whitney reports: Microsoft is a popular brand for cybercriminalsto impersonate in phishing campaigns. The company’s products are used by a vast number of people, both personally and professionally. Plus, gaining access to someone’s Microsoft credentials can open the key to an array of associated websites and services. One particular campaign analyzed by cyber threat intelligence…
Covid-19 Relief: North Korea Hackers Lazarus Planning Massive Attack on US, UK, Japan, Singapore, India, South Korea?
Bhaswati Guha Majumder reports: North Korea-based hacking group Lazarus is planning to launch broader phishing attacks designed as COVID-19 relief efforts against six countries including Singapore, targeting more than five million individuals and businesses (small, medium, and large enterprises), warned a security firm. CYFIRMA, a threat intelligence and cybersecurity platform company, has exposed the malicious…