The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.
The U.S. Justice Department has announced the seizure of domains used in Nobelium spear-phishing attacks previously identified by Microsoft last week.
The Microsoft Threat Intelligence Center (MSTIC) has uncovered a “sophisticated email-based attack” operated by NOBELIUM, as part of a wide-scale malicious email campaign.
The FBI issued a private industry notification of cyber criminals targeting employee credentials via voice phishing or “vishing” attacks.
Security researchers have spotted malicious cyber actors targeting the COVID-19 vaccine cold chain via a global phishing cyber campaign.
Hackers are using thousands of legitimate emails accounts to launch impersonation and business email compromise (BEC) attacks against thousands of organizations.
Attackers hacked into a number of Twitter internal systems and took over 45 high profile Twitter accounts, to include those from celebrities, politicians and large organizations.