Getty Images reader comments 9 Hundreds of Microsoft Azure accounts, some belonging to senior executives, are being targeted by unknown attackers in an ongoing campaign that’s aiming to steal sensitive data and financial assets from dozens of organizations, researchers with security firm Proofpoint said Monday. The campaign attempts to compromise targeted Azure environments by sending… Read More »
reader comments 48 On Sunday, a report from the South China Morning Post revealed a significant financial loss suffered by a multinational company’s Hong Kong office, amounting to HK$200 million (US$25.6 million), due to a sophisticated scam involving deepfake technology. The scam featured a digitally recreated version of the company’s chief financial officer, along with… Read More »
Enlarge / A woman scans a QR code in a café to see the menu online. reader comments 27 The US Federal Trade Commission has become the latest organization to warn against the growing use of QR codes in scams that attempt to take control of smartphones, make fraudulent charges, or obtain personal information. Short… Read More »
Wired staff; Getty Images reader comments 46 with For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they’re revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray… Read More »
Enlarge / Man hand holding a mobile phone with QR code. Getty Images reader comments 92 with Phishing mongers have released a torrent of image-based junk emails that embed QR codes into their bodies to successfully bypass security protections and provide a level of customization to more easily fool recipients, researchers said. In many cases,… Read More »
Getty Images reader comments 69 with Share this story Microsoft on Tuesday profiled software for sale in online forums that makes it easy for criminals to deploy phishing campaigns that successfully compromise accounts, even when they’re protected by the most common form of multi-factor authentication. The phishing kit is the engine that’s powering more than… Read More »
Getty Images | Carol Yepes reader comments 32 with 0 posters participating Share this story Hackers have devised a way to bypass ChatGPT’s restrictions and are using it to sell services that allow people to create malware and phishing emails, researchers said on Wednesday. ChatGPT is a chatbot that uses artificial intelligence to answer questions… Read More »
Enlarge / Using Teams in a browser is actually safer than using Microsoft’s desktop apps, which are wrapped around a browser. It’s a lot to work through. reader comments 65 with 41 posters participating Share this story Microsoft’s Teams client stores users’ authentication tokens in an unprotected text format, potentially allowing attackers with local access… Read More »
Enlarge / This is definitely not a Razer mouse—but you get the idea. (credit: calvio via Getty Images) There has been a recent flurry of phishing attacks so surgically precise and well-executed that they’ve managed to fool some of the most aware people working in the cybersecurity industry. On Monday, Tuesday, and Wednesday, two-factor authentication… Read More »
Enlarge (credit: Getty Images) At least two security-sensitive companies—Twilio and Cloudflare—were targeted in a phishing attack by an advanced threat actor who had possession of home phone numbers of not just employees but employees’ family members as well. In the case of Twilio, a San Francisco-based provider of two-factor authentication and communication services, the unknown… Read More »