Attackers abuse OAuth applications to hack Microsoft Exchange servers
Microsoft warned of malicious OAuth applications attacking cloud users by hijacking Exchange servers. The cybercriminals aim to spread large amounts of spam.
According to Microsoft, cybercriminals have launched credential-stuffing attacks against users with Exchange accounts that lack multi-fact... Read more
GitHub warns of phishing campaign with ‘many victims’
Several GitHub users were hit by a phishing campaign over the past few days. “While GitHub itself was not affected, the campaign has impacted many victims", the organization warned.
The attackers send emails in the style of CircleCI, a popular DevOps platform. The cybercriminals claim that the... Read more
‘Twilio’s hackers hit more than 130 organizations’
The recent attack on Twilio appears to be part of a much larger hacking operation. More than 130 other companies were affected.
According to Group-IB, the login credentials and sensitive information of approximately 10,000 employees were captured in a large-scale hacking operation. Organizations... Read more
Cyberattack hits Twilio, customer data at risk
Cybercriminals accessed Twilio's customer data by phishing employees. The organization confirmed the cyberattack in a blog post.
Twilio develops communications and security software. The organization works for more than 150,000 customers, including Facebook and Uber. Twilio reveals that cybercr... Read more
‘Half of the most popular websites are vulnerable to pre-hijacking’
Cybercriminals don't need initials, bank accounts or passwords to steal accounts. An email address is often enough. New research from Microsoft raises concerns.
We often think that cybercriminals require varies data to steal user accounts. For example, a date or place of birth, which can be use... Read more
Phishers breach British healthcare system
Cybercriminals hacked into the mail system of the UK's National Health Service. Breached employee accounts are used to send phishing mails.
There are signs of a scandal. The incident wasn't reported by the National Health Service (NHS). It took an independent security provider to break the news.... Read more
Zscaler observed nearly 880 million phishing attacks in 2021
Zscaler observed nearly 880 million phishing attacks in 2021. The number of attempts rose by 29 percent worldwide.
Zscaler develops a security platform for business networks and endpoints. The platform monitors more than 40 billion data transactions per day. Suspicious traffic is intercepted an... Read more
Mailchimp hacked, crypto wallets at risk
Cyber criminals have hacked email marketing platform Mailchimp. The hackers targeted user data to carry out phishing attacks on crypto wallets.
In total, the hackers stole data from 102 Mailchimp customers, the email marketing platform indicates in an email to tech site Bleeping Computer.... Read more
Cloudflare acquires Area 1 Security for 145 million euros
Cloudflare is acquiring email security specialist Area 1 Security for 145 million euros ($162 million). Cloudflare aims to further expand its security portfolio.
The acquisition provides Cloudflare with a platform that helps email programs protect against phishing and malware attacks such as ran... Read more
Microsoft provides defense against the “ice phishing” on the blockchain
As the adoption of Web3 and blockchain technologies rise, Microsoft warns the De-Fi network (world of finance) about a new cyber threat: ‘Ice Phishing.’
The rapid progress in decentralized technologies, smart contracts, blockchain, DeFi, metaverse, and Web3 has sparked a fire in the cryptogr... Read more