attacks
-
Blog
Microsoft Defender for Office 365 now blocks email bombing attacks
Microsoft says its Defender for Office 365 cloud-based email security suite will now automatically detect and block email bombing attacks. Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or Office 365 ATP) protects organizations operating in high-risk industries and dealing with sophisticated threat actors from malicious threats from email messages, links, and collaboration tools. “We’re introducing…
Read More » -
Blog
3 key takeaways from the Scattered Spider attacks on insurance firms
Scattered Spider continues to dominate the headlines, with the latest news linking the hackers to attacks on U.S. insurance giant Aflac, Philadelphia Insurance Companies, and Erie Insurance, disclosed through SEC Form 8-K filings which indicate the theft of sensitive customer data and operational disruption. This comes at the same time that Google Threat Intelligence Group shared that it “is now…
Read More » -
Blog
Citrix Bleed 2 flaw now believed to be exploited in attacks
A critical NetScaler ADC and Gateway vulnerability dubbed “Citrix Bleed 2” (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices. Citrix Bleed 2, named by cybersecurity researcher Kevin Beaumont due to its similarity to the original Citrix Bleed (CVE-2023-4966), is an out-of-bounds memory read vulnerability that allows unauthenticated…
Read More » -
Blog
Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within the energy, oil, and gas sectors. The hackers rely on legitimate AWS cloud services (AWS, Cloudfront, API Gateway, Lambda) to keep the command and control (C2) infrastructure hidden. ClickOnce is a deployment technology from Microsoft that…
Read More » -
Blog
Financial impact of cyber attacks on UK retailers laid bare in new report
Cyber attacks against M&S and Co-op earlier this year cost anywhere between £270 million to £440m, according to analysis by the Cyber Monitoring Centre. In April, British retailers were targeted with a series of ransomware attacks, with M&S taking down online sales and later admitting customer data was stolen. Co-op shut down aspects of its own IT system to limit…
Read More » -
Blog
APT28 hackers use Signal chats to launch new malware attacks on Ukraine
The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. To be clear, this is not a security issue in Signal. Instead, threat actors are more commonly utilizing the messaging platform as part of their phishing attacks due to its increased usage by governments worldwide.…
Read More » -
Blog
Aflac discloses breach amidst Scattered Spider insurance attacks
On Friday, American insurance giant Aflac disclosed that its systems were breached in a broader campaign targeting insurance companies across the United States by attackers who may have stolen personal and health information. Aflac (short for American Family Life Assurance Company) is the largest supplemental insurance provider in the U.S. and a Fortune 500 company that provides insurance services to…
Read More » -
Blog
Facebook rolls out passkey support to fight phishing attacks
Passkeys can replace traditional passwords with your device’s own authentication methods. That way, you can sign in to Gmail, PayPal, or iCloud just by activating Face ID on your iPhone, your Android phone’s fingerprint sensor, or with Windows Hello on a PC. Built on WebAuthn (or Web Authentication) tech, two different keys are generated when you create a passkey: one…
Read More » -
Blog
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and has successfully hijacked multiple accounts, say researchers at cybersecurity company Proofpoint, who attribute the activity to a threat actor called UNK_SneakyStrike. According to the researchers, the peak of the campaign happened on January…
Read More » -
Blog
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. Researchers at Citizen Lab say that the victims were a prominent European journalists who requested anonimity and Ciro Pellegrino, a journalist at Italian publication Fanpage.it. “Our analysis finds forensic evidence confirming with high confidence that…
Read More »