Malicious Office 365 Apps Are the Ultimate Insiders

Credit to Author: BrianKrebs| Date: Wed, 05 May 2021 12:27:50 +0000

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Read more

Task Force Seeks to Disrupt Ransomware Payments

Credit to Author: BrianKrebs| Date: Thu, 29 Apr 2021 12:26:09 +0000

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

Read more

Are You One of the 533M People Who Got Facebooked?

Credit to Author: BrianKrebs| Date: Tue, 06 Apr 2021 18:55:53 +0000

Ne’er-do-wells leaked personal data — including phone numbers — for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out.

Read more

Ransom Gangs Emailing Victim Customers for Leverage

Credit to Author: BrianKrebs| Date: Mon, 05 Apr 2021 21:38:38 +0000

Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim’s customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up.

Read more

Can We Stop Pretending SMS Is Secure Now?

Credit to Author: BrianKrebs| Date: Tue, 16 Mar 2021 22:30:28 +0000

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we’re learning about an entire ecosystem of companies that anyone could use to silently intercept text messages intended for other mobile users.

Read more

Warning the World of a Ticking Time Bomb

Credit to Author: BrianKrebs| Date: Tue, 09 Mar 2021 21:04:07 +0000

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a “web shell” backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim’s other computers. Researchers are now racing to identify, alert and help victims, and hopefully prevent further mayhem.

Read more

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Credit to Author: BrianKrebs| Date: Fri, 05 Mar 2021 21:07:07 +0000

At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

Read more

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Credit to Author: BrianKrebs| Date: Tue, 02 Mar 2021 21:19:17 +0000

Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.

Read more