Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug
The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.
Hacks
Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack
A reported a “potentially dangerous piece of functionality” allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.
Voicemail Scam Steals Microsoft Credentials
Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details.
Facebook Messenger Scam Duped Millions
One well crafted phishing message sent via Facebook Messenger ensnared 10 million Facebook users and counting.
DragonForce Gang Unleash Hacks Against Govt. of India
In response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India.
Travel-related Cybercrime Takes Off as Industry Rebounds
Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists.
Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers
Researchers demonstrated a possible way to track individuals via Bluetooth signals.
Follina Exploited by State-Sponsored Hackers
A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets.
Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again
Deja-Vu data from this year’s DBIR report feels like we are stuck in the movie ‘Groundhog Day.’
Evil Corp Pivots LockBit to Dodge U.S. Sanctions
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.